Businesses are more worried than ever before about their privacy and reputations becoming compromised with exposes like the phone chats of lobbyist Niira Radia in India or the WikiLeaks’ release of diplomatic exchanges. Tata Group chairman Ratan Tata recently persuaded the Supreme Court to place privacy restrictions on state investigative agencies in the Radia tapes case. In the fallout, Tata also finds his group’s integrity questioned in a public wrangle over telecom spectrum allocations that took place two years ago. India Knowledge at Wharton explores the legal backdrop for privacy and speaks with experts from Wharton and elsewhere about how companies can best protect and manage their reputations.  

In early December, India’s Outlook magazine said it had unearthed 800 new secretly recorded conversations of lobbyist Niira Radia that are part of some 5,800 such conversations involving politicians, businessmen and journalists. Outlook and another magazine, Open, had published the first set of those tape recordings. The latest tapes “shine a mirror on the interplay between government and big business,” the magazine said. With that, it promised further details regarding how business houses may have influenced the selection of former telecommunications minister A. Raja. Raja is now facing a probe into alleged favoritism in awarding telecom spectrum at throwaway prices in 2008 that is at the center of a current rash of corruption controversies.

Rising Pitch in Corporate Speak

Tata’s privacy concerns have since reverberated across industry and rattled even Prime Minister Manmohan Singh. “I’m aware of the nervousness in some sections of the corporate sector arising out of the powers conferred upon governmental authorities to tap telephones for protecting national security and preventing tax evasion and money laundering,” Singh said at a public event. “[The powers of tapping] have to be exercised with utmost care and under well-defined rules, procedures and mechanisms so that they are not misused.” He said he would ask the cabinet secretary to look into those issues.

The Supreme Court hearing the Tata petition also stressed the right to privacy until investigations are completed. It also asked the government to specify what warranted the tape recordings. Outlook and Open magazines challenged Tata’s petition, and described it was a “private interest litigation cloaked in the form of public interest litigation.”

Tata’s concerns in the 2G controversy began with privacy protection, but have since grown to include reputation management. He figures in some of the tapes in conversations with Radia, whose PR firm Vaishnavi Communications represents the Tata Group. The Radia tapes were supposedly leaked from government agencies that authorized the tape recordings as they investigated allegations that she was a foreign intelligence agent; the government has denied leaking them. While other big-business CEOs such as the Ambani brothers Mukesh and Anil have chosen to remain quiet, Tata has tapped India’s Supreme Court to require government enforcement agencies to prevent such leaks.

Tata then sought to defend its firm Tata Teleservices in the 2G telecom scandal and blamed other telecom operators for influencing and benefitting from policy flip-flops. That provoked Rajeev Chandrasekhar, a Parliament member and former telecom entrepreneur (who had founded BPL Mobile, now part of Essar-Vodafone). Chandrasekhar accused Tata of doublespeak and said that his group benefitted from the very policy inconsistencies he had highlighted. The two have since fired verbal missiles at each other in open letters with no signs of backing down, even as telecom minister Kapil Sibal has described their exchange as “unfortunate.”

In one letter, Tata wrote to Chandrasekhar: “Your affiliation with a particular political party (the Bharatiya Janata Party, currently in the Opposition) is well known and it appears that their political aspirations and their endeavor to embarrass the Prime Minister and the ruling party may well have been the motivation behind your letter and the insinuations which you make.” Chandrasekhar responded: “On facts, your letter is not just exceptionally weak, but in fact, refuses to engage on the issues that I have raised — the yawning gap between what you say in public and what your companies do.”

The Tata-Chandrasekhar duel may play out over time, but it is the business privacy issue where Tata may have triggered a full-scale examination of existing laws. In the case of secretly recorded conversations, government ministries or agencies like the Central Bureau of Investigation are “repositories of data” and are obligated to keep them confidential, says Shardul Shroff, managing partner of Amarchand & Mangaldas & Suresh A. Shroff & Co., the country’s largest law firm. Theft of such data would be pursued like in any other case, he adds.

How the Law Sees It

In India, in information technology and the cyber world, there are “clear obligations of confidentiality and data protection,” says Shroff. The U.S. and Europe, however, have specific laws governing the privacy of health, banking or information processed by an outsourcer, he adds. In case of data privacy, the Indian government has made a conscious choice not to enact its own law after consulting with businesses because of the damage it could cause India’s outsourcing industry, Shroff says. Western firms outsourcing business processes from India prefer to apply U.S. or European laws to their contracts with Indian firms; the firms use the so-called “party autonomy” to choose the law of jurisdiction. “If India were to get into this space and say it is going to enact its own data protection law, then the effect would be to displace these contracts, which will drive away business from India,” Shroff adds.

Telecom spectrum licenses contain stipulations where the state can request intervention and tapping of phone conversations in cases involving national security or fraud investigations, according to Shroff. Such tapping requires “appropriate authorization” from a government agency such as its ministry of finance or home, and not necessarily from a court, he notes. These regulations came after 1992, when India privatized telecommunications and third-party licensees arrived. Before 1992, tapping a phone involved only the state-owned telecommunications companies and was an internal administrative matter, he adds.

Tata had said after petitioning the Supreme Court that the unauthorized publication of a private conversation between two citizens was protected by the “right to privacy” in India’s Constitution, since the publication of such conversations could seriously damage their reputation. India does not yet have a law to prevent the leakage of documents such as transcripts of phone conversations or voice recordings, says Shroff. That precisely is what the Supreme Court will hear in the Tata case, according to him. “There is an absence of law in this particular space as to when the state has tapped and the information is more than [what is needed],” he says. “When you are trying to trace fraud, it’s not that every sentence that is spoken or tapped is a statement concerning fraud; there are private statements also.” Shroff says the court will likely deliberate on questions like whether statements that don’t have anything to do with fraud should be in the public domain or should be deleted. “You don’t want a trial by media in the broad sense, or a YouTube or a Yahoo or a Gmail or a Blackberry messenger,” he adds.

The leakage of the Tata-Radia tapes “can unfairly prejudice public opinion against the company before it has a chance to defend itself in the courts,” says Stephen Kobrin, Wharton professor of management. Shroff agrees, and says Chandrasekhar’s letters to Tata are “a reflection of the prejudice created by the tapes.”

Lessons from the U.S.

The U.S. government is currently consumed by the fallout of the leakage of secret U.S. State Department cables by the nonprofit media organization WikiLeaks. However, Kobrin cautions against drawing parallels between that and the Tata-Radia tapes. “Whether or not it was a reasonable thing to do, the [WikiLeaks] tapes weren’t released as part of an effort under the law to prosecute someone,” he says. “It was just a dissemination of information that was at least inconvenient to the government and at worst may cause some serious problems.”

The privacy debate has gotten more complex with the rise of terrorism in recent years as governments have assumed special powers to collect information about their citizens. “It’s a tradeoff between national security and the rights of individuals, and different people draw that line in very different places,” says Kobrin. “A lot of people believe that you don’t protect national security by violating civil liberties — the whole point of national security is to protect civil liberties. And other people believe that their lives are threatened … and that governments must have wider powers to collect information surreptitiously. It’s a societal question and needs to be debated publicly, but it is very hard [to do so] publicly because, by definition, the information is being collected secretly.”

Andrea Matwyshyn, Wharton professor of legal studies and business ethics, says two recent U.S. cases involving Hewlett-Packard (HP) and Goldman Sachs could inform the debate between privacy protection and the public interest. “We are still debating … where it is appropriate to preserve corporate privacy versus preserving transparency and public openness,” she says. In the U.S., a “default assumption” is that the information becomes public after the government’s investigations of a company are completed and charges are filed, according to her.

But in a recent case where a Goldman Sachs computer programmer was found guilty of stealing source codes for a trading system, the company sought a closed court proceedings without reporters. The case raises questions about “the extent to which protection of trade secrets can be considered reasonable data protection practices,” Matwyshyn says.

The Hewlett-Packard case raised questions about internal surveillance and how much of it is permissible, and the relationship between officers, directors and other employees. In September 2006, HP admitted in a filing with the Securities and Exchange Commission that investigators probing internal HP leaks to the media had gained access to board members’ personal phone records by impersonating the board members, according to a Washington Post report. HP’s investigators also conducted physical and electronic surveillance of board members and reporters, the report said, quoting HP documents. HP’s then-chairperson, Patricia C. Dunn, was removed after the spying scandal became public and the company’s image took a battering.

Business houses value reputation for reasons beyond mere good feeling; it also makes tangible business sense in cases such as the ability to attract good talent or better borrowing rates. Tanya Menon Gandhi, a professor of management and organizations at Northwestern University’s Kellogg School of Management and a visiting professor at the Indian School of Business, agrees. Companies that enjoy strong reputations are able to “create a culture where they are able to employ people not just based on compensation, but where you get to be part of an idea when you work there,” she says. “People are highly motivated to bask in the reflected glory of the company — the history, the reputation and everything that it stands for.”

But companies that lose their reputation face hard choices in explaining their conduct both to employees and others they do business with. “There are two ways you can lose trust — you can lose trust if you are incompetent or if you are unethical,” says Gandhi. “Saying ‘we lacked competence’ — because we forgot, were negligent, etc. — is more forgivable than ‘we lacked ethics.’ Incompetence can be redressed, but if you are unethical you are always unethical…. It is one’s character.” All the same, she says the “incentives are negatively aligned” for companies to confess that they messed up. “The more they talk about it, the more their reputation is destroyed,” she says, referring to research on manufacturers’ recalls of defective toys by Linda Ginzel, professor of managerial psychology at the University of Chicago Booth School of Business, and a well-known consumer advocate.

Public Perceptions of Corporate Lobbying

Gandhi says “people are very judgmental about companies that use influence,” which makes it tougher for companies to be transparent about using lobbyists. “Of course we pretend that all these issues are not happening, but of course they are in every possible way, in every forum,” she says. “People don’t like to think about these processes; we feel they are manipulative and unfair. But in fact, that is the way business is done — personally, between governments and companies.” Gandhi says it may not be “acceptable,” but “influence peddling is institutionalized” in the U.S. “Do companies want communications with these government groups to be made public? Absolutely not,” she says of what may be true also for Indian companies.

“Trust builds incrementally but it declines catastrophically,” says Gandhi. “In the Indian context in particular, people are slower to trust; it’s not like in the American context where people build up their trust rapidly. We [in India] don’t just trust anybody; we trust who we know, and that is based on longstanding history. That’s why when a company is in a situation when they are losing trust, it may be hard to regain it, and it may be especially hard in the Indian context.”

Gandhi says the “new weapon” corporations have to worry about is a disgruntled employee or a disaffected member of its security team, as in the WikiLeaks case. “Everybody has their own platform with which they can broadcast and with which they can reach billions,” she says. “The interesting paradox is — even though we have so many fancy technologies now for communicating such as email, Blackberries and all that — we may be forced to go back to face-to-face meetings.”