When you buy a safe, it’s safe to assume that you’re doing so in order to protect your valuables and important documents. This is not rocket science.
While a prospective customer typically evaluates factors like the size and weight, fire rating, and locking mechanism when making a buying decision, there is one factor most would never even consider would be an issue. And that one factor is exactly what caused Liberty Safe to plummet into a public relations crisis like a cartoon safe being dropped from a cliff onto Wile E. Coyote.
Liberty Safe — the safe company that isn’t
The story broke yesterday, when the public learned that the FBI raided a man’s home, and then called Liberty Safe to ask them to open it. Now, this would require a specific court order so the company had no legal obligation at this point, but the company took it upon themselves to simply hand over a master password, enabling the FBI to open this man’s safe.
That’s a big enough problem on its own, but there’s an even bigger problem lurking just below the surface of this story.
Why does Liberty Safe keep a database of master passwords for every customer’s safe in the first place?
When this story first broke, the company was quickly called out for doing that, and rightfully so. After all, what good is a safe when its password is available to people other than the owner? This includes employees and contractors of Liberty Safe, as well as employees of whichever cloud service it’s stored on. And let’s not forget about hackers. Does it really seem like a good idea to have a database of safe owners, which also includes names, addresses, and the password to get into the safe?
The company tried to spin this story into a positive one by claiming they maintained this database in case a customer forgot their password. It failed, though, because people quickly saw through that fairytale when customers shared their stories on Twitter of getting locked out of their safes after forgetting their password, calling Liberty Safe, and being told that their only recourse was to hire a locksmith. At no point did the company offer customers the second password, nor did they even admit that it even existed.
Predictably, the backlash was instant and significant, which led to the company completely disabling comments on their Twitter profile yesterday for a period of time. Later that day, they were turned back on, and the brand has since been deluged with criticism on every tweet.
Liberty Safe’s response fell flat
Later that evening, Liberty Safe’s public relations department issued a response on Twitter, admitting they were wrong, both for giving the FBI access when they were not legally obligated to do so, and for having a master password to every safe in the first place. (It’s worth noting that several years ago, Apple was faced with a similar situation, where the FBI asked for back door access into a suspect’s phone, and since there was not a court order, Apple refused.)
The announcement, which wasn’t attributed to any specific executive, also claimed that going forward, the company would no longer assist law enforcement in accessing their safes without a court order, and that they would soon implement a process for having the master password deleted from Liberty Safe’s records.
Unfortunately, the damage is already done.
Public trust in the company has been destroyed by its actions, and the recent changes to company policy are seen by most for exactly what it is — a weak attempt to save itself.
From a PR crisis perspective, this situation was entirely avoidable.
Executives should have understood their customers and known that both handing over the password, and having it in the first place, would infuriate them. This was an epic failure from all levels of management.
Unlike the recent Bud Light PR crisis, which I covered extensively on Twitter, Liberty Safe issued a response fairly quickly once the backlash began. But while fast, the brand failed to issue a meaningful response.
They did admit wrongdoing, which is rare these days, and that step is a critical component of effective crisis PR. Unfortunately, because the company engaged in shady behavior and then first tried to lie about their motives when they got caught, they made it exponentially worse. As a result, consumers simply don’t believe that Liberty Safe is sincere.
There are also the technological issues — sure, they promised to give customers the ability to have their passwords deleted from the company’s records, but how will they prove that they did? Not to mention the fact that countless people already have access to that data, including employees and contractors at Liberty Safe as well as employees of the cloud service where the files were stored, so there are likely hundreds or thousands of copies of this data already floating around on other computers and online.
In other words, the genie is already out of the bottle.
This will also likely affect the company’s ability to advertise. Liberty Safe is a longtime advertiser on many popular conservative and libertarian media outlets, spanning print, digital, TV, radio, and podcasts. My prediction on this aspect is that some, and maybe many of these outlets will no longer allow the brand to advertise on their platforms.
There are only two realistic choices at this point. The first is to sell the brand to another company, and the second is to rebrand the company and try to start over under a new name. Of those two choices, the only one that’s viable is to sell the brand to another company.
Ultimately, we won’t see the full impact of this immediately. Much like with the Bud Light PR crisis, it will take weeks or even months for new sales data to start showing the magnitude of the damage, but Liberty Safe’s PR team will be busy in the meantime.