What is the business value of harms countermeasures in digital identity systems?

Understanding, analysis, systemic framework

The new Trust over IP white paper, Overcoming Human Harms in Digital Identity Ecosystems, was published following a period of public review. The paper is in three parts:

1. A PESTLE^[1] analysis of the human harms that can occur and their impact on real people and communities, including potential mitigations and exacerbations afforded by self-sovereign or decentralized identity solutions.
2. A simple systemic framework for understanding four types of human harm 
3. Four harms mitigation strategies and examples of countermeasures

The paper’s human stories make a powerful moral case for addressing the very real human harms that arise (largely unintentionally), from the misuse, failure or appropriation of digital identity systems. 

Bottom line: businesses can derive significant commercial benefits by applying the mitigations outlined in the paper—including our guide to practical steps.

Reduced reputational, compliance and fraud risks

C-suite executives consistently rank reputational risk as their primary concern, because it accounts for 63% of a company’s market value^[2]. A recent survey of 500 business leaders across all sectors, ranked employee and customer abuse as their highest reputational risk (72%)^[3].

Societal impacts of online harms lead to higher taxes and increased regulation and compliance requirements such as the UK’s forthcoming Internet Safety Bill, the EU Digital Services Act, and the USA White House Task Force to Address Online Harassment and Abuse (June 2022). Mindful of their own reputation, government regulators are increasingly using existing powers to impose hefty fines on companies that fail to take account of human vulnerabilities. For example, Meta was fined $435.6m by the EU Commission for violating GDPR by allowing teenagers to create public accounts that shared their digital identity^[4]. This followed evidence provided by a whistleblower that Meta’s own internal research showed use of their platforms was damaging teenage girls’ mental health^[5].

The rising incidence of identity theft and associated fraud also costs businesses and society dearly. The UK’s National Fraud Database, reports a 22% increase (2020-2021) in identity-related fraud^[6], costing companies an average of £398,520 per annum^[7]. An EU report found that 24% of fraud victims suffered financial losses (direct harms in the ToIP harms framework), while a whopping 79% suffered emotionally^[8] (felt harms in the ToIP framework).

Reduced human resource management and customer service costs

Unhappy or harmed customers are of course more likely to call customer care or to use online reporting to abuse management teams. This not only increases the volume and complexity of calls to customer care, but it also impacts employee retention and emotional well-being^[9]; one researcher noted that following interviews with commercial content moderators:

A significant number [get PTSD]. And many other employees develop long lasting mental health symptoms that stop short of full-blown PTSD, including depression, anxiety, and insomnia”.^[10] 

These factors increase business costs in multiple areas, including staff training and lost productivity.

Increased revenues and investment – the value of trustworthiness

Investors are starting to put their money into positive social and environmental impacts. The UK Treasure estimates that Environmental, Social, and Governance (ESG) assets under management (AUM) will be $33.9 trillion by 2026^[11]. Deutsche Bank forecast that by 2030, 95% of AUM (€130 trillion) will be against an ESG mandate^[12]. Consequently, ESG is a top boardroom priority, with 45% of companies reporting an ESG measure in executive pay, and 78% judging that ESG value contributes to company valuation and financial performance^[13].

Consumers too are increasingly led by the values and ethics of brands; according to a recent PwC report, “Eight out of ten consumers said that they would pay up to 5% more for sustainably produced goods”^[14]. This is led by GenZ consumers who are powerful influencers of other generations^[15]. A recent Deloitte Analysis found that “trusted companies outperform their peers by up to 400%, directly correlating with the bottom line.”^[16] 

In other words, harm mitigation substantially adds to a company’s value. For digital identity technology providers, their customers, and the real humans who use those services, addressing human harms is both a moral and a business imperative.

Practical steps to unlock business value

In addition to the white paper, ToIP also introduced seven practical steps for overcoming human harms in digital identity. These are steps that businesses and online ecosystems can implement today:

1. Define the business case for harms in your ecosystem
2. Train your team in ethics
3. Recognise vulnerabilities
4. Promote human agency
5. Balance power between parties 
6. Reinforce collective resiliency through cooperation
7. Continuously monitor ‘what could possibly go wrong?’

Each step is accompanied by quick links to resources from the ToIP Foundation and beyond. The good news is that this is not rocket science—you will find that you are already using many of these tools, such as risk assessment—and you just need to apply them in new ways using a human harms lens.

---

1.  Political, Economic, Social, Technological, Legal and Environmental
2.  Weber Shandwick, The State of Corporate Reputation in 2020. Everything Matters Now, (January, 2020)
3.  WTW, Reputational Risk Preparedness Survey, (February, 2022)
4.  Milmo, D., Instagram owner Meta fined €405m over handling of Teen’s Data, (5 September, 2022), Guardian newspaper.
5.  Wetsman, N., Facebook’s whistleblower report confirms what researchers have known for years, (6 October, 2022), The Verge.
6.  Cifas, UK businesses under increasing attack by criminals as latest Cifas data reveals reported cases of fraud up 16%, (28 April, 2022).
7.  GBG, Consumers picking up the cost for digital identity and identity fraud failure, (23 November, 2022)
8.  Hanoch, Y., Wood, S., The Scams Among Us: Who Falls Prey and Why, (17 May, 2021), Association for Psychological Science, Volume 30, Issue 3., https://doi.org/10.1177/09637214219954 
9.  McKinsey & Company, The State of Customer Care in 2022, (8 July 2022)
10.  Steiger, M., Bharucha, T., Venkatagiri, S., Riedl, M., Lease, M., The Psychological Well-Being of Content Moderators The Emotional Labor of Commercial Moderation and Avenues for Improving Support, CHI ’21: Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems (May 2021) Article No.: 341 p.4 https://doi.org/10.1145/3411764.3445092
11.  HM Treasury, Future regulatory regime for Environmental, Social, and Governance (ESG) ratings providers Consultation,(March 2023), ISBN 978-1-915596-81-9 PU 3300.
12.  Brandt, V., Silke, S.,What do investors expect from the bank with regard to sustainability?(10 May, 2020).
13.  O’Connor, P., Harris, L., Gosling, T., Linking Executive Pay to ESG Goals, (June 29, 2021)
14.  PwC, June 2023 Global Consumer Insights Pulse Survey, Decision points: Sharpening the pre-purchase consumer experience, (June 26, 2023)
15.  World Economic Forum, Gen Z cares about sustainability more than anyone else – and is starting to make others feel the same, (March 18, 2022)
16.  Robinson, B., Trusted Companies Outperform Their Peers By 400%, New Study Shows, Forbes (January 8, 2023)