Home > Business essays > Business ethics

Essay: Business ethics

by

Essay details and download:

  • Subject area(s): Business essays
  • Reading time: 5 minutes
  • Price: Free download
  • Published: 26 June 2012*
  • Last Modified: 23 July 2024
  • File format: Text
  • Words: 1,296 (approx)
  • Number of pages: 6 (approx)

Text preview of this essay:

This page of the essay has 1,296 words.

Business ethics

Module: Business Ethics

Introduction

Choice Point�, a subsidiary of LexisNexis, is one of the largest data aggregator in the United States. The company is specifically designed to serve the risk information industry. The company provides information to Insurance & Law firms, Financial Services firms, Collection agencies, the Government, and Law enforcement organizations. The information collected is mainly personal information of almost every citizen in the United States of America. Both Choice point and LexisNexis have faced security breaches in the past and have reported the incessant increase in the number of potential victims from 32,000 to 310,000. This is the finest form of unethical social engineering according to critics. Some authorities have considered this to be highly precarious while the head of LexisNexis, Kurt P. Sanford considers it to be something unavoidable in today’s world of skilled hackers.

Stakeholder Analysis

  1. Individuals: The Company holds the information of most of the people in the U.S. These people are at stake since their information was leaked from the Company’s databases.

  2. Management: Since, they are accountable for the loss of information.

  3. Data Administrators (Technical Staff): The technical staff has direct access to all the data available and they are responsible for the maintenance of this data.

  4. Business partners: All the companies associated with the company suffer indirect damage.

The secondary stakeholders include,

  1. Government entities

  2. Regulators & Civic organizations: The parent company LexisNexis is a civic & human organization itself. Hence it stands more responsible for such ethical issues.

  3. Media, Social Pressure Groups, etc.

However, the above classification of primary and secondary stakeholders is arbitrary. In some cases, the media coverage changes the focus of the issue from the impact of the security breach on the people to the issues faced by the organization. The stakeholder theory, however, faces issues in identifying a legitimate stakeholder, the intricacy in evaluating stakeholder analysis and ethical relativism.

Significant Ethical Issues in ChoicePoint�

The company derives in-depth dossiers from various sources like public records (property tax assessor files, vehicle registration, professional licenses, bankruptcy records, etc.), demographic data, credit reports and lifestyle data. The company was purchased by LexisNexis� on 19th September 2008 after the company had reformed its data-security practices since its security breach in 2005.

The security breach led to the leakage of personal information of about 310,000 people. Information such as social security numbers, driving license information, addresses, and contact information fell into the wrong hands. Media first suggested that the company had sold information for a great deal of money. However, investigation suggested that the theft was not done technically by ‘hacking’ or by means of computer software; but was a result of ingenious social engineering. The thieves had approached the company in a cloaked manner or in the form of another private firm requiring customer information. After acquiring vital information like credit card numbers, passwords, they changed the postbox details of the customers to receive credit card details and statements to a different address. This created a panic among citizens, and the government had intervened into the issue and filed the company with charges for leakage of personal information. In 2006, the Trade commission had fined ChoicePoint� with an amount of $10 Million over the failure to protect consumers’ personal data.

This situation had showed that the company was a severe victim of security theft and the customers, of identity theft. However, the principal ethical issue was the fact that the companies had not informed the customers of the security breach. The passage of a law in California in 2003 states that, all business providers in the state are required to inform their customers in the event of an identity theft risk.

The issue had raised many questions and arguments among the government and the citizens. Deborah Platt Majoras(Federal Trade Commission Chairman) said companies should be able to waive informing citizens about their personal information being at risk; the reason being, if the customers were to be informed about every security breach even though no data was stolen, then the customer would henceforth be �numb” to more serious attacks.

In my opinion, the law was not abided by the company by not informing the customers whether it was an identity theft or just a normal security breach. This resulted in an unethical concern and was hence fined by the trade commission itself. According to Caroll’s[1] four part model of corporate social responsibility, Legal responsibility are �required” by the society and ethical responsibility is �expected” by the society since otherwise, the customers were at high risk of personal and financial assets.

The company has a few competitors since its one of the leading data collectors in the U.S. and is also a part of the MATRIX (Multi-state-antiterrorism-risk-information-exchange) support system. However, many other companies have faced data thefts in the U.S. They have followed the code of conduct in their companies and have informed the customers about the issue.

For example, Batteries.com[2], a company that sells batteries had a security breach of customers’ credit card numbers, addresses and other vital information in March 2009. The company had immediately sent notices to its consumers about the risk of identity theft of personal information. This has helped the consumers become more aware of the risk of attacks by the thieves and also the chances of protecting themselves from financial theft.

Recommendations on Ethical Policies & Structure

The above facts show that unfortunately, security breaches cannot be avoided in some instances. However, implementation of strong code of ethics and conduct can reduce the damage caused to consumers. Firstly, the code of ethical conduct should be well-documented by considering all the stakeholder’s interests’. After which, this code should be strictly adopted and continuously updated according to the Laws released by the Federal State Government. The code should also be updated to avoid the general current malpractices in the companies’ relevant industry.

The organization must also construct a structure to be employed in the event of an ethically concerning situation.

Ethical Decision Steps:

1) Identifying the problem

2) Identifying the impact of the problem and its stakeholders

3) Identifying and analyzing the alternatives

4) Selecting and executing the optimal alternative solution to the issue

The above steps would help the firm quickly make a safe decision to avoid severe negative impact on the company and the customers. The stakeholder theory should be applied while crafting the above structure which leads to a more efficient code of ethical conduct and promote a more ethical behavior in the future.

Bibliography

* Donaldson, T. & Preston, L. 1995. The stakeholder theory of the modern corporation: Concepts, evidence and implications. Academy of Management Review 20.

* Adams, Janet S., Armen Tashchian and Ted H. Stone. (February 2001). Codes of Ethics as Signals for Ethical Behavior, Journal of Business Ethics 29(3).

* Yuthas, Kristi and Jesse F. Dillard. (March 1999). Ethical Development of Advanced Technology: A Postmodern Stakeholder Perspective, Journal of Business Ethics 19(1).

* �The ChoicePoint Data Security Breach (Feb. ’05): What It Means for You”. Privacy Rights Clearinghouse / UCAN, Posted February 19, 2005. http://www.privacyrights.org/ar/CPResponse.htm, Accessed on 20th Jan 2010.

* �Privacy at ChoicePoint”. http://www.privacyatchoicepoint.com/index.html, Accessed on 20th Jan 2010.

* Robert O’Harrow Jr. �ID Data Conned From Firm”. The Washington Post, Posted on 17th Feb 2005. http://www.washingtonpost.com/wp-dyn/articles/A30897-2005Feb16.html, Accessed on 20th Jan 2010.

* Jonathan Krim. �Consumers Not Told Of Security Breaches, Data Brokers Admit”. The Washington Post, Posted on 14th April 2005. http://www.washingtonpost.com/wp-dyn/articles/A51722-2005Apr13.html, Accessed on 20th Jan 2010.

* �California Security Breach Notification Law Goes into Effect July 1, 2003″. Privacy Rights Clearinghouse / UCAN, Posted June 23, 2003. http://www.privacyrights.org/ar/SecurityBreach.htm, Accessed on 20th Jan 2010.

7 Challa Ramana Kishore

LSBF ID: A4012266 | GGSB ID: 090290

[1] Carroll & Buchholtz 2000:35

[2] �Batteries.com Data Breach”, Posted on June 2nd 2009.

About this essay:

If you use part of this page in your own work, you need to provide a citation, as follows:

Essay Sauce, Business ethics. Available from:<https://www.essaysauce.com/business-essays/business-ethics-2/> [Accessed 19-04-26].

These Business essays have been submitted to us by students in order to help you with your studies.

* This essay may have been previously published on EssaySauce.com and/or Essay.uk.com at an earlier date than indicated.