Over the last couple of years there have been some huge PR crises for a number of major kids’ entertainment providers and social networks. Some of these PR disasters were so damaging that they led to the downfall of a number of businesses – businesses which up until that point had been highly successful. The main issue that led to their untimely demise was inadequate protection of their customers (or users whichever you prefer) from issues like cyber-bulling, trolling and sexual predators. Something as relatively harmless as SPAM also played its part in having a damaging affect on their essential advertising revenue due to lack of effective content moderation.
I've never been one for scaremongering - it's not a principle of mine to flaunt the risks in people’s faces, Crisp Thinking simply aims to deploy the best protection against such risks. However, during one recent conversation, it suddenly struck me that there is a worrying lack of information available surrounding the real risks social businesses take when they fail to protect themselves with robust online moderation.
Recently I was asked for advice about thie risks surrounding a lack of good content moderation...
A top VC was about to make a large investment in a kids’ entertainment platform (I’m going to use the Online Kids Entertainment industry as an example, but it is worth bearing in mind that these real business risks apply to any digital publisher, social network or brand), when he said: “They’ve got kids' moderation covered – but I’d thought I’d check, what are the real tangible business issues that we could be exposed to if moderation turns out it’s not up to scratch?”
In response, I pulled together the key statistics from five businesses that had suffered real-world consequences:
- A loss of 80% in advertising revenue
- An 80% drop in Monthly Active Users
- Over $10 million in investment funds pulled from three large investment institutes
- $10s millions of negative PR – probably more than they ever had in positive PR.
It quickly dawned on us both that these aren’t minor risks, they are enormous! And they are real risks that are faced by every social business. When business owners and CEOs understand these risks, their next question is, of course, 'how do we mitigate or solve them?' Any social company will know that with User Generated Content you never mitigate the risk completely, and if you intend to scale (which I really hope is in your plan) then employing a huge team of moderators without some kind of technology will only do one thing – cripple your profits. So there tends to be three common options:
- Build it internally
- Use simple off the shelf filters
- Invest in an Enterprise Moderation Solution
Now, let me explain your three content moderation options...
The first two solutions are pretty similar, you either have an internal team build a basic 'filter' and 'alert' system or you purchase an off-the-shelf filter, saving time and probably internal resource. The third option means going to one of probably five technology companies (Crisp being one of them) who have spent years investing in and designing real solutions for these complex problems. Companies in this area have developed sophisticated solutions around User Profiling, Behaviour Profiling, Device Identification, Content Analysis and Reputation Management and some such as Crisp use a combination of all five.
But instead of getting into a debate of why a company should invest in a full, proper UGC moderation solution that addresses the problem vs a ‘basic content filter’ I’d rather make comparisons using a different business area altogether - internet security (firewalls, routers, IDP etc.)...
Back in the day, it was common for companies to install and build their own firewalls - I couldn't even begin to imagine having a conversation with our Operations and Security team now about us 'building our own'. Trying to explain to a customer that we have a data breach because we chose to ‘build our own firewalls’ is not even worth thinking about. The idea of doing such a thing is ridiculous, so people choose the other option; buying off-the-shelf from a reputable provider.
These days, a firewall designed for a small office probably has a few nice, comforting features that will (probably, maybe, but not always) protect us from the majority of risks. This is fine for a office with limited data and little risk – but would I use it to protect our data centres? No way! In this instance, where the risks are so huge, working ‘most of the time’ is simply not good enough. The bigger the risk, the better the protection needs to be, so we would buy the absolute best we can afford – we’re selecting a company that puts its name to high quality solutions – along the lines of Cisco and Juniper.
Online moderation is much the same...
Simple filtering products can ‘probably’ work ‘most of the time’ when dealing with low-level risks like swearing but when the stakes are high you’re on your own – and when it does go wrong the question everyone asks from the CEO, from shareholders to customers, is simply 'did you do everything possible to prevent it?’ For me it’s about managing risk and knowing that if anything did go wrong, I could definitively say that we selected, bought and deployed the very best protection we could – and no one can ask for more than that.
The companies who have lost their advertisers, investors and brand reputation are not the only ones that had an issue; they're the ones that failed to deploy a proper solution to deal with the risk.
So what do I say when a CEO, shareholder or C level Exec asks me whether they should take a solution like Crisp Thinking, buy a cheap off-the-shelf filter, or build internally?
Simple…I ask them what level of risk they're prepared to take. Do they build their own firewalls? (I hope not), so why build their own moderation solution? Do they host their servers in secure data centres or their office? There is just no place for DIY when the risk-factor is so unbelievably high.
Nothing is 100% but you owe it to your business to remove as much of the risk as you can - especially when you realise the risk is a lot greater than first imagined. And remember when it comes to security it's about expecting the worst case scenario – preventing a disaster is much easier and safer than trying to clean up after one. So, prepare for the worst, implement the best and hopefully you will never even have to think about the solution you cleverly deployed.