Skip links

Data Ethics as Part of Corporate Social Responsibility

Written by Sien Ubbink, revised by Piek Visser-Knijff

This is a shortened version of the intern research report written by Sien Ubbink for Filosofie in actie. Read the full version including an interview analysis of data ethics brought in practice.

New technologies and digital advancements are being designed and developed at a constantly increasing pace. It is no stretch to state that we are highly dependent on certain technologies. Almost all organizations, whether that be private organizations or public organizations are in some way make use of (personal) data. Therefore, we must be vigilant and critical of how (mis)use of such data can greatly impact individuals, specific social groups and society as a whole. Enter the concept of ‘data ethics’: the ethical reflection of how data can be collected, stored and processed in a responsible, ethical manner. ‘Data ethics’ is therefore not a fixed set of rules or obligations, it is the process of (continuously) reflecting on how to responsibly work with all sorts of data.

There are many different possible reasons for an organization to implement data ethics throughout their organisation, such as aiming at increasing trust among their clientele or consumer-base, or (avoiding) public scandals such as data-leaks. Data ethics can also be part of a certain strategy: the Corporate Social Responsibility (CSR), Environment, Social and Governance framework (ESG) or Corporate Digital Responsibility (CDR).

Data Ethics as CSR
Corporate social responsibility is widely researched and academically discussed, but the topic is far from exhausted. The origins of this umbrella-term can be tracked back to the 1950s in the United States, but the concept began to spike in popularity around the 1980s as larger and more transnational organizations started to settle in the international playing field (Utting 2007).

To be able to somewhat operationalise the term CSR, a delimitation of the concept is due. When using the term CSR people generally roughly abide by the definition Carroll assigned to it in 1991: CSR “encompasses the economic, legal, ethical, and discretionary expectations that society has of organizations at a given point in time” (Andreasen & Drumwright 2001; Carroll 1991).

Though economic responsibility (making a profit) is at the base of a (for-profit) organization, it is also the responsibility of organizations to go beyond their economic motive and what they legally are and are not allowed to do. To partake in CSR, they must also ethically reflect on the social imperatives and consequences of their actions, especially so since organizations large and small can have many resources and have indisputable influence on the environment and society.

Taking the two outer ends of how CSR is often viewed, (1) behaving socially responsible as a form of pure philanthropy and (2) behaving socially responsible purely for economic profit, you will find the most common conception of CSR: namely that it is both. This conceptualisation of CSR combines the two to create a win-win type of approach; by behaving socially responsible as an organisation, on the long-term, you will also see economic benefits as an organisation. A key word here is ‘long-term’, since it almost always requires organizations to, at first, make extra costs and investments to improve their positive effect on society (by having to switch to the use of sustainable power or materials, for example) before seeing these investments pay off later on (Mahoney & Thorne 2005). However, we mustn’t mistake this promise of benefits on the long-term as a reason to expect that all and any organisation is eager to partake in CSR efforts. This aspect of becoming socially responsible as a long-term investment rather than something which promises short-term pay-offs, often plays as a hurdle for organisations to engage in CSR efforts. The success of CSR efforts also differs greatly upon the scope of the organisation, the country in which the organisation is embedded and the type of organisation, which can add to organisations’ scepticism or trepidation to engage with CSR (Udayasankar 2008; Wanderley et al 2008). On the other hand, refusal to partake in any form of CSR has also been proven to have a negative impact on an organization’s image and reputation in society and among the organization’s clients and/or customers (Stanaland 2011).

The convergence of socially responsible behaviour and making profits or excelling as an organisation (since non-profit organisations also engage in CSR and benefit by doing so in other ways than strictly economic profits) is often easily summarised as ‘the three P’s’ approach: focusing on people (employees, customers, the community), the planet and profit (Basham 2016).

Data ethics thus falls under CSR, acting upon the ethical expectation society has from the organisation. The economic benefits are not leading (but not absent as well) and the organization takes responsibility for their use of the data.

Data Ethics as ESG
The ‘Environmental, Social and Governance framework’ is a framework which builds upon CSR by aiming to make an organization’s CSR efforts measurable for investors or (possible) clients and consumers who wish to invest time and money into organisations that are reliable and sustainable, so as to ensure a responsible investment on their part.

ESG framework gives more clear insights into an organisations’ philanthropic, social and internal governance practices by providing organisations with ‘quantifiable indicators’ to measure the organisation’s ‘level of CSR’, as it were (Gupta 2021). By the application of numerical figures as to how organisations “treat their staff, manage supply chains, respond to climate change, increase diversity and inclusion, and build community links”, this boosts an organisation’s incentive to partake in CSR by giving them something more tangible to show to the outside world (Herden et al 2021; Gupta 2021).

Now, despite that organisations who are proactive regarding CSR behaviors, and will therefore have promising ESG indicators, this is not all about the profits. Apart from it often being (economically) wise to invest into an organisation that has a sustainable future ahead, research shows that many investors, especially those of newer generations, also wish to be a part of and support socially responsible organisations for moral reasonings, such as wanting to back organisations which reflect positive societal changes or that hold social values in high regard like sustainability and fair wage, but also issues such as privacy and data ethics (Gupta 2021). Besides investors, there is also a shift in consumer behavior. Consumers and clients are willing to lay down more money for products or services that have been produced ethically and sustainably (ibid). All in all, engaging in CSR, and if possible quantifying these efforts by the use of the indicators provided by the ESG framework, a win-win situation can truly be possible for organisations, clients, society and the environment alike, though it may take some patience and an altered business strategy.

Data Ethics as CDR
The novel concept of corporate digital responsibility is not easily defined, just as the concept of CSR from which it is derived. The concept is new, only having begun to circulate in academic discourse from around 2019 (Herden et al . 2021; Lobschat et al. 2021). CDR as conceptualised by Lobschat et al, has as its aim the encouragement of “shared values and norms [that guide] an organization’s operations with respect to the creation and operation of digital technologies and data” (Lobschat et al 2021: 876). They argue that if we believe “human behavior should be governed by moral norms and ethical considerations, then any creation, operation, impact assessment and refinement of digital technology and data should be assessed according to such rules”, hence, the birth of this novel concept (ibid).

CDR naturally immediately makes one think of the much more commonly known corporate social responsibility, as described above (Lougee & Wallace 2008: 96). The authors refer to this similarity, stating that they both fundamentally operate from the conviction that corporations (and organizations in general) have a duty and commitment toward society, and that due to their high level of power and influence they should carry the responsibility of bettering societal issues, let alone worsening them (Lobschat et al. 2021: 875-886). However, they claim the necessity of a separate concept for three reasons: (1) the unprecedented pace at which digital technologies are now being designed; (2) their malleability, meaning they are sometimes used unlike the designers have foreseen or intended; and (3) their pervasiveness, seeing as how they are increasingly inescapable in everyday and work life (ibid). Simplified, Lobschat et al claim that the basic conceptual parts of CDR as a framework include four stakeholders: organisations, individual actors, institutional/legal/governmental actors and artificial/technological actors. Besides this, they identify four lifecycle stages linked to digital technology and data, namely: the creation, operation, impact assessment and refinement of technology (Lobschat et al 2021: 875-888; Herden et al 2021: 14).

Herden et al (2021) disagree with the choice to delink it from its mother term CSR (Lobschat et al 2021; Herden et al 2021). Instead, they regard CDR as an extension of CSR, “comprising all levels of corporate responsibilities as defined in Carroll’s (1991) CSR pyramid and all domains of the Environmental, Social, Governance (ESG) framework” (Herden et al 2021: 14), which thus combines two of the aforementioned concepts. More forwardly, Herden et al therefore assign the following conceptualization to the concept of CDR: “Corporate Digital Responsibility is an extension of a firm’s responsibilities which takes into account the ethical opportunities and challenges of digitalisation” (2021: 17). Naturally, as data ethics is involved with digitization, it could be part of CDR.

All in all, it is safe to say that CSR, ESG-framework, CDR and data ethics are all intertwined in some way or form. ESG framework and CDR are extensions of the broader term of CSR, and not completely standalone concepts. Simplified: firstly, ESG framework as part of CSR aims to make CSR goals and behavior measurable. Secondly, CDR as part of CSR helps lay focus on the highly innovative, malleable and pervasive world of data and digitization, which is growing and is becoming increasingly more complex than ever before. And thirdly, when looking at the components of CSR and CDR, it is not only plausible, but rather logical that reflecting on what is (or is not) a responsible and ethical way to handle data is (or should be) an important element of CSR.

It can be concluded that data ethics can indeed be viewed as a form of corporate social responsibility. It can also be viewed as a form of corporate digital responsibility since CDR can be argued to be an extension of the broader CSR. As the theory behind CSR suggests that corporations have an ethical and philanthropic responsibility toward society, wherein they reflect on the social imperatives and consequences of their organization, this means considering the effects of their data use as well.

Organisations can of course engage in data ethics without doing so as an explicit form of CSR or CDR. Feeling a duty towards society due to the nature of your organisation (mainly public organisations, which aim to serve the public good), wanting to be law-compliant and avoid reputational harm, engaging in data ethics as a logical outcome of an organisation’s norms and values are other examples of how (representatives of) organizations explain their reasoning for engagement with data ethics besides CSR.

Photo: Clark Tibbs, Unsplash