Trust Chain Communication

By: Piebe Van Houten, GRC Consultant and Security Officer, Untapped Talent

Cybersecurity and cyber safety are crucial for individuals and organizations. Cybersecurity focuses on protecting data, devices, and systems from cyber threats, while cyber safety focuses on protecting individuals from online harm.

Cybersecurity and cyber safety are about protecting individuals, safeguarding individuals from online harm, including phishing scams, cyberbullying, and online harassment. It is also about educating individuals on safe online practices, such as avoiding untrusted links, being wary of scams, and being mindful of what they share online.  And being cautious about clicking on suspicious links, downloading untrusted software, and sharing personal information.

Trust chains develop as members interact and share information, creating connections and fostering trust. These trust chains can facilitate communication, consensus-building, and overall community engagement. Trust chains within a community build upon shared trust and interconnected relationships. 

Trust chains can also be analysed within organizations, looking at trust relationships between employees and management and among colleagues. These trust chains can be robust, with strong links across all relationships, or they can have weaker links in some areas. Measuring trust chains in organizations can be a valuable method for understanding and improving trust levels. 

Trust is suggested to be particularly important when the environment is unpredictable and the future uncertain. Trust has been seen as a mechanism that reduces complexity and facilitates action, co-operation, and risk-taking in organizations. Trust is needed in organizations to achieve common goals. Three key dimensions are often proposed when defining trust: positive expectations of trustworthiness in others, willingness to accept vulnerability, and taking risk in relying on the trustee.

There is a spontaneous effect of trust in social networks: “I trust you, because I trust the associated relation and they assure me that they trust you”. Trust is then viewed as a collective asset, implying that trust should be analysed as a group-level construct. Trust is also regarded as a psychological state of individuals that results from the quality of trust in mainly vertical relationships, with a broad range of effects on behaviour, attitudes, and performance.

The more extensive the networks of relationships in an organization, the more interactions there are at several levels where trust can be built, sustained, and breached. Such complexity is very common in certain organizations with many stakeholders and services that sometimes have divergent objectives in combination with limited resources. It is important to separate referents at different organizational levels and clarify who is supposed to be trusted by whom.

Trust can be built on both personal and impersonal relationships, and that trustors and trustees are to be found at any level throughout the organizational hierarchy. The belief of “the other’s” trustworthiness needs to be reciprocal across levels for a trustful relationship to be built. Reciprocity is also relevant in the horizontal relationships in an organization. For both vertical and horizontal relationships, the trustor’s assessment of the trustee’s ability, integrity, and benevolence is what constitutes trust.

In an organizational context, a "chain of trust" refers to a series of trust relationships, both vertical and horizontal, that connect people within an organization to achieve common goals and maintain a high level of trust.  In a virtual community, "trust chains" refers to the interconnected trust relationships that form among members through interaction and information sharing. 

The chain of trust in an organization involves trust between individuals, departments, and levels within the organization. Strong trust relationships are essential for collaboration, achieving organizational goals, and fostering a positive work environment. A healthy trust chain involves reciprocal trust between different levels and departments, where individuals can rely on each other. Trust is fundamental for organizational success, enabling effective communication, decision-making, and overall productivity. 

To reach a complete evaluation of trust within an organization, actors at all organizational levels should be given the role of both trustors and trustees and be asked to assess both their vertical and horizontal relationships, some of which would be impersonal. When there are trustful and reciprocal positive expectations on other’s trustworthiness, from frontline employees in the same work unit all the way up to the top management of an organization and between the employees themselves, then there is a solid trust chain.

A chain consists of joined links. Each of the relationships – or links – can be strong or weak. The idea of trust chains is not to explore how vertical and horizontal trust affect each other; they are still treated as two different phenomena. Rather, trust chains are a way of acknowledging the importance of both.

Trust chains are trustful and reciprocal relationships in organizations and are significant for work unit performance and employee turnover intention. The relationships as well as horizontal trust between the employees themselves are depicted as links in the chain. These links can be weakened or breached in two ways: trust can be lacking in both directions or there can be unidirectional trust. Depending on the way trust is weak, and on which links in the organizational hierarchy that are weak, there are different configurations of trust chains.

Confidential Information

Personal Identifiable Information (PII) was received by a third-party individual or business entities in trust and confidence or pursuant to a duty of confidentiality. This means that confidential and proprietary or private information was received by a member of other third-party individuals or business entities in trust and confidence or pursuant to a duty of confidentiality.

It is common for businesses to share sensitive commercial information with each other as part of their commercial arrangements, even before establishing a business relationship. They commonly impose an obligation of confidence on each other, requiring recipients to keep the shared information confidential.

Even if someone discloses confidential information without contractual protection, there may still be an obligation to keep it confidential. This means that regardless of whether there is a signed confidentiality agreement, the disclosing party still owes obligations. This duty of confidentiality can arise not only from a contract but also when contract formalities have not been completed.

Not every instance of information sharing between parties implies an obligation of confidence. Instead, it depends on the circumstances and the relationship between the parties. If both parties have entered a contract that outlines confidentiality obligations to keep information confidential, then an obligation of confidence will arise. Moreover, certain relationships also create an obligation of confidence. 

It is common for parties to have their confidentiality obligations covered under a contract, whether that be an NDA or contracts covering their relationship. It is important that to understand these confidentiality obligations to ensure such obligations are not breached, and what the consequences of such breach will be. 

Safeguarding confidential documents is essential to prevent breaches of privacy, identity theft, or intellectual property theft. A breach of confidentiality can lead to serious repercussions such as identity theft, fraud, harm to one's reputation, and compromised privacy. Confidentiality helps build employees' and clients' trust in the company. In this incident with an untrusted party the confidentiality was breached because of including the untrusted party in an email chain with a trusted party.

A breach of confidentiality is when private information is disclosed to a third party without the owner's consent. In all business industries, protecting the private information of clients, employees, and company is paramount. Leaked confidential information can expose personal or sensitive data. This compromises an individual's privacy, making them vulnerable to identity theft, fraud, or other malicious activities.

A breach of confidential information occurs when someone shares or uses private information without proper authorization, violating an agreement or obligation to keep it secure. This can include disclosing information to unauthorized parties, using information for purposes other than what was intended, or accessing information that should have been protected. Those affected can face financial losses and reputational damage as a result.

Confidentiality breaches refer to unauthorised access, use or disclosure of confidential information. This can be either accidental or intentional. Such breaches may lead to the security or integrity of a client being compromised. They can also result in financial and reputational damage. It is vital that confidentiality is taken seriously. Having a confidentiality policy can help business protect private personal information. If an organisation fails to properly deal with confidential information, breaches can occur. This can lead to a loss of trust and integrity in the eyes of clients.

In the workplace, a breach of confidence can take place when a worker discloses or uses information that could damage the employer's business, clients, or employees. If confidential business information gets into the wrong hands, a business could fail, or it could suffer at the hands of criminals. Keeping business, employee and management information under lock and key and only available to those who need to know the information is just one of the ways to prevent data from falling into the wrong hands.

Confidentiality is a highly important aspect of running any organisation. It forms the trust needed to attract and retain customers and helps to create the foundations for good working relationships. Should someone get a hold of the customer list, they could steal customers. Financial statements are also considered to be trade secrets. Financial statements consist of more than the cost of doing business. They have vendors and customers listed in accounts payable and account receivable. Contracts, including non-disclosure contracts, real estate contracts, rental agreements and other types of contracts should be confidential. As with other types of information, it could be detrimental to business should a competitor get its hands on them.

Confidential Information should be available only to those who need it. Part of learning how to maintain confidentiality in the workplace is knowing who needs what information and keeping it from those who don’t need to have access to it to complete their jobs.

There are strict ‘breach of confidentiality’ laws that govern privacy and access to personal information.  The term “confidentiality” refers to the moral and legal duty to safeguard private information disclosed in an interpersonal, professional, or organisational setting. Confidentiality is regarded as essential for protecting privacy, trust, and integrity in areas such as healthcare, law and finance.

To establish whether there has been a confidentiality breach or not, the following factors will be considered: if all parties have been informed of the information’s confidential nature it is more likely to be a breach. If all parties received the information in confidential circumstances and with an obligation to retain confidence it is more likely to be a breach. If there was written consent to disclose the information, it is less likely to be a breach. If disclosure of the information is required to provide goods or services under a contract it is less likely to be a breach. If the information is disclosed to a professional advisor) it is more likely to be a breach.