The Value Of Being Transparent, Especially When It's Hard
The past two years have seen a huge rise in transparency among startups. Not just transparency within the organization...I'm talking about being transparent with the public about all kinds of things. Nowadays, it's not uncommon to find startups sharing data about their financials. Or their process. Or their culture. Or their salaries.
It's easy to be transparent when things are going well, or even OK. There's no real harm in telling everyone how much your CEO makes or that you grew 8% last month.
But what about when things aren't going so well. Being transparent about your website being down is hard. Being transparent about getting hacked or losing data is even harder. It's embarrassing. You may feel like you don't want to call attention to what's happening -- maybe the problem will go unnoticed?
But being transparent when it's hard is when it counts the most.
The Buffer Story
Buffer's response is often cited and one of the best examples of a company being as helpful, transparent, and humble as they possibly could during a time where they had let their customers down. They posted updates every few hours, provided instructions for how to remedy the problem, and gave a detailed explanation with exactly how the hacker gained access and what they were going to do to prevent it in the future.
They were even open about how the whole ordeal affected their bottom line.
"This signups chart is one of the most interesting. The fascinating thing is that during the few days of our breach, we had almost record numbers of signups. This is perhaps due to our fortunate scenario of receiving positive press around how we handled the breach."
How is this possible? A scandal of this magnitude should be devastating to a startup like Buffer. It turns out, people were so impressed by how they handled the situation that they took their support to Twitter. Buffer, by being transparent rather than silent about the issue, was able to turn a near-disaster into a net positive.
I’ve heard “transparency is easy when things are going well”. This weekend showed me the importance of being transparent when they’re not.— Joel Gascoigne (@joelgascoigne) October 29, 2013
What Happens When You're Not Transparent
Leaving people in the dark when you mess up often results in a terrible customer experience -- much worse than had you owned up to your mistakes in the first place. If you attempt to cover-up the issue, you will ultimately lose face and money.
You've probably had an experience like this before:
Some web service that you use is down and the company doesn't say anything about. Nothing on their Twitter, they don't have a status page, they don't shoot you an email. You're completely in the dark as to why their website is down. You have no idea when it will be back up. It's something we've all experienced and is extremely frustrating.
Even from a sheer dollars perspective, this is a big issue. Trust is expensive – gaining a new customer’s trust is 7x more expensive than retaining a current customer. When you leave people hanging in these tough times, you will erode any sense of trust that your customers have in you.
Not only that, people are hardwired to feel negative things more strongly than positive things. They're also more likely to share negative experiences with their friends and co-workers than positive ones. Be upfront with your customers during these hard times and you'll prevent a manageable situation from spiralling into a disaster.
Why Is This Behavior The Norm?
Unfortunately, this kind of response to adversity is all too common...and I think there's a reason for it. It relates back to that fact that humans experience negative things more strongly positive things -- when things go wrong, our natural instinct is to first limit liability. This is why it's so common to see people distance themselves from problems and scandals -- why it's so common to hear that a company has "no comment".
Managers seem to see "no comment" as a "safe and middle-of-the-road statement" according to a study from the Kellog School of Management. It's funny, as consumers, we see these statements as defensive or trying to deny guilt. As decision makers, humans try to limit liability and rationalize to themselves that these reactions are a way to appease the public while a better response can be constructed.
Being Transparent Does More Than Avoid The Bad, It Actively Does Good
As consumers, we know instinctively that transparent, prompt, and empathetic response incidents (getting hacked, losing data, extended downtime) is how we would like to be treated when a business that we are a customer of is responding to a crisis. That same research at the Kellog School of Management confirms that consumers grade a response that is engaging, empathetic, transparent, and doesn’t throw others under the bus significantly higher than those that don't.
Being completely transparent and informative during downtime is more than just about avoiding bad customer experiences. It's an opportunity to actually grow your business.
Exceptional instances of transparency can actively do good for your company in two ways:
- It plays into the principle of reciprocity
- It lends itself to trust
The idea of reciprocity is people are programmed to want to give something back to people who give us something first. This reaction is actually pretty easy to tap into. Going above and beyond by being completely transparent around downtime is still uncommon. As such, your customers will view this as you going out of your way to provide exceptional customer service. When you provide an exception customer support response, they will want to "pay you back" with increased loyalty.
Transparency lends itself to trust, which lends itself to collaboration (working together, becoming a customer of your product). Being transparent when things are easy is talking the talk. Being transparent when things are hard is walking the walk. People trust you more when you walk the walk.
It's called the Service Recovery Paradox.
Mid-outage communications and post-outage retrospectives separate the wheat from the chaff. It's about transparency and trust.— Donnie Berkholz (@dberkholz) January 11, 2014
Some Examples From Our Own Customers
In early, early morning hours one day in April of 2015, Customer.io kicked off a scheduled maintenance that would devolve into a 12-hour outage. A version upgrade of their database proved a bit trickier than they originally expected, resulting in them being unable to return the stack to an operational state.
"When performing a routine upgrade of one of our databases, FoundationDB, we found that the database cluster wouldn’t start because of an error. Our tool was down for just under 12 hours while we were hustling to resolve the error.
Our customers rely on us to send out their emails every day, so an outage like this that disrupts those emails is one of our worst nightmare situations.
Even though we couldn't fix the error right away, it was crucial to proactively keep our customers not just up to date on the operational issues but also to explain what that meant for them. One of the worst things to experience as a customer in outage and downtime situations is not knowing what’s going to happen to your planned tasks or data. So it was so important for us to be able to proactively broadcast our updates on what was going on, provide details on what the database issues meant for their data and messages, and show the timeline of events and fixes as they were unfolding.
For an outage of this scale and length of time, we knew we had to provide a postmortem to give a full account of what happened. We also felt it crucial to explain how we were going to address larger concerns about data and reliability going forward, especially what was going to happen given that FoundationDB had been acquired by Apple and we knew we weren't going to continue to use it in the longer term.
Overall, it was important to us to be completely transparent from the beginning. We let people know that we didn't know when (or if!) the software would come back up. We honestly asked for help and offered whatever help we could provide to get people situated while we were down (Could we help them use another provider? Could we help get them data? Etc). We gave as many status updates as we could both publicly (via our status page, our dedicated outage page, twitter, etc) and privately in direct emails to customers.
While some people were understandably upset and vocally angry, many customers were extremely understanding and supportive. Some even offered assistance in response to our call for help to connect more quickly with FoundationDB's team. Others send us supportive emails just letting us know that while they were disappointed we should "hang in there" or that they "understand software isn't perfect" and were impressed with how we were trying to help even in a worst case scenario situation. We also got quite a lot of comments just saying how happy people were that we were being open and honest and not hiding or obviously BSing. That they were far more forgiving even in horrible situations when it was clear that the company was doing everything they could.
After service was restored and the fires had calmed down, we saw an increase in the number of new customers signing up. No publicity is bad publicity? People really appreciated that even though the absolute worst case scenario had just happened we were transparent and honest throughout.
Being proactive and transparent when it comes to major outages and incidents is just the right thing to do — and when you bake it into how you communicate with your customers, that trust will carry you a long way."
In December of 2014, DNSimple was the target of a DDoS attack that lasted almost 10 hours. During the course of the incident, DNSimple posted ongoing updates about the issue 20 times including a full post-mortem on their own blog.
Here's what Anthony Eden, the founder of DNSimple had to say about it:
"The response from customers during any sort of incident has always been very positive, mostly because we communicate early and often, through various channels. Our status page is an important part of this, and as soon as we identify an issue we open an incident on the status page and update it every 30 minutes, or sooner if we learn something that is important to share with our customers. We also respond to customers on Twitter and via support email. The real transparency comes after the incident is resolved though, when we write up a comprehensive post mortem. Not enough companies do this, and that is unfortunate, because there is a lot the community can learn by sharing details when systems fail.
As a customer of many online services I know that being left in the dark when an incident affects me is extremely frustrating, and ultimately often leads me to look for different providers. DNSimple was built from day one to be the kind of service I want to use, and being transparent during incidents is part of that. I've received many emails and tweets saying thank you for the comprehensive communications during and after an incident, and often people use us as an example to follow for other companies that fail to communicate when they have an outage."
The response was overwhelmingly positive...just look at all the replies to this Tweet.
Just published the post-mortem for the Dec 1st DDoS: http://t.co/41IXDGbwuG— DNSimple (@dnsimple) December 3, 2014
In July of 2015, a GitHub outage kicked off a series of events that led to a major CircleCI outage. They kept their customers in the loop with updates every few hours and also shared an in-depth post-mortem.
Here's what they had to say about it:
"Our customers rely on CircleCI to run their businesses, and being down is painful. Our recent outage was tough on both us and our customers, but we know that it’s best to be as upfront and communicative as possible. We did our best to publish one update an hour, even if it was just to say that we were still working to get everything solved but don’t have any new information. It let our customers know we hadn't forgotten that they’re out there. In addition to the hourly updates, once the service was restored, we sent our customers an email apology, and let them know that we’d be following up with a detailed post-mortem. We published te post-mortem a week after the incident.
The responses were overwhelmingly positive. We were inundated with statements of support and praise, even *during* the outage. We shared these throughout the company as we worked to fix the issue. Our customers, most of them devs themselves, liked our transparency, even in the face of not-great news, and we attribute much of that to the way we handled our communication."
What You Should Takeaway
I say all this knowing that being transparent isn't all happiness and roses. I know it can be hard. I know it can be scary. I know you might get push back from your legal team. There are going to be times where you over-communicate and worry customers that needn't be worried. Your competitors will use your transparency against you.
But in our experience over the past few years helping several thousand companies, being transparent has proved time and time again to be the best path.
It will strengthen your relationships with your customers. It will make them more loyal. It will make them recommend you to their friends and colleagues. At the end of the day, being transparent about things like extended downtime or security breaches is just adhering to the Golden Rule...it's treating others how you would want to be treated.
Never forget that business is about relationships and people...treat them right. It won't always be easy, but I promise you it will be worth it.