Spoiler alert: It’s Starbucks.
2018 is shaping up to be a year of corporate crises, leaving PR people across the globe scratching their heads. But of all the sh*tshows we’ve seen over the past six months, two stand out above the rest: the unlawful arrests at Starbucks and the Facebook data breach.
The good news? These unfortunate events pave the way for brands to learn from the mistakes of others and ensure their own organizations avoid similar situations. Let’s take a look at crisis communication lessons learned from Facebook CEO Mark Zuckerberg and Starbucks CEO Kevin Johnson to see how we can apply them to our own brands:
Starbucks: As a company that’s always prided itself on its commitment to social justice, the arrest of two men for “shopping while black” clearly contradicted the brand’s values and shined a light on flaws in how staff is trained to identify shoplifters. But Johnson wasted no time addressing the issue and shared a world-class apology shortly after.
What makes the apology world class? It’s simple. Johnson responded quickly, took personal responsibility for the incident, acknowledged the pain it caused the two men and Starbucks shoppers, showed genuine remorse and provided evidence of action taken to correct the issue. He included the same things in his apology that you would include when apologizing to your own mother.
Facebook: When Zuckerberg learned of the data breach of 87 million Facebook users, he wasn’t exactly quick to respond. It wasn’t until four days after the news broke about Cambridge Analytica’s access to Facebook users’ private data that he addressed the situation in a Facebook post.
But he never said the words “I’m sorry” until his CNN interview, eight days after learning of the breach, and he still failed to acknowledge how millions of his users felt violated and exposed. He did outline how the company plans to prevent the issue from occurring again in the future, but without demonstrating genuine remorse, it fell on deaf ears.
2. Addressing Stakeholder Concerns
Starbucks: When a crisis occurs, the most common question asked by customers, investors, employees and virtually every stakeholder is “How?”. Determining how and why a negative event occurs is critical to preventing the next one. Starbucks recognized this and instantly saw flaws in the way the company trains its staff to identify shoplifting. After recognizing the issue in its training, Starbucks reached out to stakeholders with a letter outlining the problem and plans to course correct, helping customers reestablish trust in the brand.
Facebook: After the massive breach, Zuckerberg was summoned to appear at a U.S. Senate committee hearing to address the legality of Facebook’s privacy practices. Plain and simple, he aced it. He spoke clearly and with empathy, and he discussed the issues and action plans to correct them. Even the media condoned his communication in the hearings, saying he “won” his war with Congress, and emphasizing how he navigated the toughest of questions with concise responses that still respected Facebook users’ privacy.
Yet, he refused to acknowledge the breach on a global scale and meet with European Parliament to address the issues – for months. It wasn’t until May 16, two months after the news of the breach came to light, that he agreed to discuss Facebook’s data use and privacy practices with Parliament. “Why is Parliament concerned?” you might ask. Well, with the increasingly blurred lines of online privacy, lawmakers are trying to gather as much information as possible about how the breach occurred so applicable laws can be put in place to prevent similar incidents. However, after months of making Parliament wait for responses to its questions, Zuckerberg gave “no answers whatsoever” in his hearing, leaving the board of lawmakers even more frustrated and confused.
3. Implementing Real, Lasting Change
Starbucks: Saying you will make changes and actually changing are two very different things. Starbucks has fully committed itself to adjusting policies and implementing company-wide shifts addressing the issues that led to the crisis. The company recently implemented a policy allowing everyone to use the coffee shop’s restrooms, regardless of a purchase. Additionally, Starbucks held an all-hands implicit racial-bias training in an effort to prevent similar unnecessary arrests from happening in the future.
Facebook: When it came to addressing the issues that caused the data breach, Zuckerberg was a pro. He clearly outlined next steps to be taken to prevent another breach. But were they implemented? According to Fox News’ recent article about another Facebook privacy breach that exposed 3M more users, “This breach also had links to the software at the heart of the bigger privacy scandal that recently rocked the firm.” AKA: The root cause of the breach has still not been fixed. This is especially troubling from a business perspective, considering the company lost $70B in 10 days after the news of the data breach hit the headlines, and stocks dropped by 13%. If breaches like this continue to happen, and underlying issues are not resolved, Facebook stands to lose a lot more.
Overall, it’s clear Johnson and Zuckerberg had different styles for handling the crisis communication within their companies. Both issued apologies, and both addressed the public with plans for change. However, the key word here is “plans” – without action, the plans for change mean nothing. Out of all the recent blunders, a few important lessons came to light for PR people everywhere: Say you’re sorry (like, actually say those words), address the issue with key constituents in a timely manner, and if you’re going to say changes will be made, make them.