Less clarity - and more risk - as policy making gets more fragmented
Companies are operating in a world of policy fragmentation, which is increasing costs for business and creating new risks. Nowhere is this fragmentation more apparent than in the rush among cities, states, countries and regions to frame new privacy laws for our digital age. After the European Union enacted the General Data Protection Regulation (GDPR), California moved quickly to fill a legal void in the US and passed the California Consumer Privacy Act (CCPA). The CCPA has heightened concern about further fragmentation with more US states passing their privacy laws which, in turn, is helping to build momentum for a single, uniform federal privacy law. In this type of environment, companies can either take a tailored approach to privacy for each regime (costly), try to find a baseline that covers the most stringent requirements or somewhere in between. Each approach has its benefits and drawbacks. Finding the right balance and understanding the direction of policy makers in regimes without a defined framework is critical.
Public sentiment exerts more influence on policy making
A new and formidable player is entering the policy making competition: the individual en masse. Social media has become a digital megaphone, capable of amplifying the voices of citizens and groups and making them viral. Social media platforms can influence, even manipulate, public opinion to the extent of possibly even changing election outcomes. It is telling that Brazil’s recently-elected President Jair Bolsonaro ran his campaign on WhatsApp, instead of courting traditional media coverage or appearing on televised debates. The public is speaking up on a range of issues, from diversity in the workforce to cybersecurity to climate change to immigration, and through their efforts are forcing change. Businesses, facing significant and immediate reputational risk, understand that the response to the digital megaphone must be fast and thoughtful at the same time. Many are now responding to public sentiment with more urgency than the typical policy making cycle allows. The recent responses of several companies to the #MeToo movement are a perfect example.
New strategies for addressing policy risk
As policymaking changes, government affairs-related activities of companies, too, will undergo a transformation. The focus can no longer be exclusively on large, national and multilateral policymaking bodies. Smaller policy-making bodies in states and localities now demand close attention. This requires a new approach to prioritizing and focusing limited government affairs resources and more focus on demonstrating results. Moreover, companies need to address how new influencers -- the increasingly activist public and its digital megaphone -- could have an impact on policy making at all levels and build that into their government relations strategy.
Companies still wield influence on how policies are developed and implemented, but it’s getting harder in the more dispersed policymaking landscape today. In addition to their efforts to educate policymakers and influence the direction of new policies, many companies are taking it upon themselves to lead by example on key policy issues. Whether they do it alone or in conjunction with other companies, industry associations or issue coalitions, companies are seeing positive results from the “do it yourself” approach to policy making and regulating.
The upside of policy competition
While politics and special interests will always have the ability to influence policy making, the dispersed policy making model is providing a counterbalance to the centralized model. In the long run, increased policy competition could lead to a positive outcome: policies that better balance the demands of diverse stakeholders -- be it citizens or big business -- and that are implemented in a more efficient and effective manner.