Developing a Crisis Communication Strategy

Fortunately he insisted [on a crisis plan], and I relented, and when the storm hit us, we were ready. Cabinet secretaries and commissioners knew what they were supposed to do. Folks in the field had their assignments, and while I probably should have urged people to leave work earlier and get home before the snow started piling up, all in all we handled things pretty well, and most people felt good about how the state and its cities and towns responded to the crisis that hit us.

Michael Dukakis, Greater Boston’s Blizzard of 1978

When Michael Dukakis became governor of Massachusetts in 1974, he made Charlie Barry, a former police officer, his Secretary of Public Safety. Barry took it upon himself to create an emergency plan for the state, which became the guidebook for the most devastating blizzard to hit Massachusetts. While lives were lost and property was damaged due to the Blizzard of ‘78, the 33 hour snowstorm could have been much worse. The effectiveness of Barry’s emergency plan is particularly amazing when we consider that this was all years before such fast-responding technologies as social media and instant messenger—or even cell phones.

Fast forward 38 years, to 2016. Government, healthcare, and retail organizations alike are on Twitter, have Facebook pages, and provide RSS feeds to further communication. Yet still, we see organizations whose immediate reactions to crises are destructive to their credibility, if not to their actual user base. Consider Volkswagen, whose immediate reaction to scandal was to blame their own employees, or Google, who blamed their poor April Fool’s joke on a bug, before realizing the error in their ways and taking responsibility.

Crisis communication, like any communication, works best when we know exactly who we’re talking to. User experience professionals are perfectly positioned to contribute to and hone crisis communication plans, given their knowledge of and experience with an organization’s user base. While typically left to public relations teams—or any single team, for that matter— crisis communication requires the involvement of people across the organization to create a positive user experience in a hectic moment.

Let’s take a look at who’s done it poorly, who’s done it well, and finally, how user experience professionals can lead the charge within their teams to champion a proactive crisis communication plan.

Why make a crisis plan?

In case it isn’t obvious, we live in a world of 24/7 media coverage. It’s not just the traditional media that scrutinizes every PR move. It’s the bloggers, the social media influencers, and the random viral posts and videos that could come from anyone. Most days, marketers try desperately to catch these people’s attention, and the rest of the organization needs to be prepared to handle that attention in the bad times as well as the good.

Still, there are plenty of reasons to avoid creating a crisis plan. It’s akin to writing a will: it may feel like bad luck, or courting disaster. It’s difficult to plan for how others will react, and it’s a particularly difficult thing to test. It takes away time that could go towards preparing for more likely and more immediate scenarios. Perhaps most of all, when we look at scandals we often think “that would never happen to me.”

In some of the examples we’ll share, it may be true: this would never happen to you. We certainly hope our readers won’t lie about having horse meat in their burgers, or fake emissions tests. But there are other crises that aren’t scandals, and could happen to anyone, such as cyber attacks and security breaches.

As UX practitioners we often talk about the need to build trust with our audience. Nothing will test the audience’s trust like a crisis. It’s a make-or-break situation for any business, and it’s our job to be prepared.

Companies in Crisis

We see crises across every industry, from tech to healthcare to the meat industry. Some of these are scandals due to poor judgment calls within the organization, others are more akin to bad luck. Let’s take a look at who’s responding to crisis well, and who’s not doing it at all.

The horsemeat fiasco

In 2013, Tesco, the UK’s largest supermarket campaign, was accused of putting horse meat in their burgers. In fact, tests of their burgers found that some were 100% horse meat. Like many scandals, it would be easy to focus on the problem itself: how did Tesco think they would get away with this?! But equally concerning is the way they responded.

Too little, too late

Sony probably thought they were making the smart move in April 2011, when they waited for more information before letting Playstation users know that the system had been hacked and 77 million users’ had lost their information. But to the players, the week of silence during the network outage degraded their trust of the organizations as a whole.

By avoiding the subject, Sony lost their chance to control the story. Three years later, when Sony was hacked again, news outlets still remembered the 2011 hack and even today continue to assume any outage must mean another hack.

From bad to better: Google’s mic drop

If any organization is in the public eye, Google is. People look forward to Google Doodles, Easter Eggs, and the annual April Fool’s prank. That’s why it was so upsetting for many Gmail users when this year’s April Fool’s joke seemed more irresponsible than funny. The Google team created a “mic drop” button, which sent a response with a funny GIF of a mic drop and simultaneously muting the conversation—but they placed the button where “Send + Archive” usually sits. On April 1, people inadvertently “mic dropped” bosses they were hoping to impress, family members they were making amends with, and loved ones in mourning. Needless to say, the joke was lost.

In Google’s immediate response, they missed the mark:

UPDATE April 1 1am: Well, it looks like we pranked ourselves this year. ? Due to a bug, the Mic Drop feature inadvertently caused more headaches than laughs. We’re truly sorry. The feature has been turned off. If you are still seeing it, please reload your Gmail page.”

People were furious. Some had lost their jobs, others had offended people they cared about. Clearly, the people at Google were paying attention, because they did follow up with a significantly more heartfelt apology:

We are sorry if Mic Drop was in any way harmful to you… at Google we have a culture of sharing what we learned when things go wrong, and we want to share these learnings with you…” –the Google blog

Staying calm in a cyber attack

Health insurance organizations are rarely lauded for their UX, but Anthem Blue Cross managed last year’s security breach with aplomb. After 80 million patient records were compromised, Anthem didn’t miss a beat.

  • They immediately let members know what they knew.
  • They set up a microsite to share additional information, and a hotline to help members with questions.
  • They immediately offered credit-monitoring services, to help members protect themselves in the future.
  • In their apology, the CEO actually used the words “I want to personally apologize.” It’s amazing how much that acknowledgment helps repair members’ broken trust.

There are many more stories of terrible crisis responses. Maclaren didn’t anticipate the volume of traffic that would come after it was revealed that their strollers had amputated 12 children’s fingers. XO provided absolutely no information through three system outages in two months. Amy’s Baking Company hilariously yelled at customers who left bad reviews. Kimbia gave conflicting responses on why their site was down, as did Toyota when customers called with concerns about their self-accelerating cars. And Taco Bell responded on their site but neglected social media when a photo of an employee licking the tacos went viral.

What do Maclaren, XO, Amy’s Baking Company, Toyota, and Taco Bell have in common? They weren’t planning ahead.

Prepare for disaster

There are some consistencies across these successes and failures. While we can’t plan for everything, we can plan ahead for the “just in case” basics.

Step one: pick the people

Crises happen at inconvenient times, and ultimately the organization will need to trust the decision of a few core people. In order to avoid poorly-timed tweets or waiting weeks to respond to the issue at hand, choose in advance which groups should sign off on the response.

When assembling a war room, be sure to include a range of perspectives across the organization. Some key teams to include:

  • Legal, to better understand any legal ramifications of the crisis and ensure that the response doesn’t further the liability
  • Information Security, to advise on any security breaches and offer best practices for communicating with users
  • User Experience, to vocalize the user’s journey through the crisis
  • Customer Support, to provide context on what response effort would be appropriate and how costly that would be
  • Marketing, to map all channels where the organization should communicate with the user, such as the company blog, Facebook, and Twitter.

Step two: set up scenarios

Brainstorming the likely scenarios helps provide a blueprint for the situation. While brainstorming, be creative; the more scenarios planned for—no matter how ridiculous seeming—the better.

Consider some of these scenarios:

  • What if there is a security breach?
  • What if there is a major storm/natural disaster and our services are down?
  • What if we discover unethical business practices in our supply chain or company history?
  • What if one of our leadership team is exposed for some personal scandal?

Ask the important questions:

  • How will this issue impact our business?
  • How can we best help our audience?
  • What security or legal best practices should we be aware of? (This is a question to ask Security and Legal teams!)

Step three: craft the experience

UX teams know their users: they perform usability tests with them, draft personas about them, and create products for them. This means the UX team can extrapolate (or research!) how an organization’s users will react to a crisis.

Walk through the user journey, and think specifically about their emotional state. Based on that information, work with the customer support team to create a cheat sheet for their representatives that can be easily adapted to the situation. Tone of voice is key here. Sincerity and directness is appropriate in nearly (if-not-every) case. Customer service members will need to speak with authority, which means they’ll need to have clear instructions and accurate information.

An example of Mailchimp's Voice and Tone

Lastly, make sure the marketing team has reviewed any plan that will involve audience communication. They can make sure the response will be coordinated across all media channels, so that emails, website notifications, and social media posts don’t contradict one another in content or tone.

Step four: learn from experience

Depending on the situation, a crisis might require users to take action, such as resetting a password after a data breach. In this scenario, work with your data analytics team to track how many users take action upon the notification. This will help your organization decide on any further course of action.

Additionally, if the data analytics team can isolate the group that was affected by the crisis, you can continue to observe their behavior and glean retention rates, downgrades, etc. This information will help your organization understand what portions of your response worked and how to improve the crisis management plan.

Lastly, make sure to not only observe the data, but also identify the root of the problem. Responding to a PR crisis is very important—and so is ensuring that the same crisis won’t happen in the future.

Plan for the crisis before it strikes

Unforeseen emergencies are just that—unforeseen. But it’s rarely the emergency that our audience reacts to; it’s our response that they look for. A well-crafted crisis response is worth planning for.

How does your organization plan for the unexpected?