Download the full Report and sign up for our Newsletter
A detailed report based on research undertaken by SDI and IMD Business School is also available for download.
Introduction to the Starter Kit
While there is a growing interest in the subject, organisations are often stuck getting started. This is exactly why we created this CDR Starter Kit, a practical resource for all who want to get started or are early on in exploring Corporate Digital Responsibility (CDR). It is designed to work whether you have two hours a week, or the budget to hire an entire team and is just as useful for small organisations as it is for large ones.
What is Corporate Digital Responsibility?
Corporate Digital Responsibility is a relatively new field that is gaining momentum as more aspects of our lives at work and beyond involve digital technologies. While digital technologies offer great benefits, they raise difficult ecological, social and ethical questions that need to be addressed. Corporate Digital Responsibility provides a framework to do just that and ensures that digital technologies are developed and used in a beneficial way for organisations, users and society at large.
Corporate Digital Responsibility as understood for this Starter Kit can be defined by four dimensions:
The social dimension of CDR looks at an organisation’s relationship to people and society. Topics include data privacy protection and aspects related to digital diversity and inclusion such as bridging the digital divide between geographies, social classes, age demographics and abilities.
The economic dimension raises questions about responsible management of the economic impacts of digital technologies. Topics include replacement of existing jobs by robots and the creation of the new digital-era jobs that are enriching and fulfilling. Questions also include how firms share the economic benefits of digitalisation with the broader society.
The technological dimension is directly linked to the responsible creation of the technologies themselves. For example, biased or inaccurate AI decision-making algorithms can lead to unfair or discriminatory practices. Other technologies such as deepfake videos can have harmful effects on society.
The environmental aspect in CDR concerns the connection between digital technologies and the physical environment. It raises questions about responsible recycling or the disposal of old computer equipment as well as power consumption.
Why organizations embrace their digital responsibility
CDR typically goes beyond the legal requirements. The discussion on principles can give organisations a competitive advantage and help them navigate a changing regulatory environment as they can foresee regulatory development. Such was the case with the groundbreaking privacy regulation GDPR, where organisations proactively engaging with data privacy had an easier time adjusting to new hard law. A similar development will likely be seen with future legislation such as the Digital Markets Act, the Digital Services Act, or the AI act.
“We claim that the deployment of technology must be based on a humanistic system of values. That’s why people –with all of their facets, roles, and needs –are our focus. I call this ‘human-centered technology’.”
Board of Management, Technology and Innovation, Deutsche Telekom
“People’s trust is crucial if we want to seize the opportunities offered by digital progress and minimize the risks. We have therefore developed the Code of Digital Ethics and established the Digital Ethics Advisory Panel that guide our work.”
Director Digital Ethics & Bioethics, Merck
“Having cooperative roots, our organization thinks about the long-term. We have earned a solid reputation amongst our customers who entrust their data with us as an insurance company. We recognized that if we spoiled that reputation by doing something untrustworthy with data or AI, we may block all future opportunities, whatever they may be."
Product Owner & Head FutureLab, Die Mobiliar
“Digital responsibility is a joint topic between IT and business. Those teams work closely together to explore and understand how machine learning can be managed in a responsible way."
Head Group Data Operations & Governance, SwissRe
"Our values framed what we wanted to do in the digital world, where we set our own limits, where we would go or not go. This helped us identify how we want to advance our digital transformation initiatives in a responsible way."
Manager Organizational Development and Digital Transformation, Weleda
Now you know what CDR entails and how and why you can benefit from embracing the concept. Before you start the CDR journey, take a look at some of the common challenges organisations can face when trying to implement CDR practices.
Not understanding the importance of taking responsibility
With the pace of technological development and the quick adoption of various digital technologies at scale, the discourse on responsibilities has been slow to catch up. However, the shortcomings of such ways of working are becoming more and more apparent as increasing awareness among customers and regulators fuelled by various scandals are increasingly losing trust in digital services. Digitalisation requires to be reflected on with established frameworks on sustainability and responsibility as technologies interact with those existing areas. However, there are also new questions that need to be raised due to certain characteristics of digital technologies, e.g. the tendency towards autonomy of systems. While CDR has been gaining attention in recent years, only few companies have solid CDR guidelines in place. The ones that do are mostly exposed to or handling sensitive personal information in the pharmaceutical or insurance sector.
Leaders don't see the urgency
When a company is faced with competitive or financial pressures, it is easier to communicate an urgent need for change. But when business is operating smoothly, you need to paint a compelling picture of the opportunity that digital responsibility offers to the organisation. The reality is that the external landscape is changing due to legislation and changing customer needs. Helping to anticipate these rapid changes is one way to get stakeholders onboard.
CDR is seen as counterproductive to a companies success
Voluntary and regulatory compliance to codes, principles and legislation is often perceived as a burden that slows business down. Rather than handing CDR to the compliance department, organisations can position digital responsibility within themselves as a value-enabler.
Being overwhelmed by CDR
Contrary to other fields like bioethics or environmental protection, the digital world and responsible behaviour in it is still at an early stage. Organisations often feel that they need to start at zero and are overwhelmed by the lack of guidance. Not only the width of the field but also cultural differences can be a challenge, especially for multinational organisations. Is responsible behaviour in Western Europe the same as in China? Is the US the same as in the Middle East? A CDR framework needs to be flexible and adaptable to different contexts.
Failing to transfer theory into practice
Many companies have responded to increased calls to be more digitally responsible by developing ethical frameworks to guide their digital activities. Take the example of AI – to date, more than 160 ethical frameworks for the responsible use of AI have been released by organisations such as Google, BMW, various government and industry associations, according to the German non-profit organisation AlgorithmWatch. But the adoption of ethics principles and frameworks does not necessarily lead to its implementation. Almost all the aforementioned ethical frameworks are voluntary commitments, with only a few examples having an oversight or enforcement mechanism.
Solutions to common challenges
While implementing CDR is a challenge, there is also a lot of inspiration from leading organisations. Explore the following approaches and solutions to see what might support your mission.
How to make CDR accessible
You can position CDR so that it can act as a resource for all teams that want to discuss ethical concerns or questions of digital responsibility. CDR units can provide tools but other teams are responsible for using them. In order to be easy to follow, the relevant information e.g. checklists derived from principles and values need to be easily accessible and spread widely within the organisation. For example, an interdisciplinary team composed of representatives from compliance, business security, data science and IT architecture can work to align initiatives on data strategy and ethics by sharing knowledge, providing guidance and keeping an overall view. The team can be governed by a board represented by wider stakeholders who carry information back to their respective business lines across the company, and who also alert the team to relevant issues. This two-level structure works to both guide and foster a collaborative working structure on topics related to digital responsibility.
To help line managers and developers implement digital responsibility into their initiatives, Deutsche Telekom uses a central quality gate, the privacy and security assessment (PSA) that developers of new products and services have to undertake to safeguard data privacy and security. The PSA process covers identification of relevant privacy and security requirements; as well as the covering of the ethical guidelines, before the initiative is approved for launch.
A similar process encourages initiative owners to evaluate their risks before projects are initiated, including data and AI ethics. For example, when it comes to working with data, there are a set of questions about how the data can be ensured to be used in a responsible and ethically meaningful way. These self-evaluation questions are answered by both the product developer and business line manager.
Lastly, engaging with CDR as an employee should be made as easy as possible. For example, several organisations have set up dedicated e-mail accounts where employees can send in their questions about topics related to digital responsibility.
Getting started with limited resources
Rather than creating a separate team, many organisations are choosing to distribute and embed the handing of digital responsibility topics into existing business lines. The benefits of this approach includes distributing accountability and raising awareness of digital ethics throughout the organization. A complementary approach is to develop processes to help drive digital responsibility into existing routines and practices.
Starting small and starting early
To engage with CDR, a high digital maturity is no precondition – and a lack thereof no excuse not to engage with CDR. Many organisations engaging in CDR did not have significant digital or AI related developments in place when they embarked on their CDR journey. What is more important, is an awareness of the potential risks and opportunities around digital responsibility. With digital technologies becoming ever more enmeshed in various aspects of our lives, committing to use digital technologies responsibly can feel overwhelming. Several organisations identified certain technologies or digital use-cases that are of paramount importance to them and placed the main focus on them, e.g. data analytics for a pharmaceutical company or AI for a telecommunication provider. Focus technologies vary depending on the business model at hand and helps to build principles and processes for CDR from the ground up instead of from top-down with vague principles that are then hard to implement. So if you feel overwhelmed, why not start small and on a specific use case that matters?
Leveraging external support
To address the challenge of missing frameworks, several organisations collaborated with research institutions and their ethicists to create CDR principles and processes that make sense for the organisation and also reflect the current understanding of the issue. Take a look at the additional resources linked further below on this website.
How to integrate CDR into daily business
To ensure that CDR is being put into practice, align incentives and mechanisms within the organisation. Some create new councils within the organisation that have decision power when it comes to concerns of ethics and responsibility. However, their experience also shows that such decisions are taken rarely (2-3 times a year) as their CDR frameworks already provide sufficient guidance for the organisation and their everyday questions. In cases of uncertainties or norm conflicts a council like that acts as arbiter.
An example of how to ensure committees and their recommendations are taken into serious consideration despite a lack of decision power, is to clearly and transparently document the input of CDR committees. This internal record shows that ethical concerns and questions of digital responsibility were evaluated and are accessible for all employees. The existence of this document alone increases the likelihood of decision makers to follow the recommendation given to them by the CDR committees.
Another such mechanism is public communication about the own commitments, allowing the outside to follow and evaluate the principles and actions of organisations.
How to get started
The journey towards digital responsibility varies greatly – there is no single right way to start. Different goals and priorities heavily influence each digital responsibility roadmap. Start small and iterate, iterate, iterate. The digital space is constantly evolving, just like your ideal CDR practice.
Find an entry point
We recommend identifying a topic that is relevant to your organisation, whether it is due to a pressing concern or of general interest. Some good entry points are:
- Corporate Values: Appealing to established corporate principles can serve as a jumping point, a reference and a guiding light to kickstart digital responsibility discussions and initiatives
- Data Privacy and Protection: organisations whose business models rely on the use of data can start their CDR journey building on data privacy efforts.
- Business Risk: There are many types of risks associated with digital technologies. The key is to identify in which areas of your organization may be most exposed, and focus your digital responsibility efforts there.
- Industry and national Considerations: certain industry associations and national initiatives have pooled resources to create CDR guidelines, providing a good entry point (see below for additional resources)
Get clarity on your digital exposure
Given that many organisations rely on software as a service (SaaS) or digital infrastructure as a service run by third parties, the question of how you can be responsible for something you have little control over arises. Get clear on which services you can control directly and which are managed by third parties. This will impact the scope of your Corporate Digital Responsibility practice.
Get management buy-in & engage the whole organisation
As CDR is ideally an integral part of the organisational culture, buy-in from top management is important. Various organisations have instituted location visits or training for upper management to raise awareness for digital ethics and responsibility. This can take the form of visits to specific digital hubs and innovation ecosystems or the direct participation with specific stakeholder groups e.g. workshops with researchers. It is vital that awareness for CDR is not only present e.g. on the technical level of product development teams and data scientists but all employees.
Digital responsibility can only be achieved as a shared outcome. Rarely is it a topic that remains solely in the purview of a single function or within company boundaries. It is about integrating business objectives and digital ethics. Within an organisation, digital responsibility does not rest solely within the IT function. With increased data sharing between companies and suppliers, issues related to digital responsibility do not stop at company boundaries.
Set up clear governance structures
Getting digital governance right is as crucial as it is challenging. The choice of governance model depends on the ambitions of your organisation. Digital responsibility ambitions come in many flavours – from enhancing existing operations, revamping experiences and operations in new ways, or to reinvent business models. Each ambition will dictate a different model of governance to translate the vision into a results-oriented reality. As one form of governance structure, some have established councils. These councils take different roles, such as advisory or decision-making. But there is no one-size-fits-all approach.
Invest in digital knowledge
Keeping the workforce well-informed and up-to-date on digital skills is important in this rapid era of digitalisation. Upskilling in digital knowledge encompasses having an understanding of new digital tools and technology, and the ability to understand and work with different types of data. A good understanding of technology helps to raise the right questions and builds a crucial base for discussions.
Get involved with industry and government associations
You are not alone in tackling CDR so why not join forces and exchange experiences and best practices? More and more initiatives and associations are being created around Europe in particular to foster Corporate Digital Responsibility. We list further resources at the bottom of this website.
Get in touch
Do you have an inspiring example about implementing CDR in your organisation? A helpful resource that you would like to share or a suggestion on how to improve this website?
Public Documents by Organisations
- Deutsche Telekom Privacy and Security Assessment Process
- Deutsche Telekom Supplier Code of Conduct
- Merck Code of Digital Ethics
CDR Initiatives and Resources
- Ethos Study on CDR 2021
- CDR Initiative
- BVDW CDR BuildingBloxx
- CDR Austria
- CDR Manifesto
- CDR Online Magazine
- CDR Lab
- Centre for Digital Responsibility
Further Information on Digital Trust as element of Digital Responsibility