Earlier this week I had the pleasure of speaking at the IAPP Little Big Stage Online event on Corporate Social Responsibility and Data Protection with Jacqueline Klosek and Danielle Reyes – thank you for the active discussion! More and more, sustainability is at the forefront of corporate strategies. Environmental, Social, and Corporate Governance (ESG) is proving itself to be a driving force of economic growth which at the same time aims to have a positive impact on society. 

Investors are increasingly concerned with and care about ESG activities. In fact, in Q1 2021, sustainable funds experienced inflows amounting to €120 billion (>50% of EU fund flows) and outperformed their “traditional” peers. Millennials want to support brands that they see as sustainable and according to a 2019 CISCO study, a significant number of consumers are willing to change providers in order to protect their privacy.

Companies that are looking at including privacy and data protection in their ESG reporting should first run a materiality assessment in order to engage with stakeholders to understand their values with respect to privacy and data protection. We have also included such an assessment in our Data Protection as a Corporate Social Responsibility Framework. While the inclusion of privacy and data protection in sustainability reporting is said to be on the rise, the time has now arrived to definitively include privacy, data protection, and data security in ESG reporting and for organisations across the board to look at data protection as a Corporate Social Responsibility!