MMM343 Business Ethics: Facebook's Data Breach and Ethical Analysis

Verified

Added on 2023/05/29

AI Summary

This report analyzes the ethical implications of Facebook's data privacy breach, particularly focusing on the Cambridge Analytica scandal. It examines the lack of protection for user information, the violation of privacy laws, and the potential manipulation of political preferences through data exploitation. The report discusses the responsibilities of organizations in handling private information, emphasizing the importance of proactive measures, proper data disposal policies, and adherence to privacy legislations. It highlights the potential consequences of privacy breaches, including financial losses and reputational damage. The report concludes by recommending aggressive privacy protection approaches, comprehensive understanding of organizational obligations, and contractual safeguards with third parties to mitigate future risks. Desklib provides access to this and other solved assignments.

Business Ethics 1
BUSINESS ETHICS
BY
Name
Professor
Course
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Business Ethics 2
Article 1
On November 27, 2018 at exactly 11.28pm, Frank Augstein published an article in ‘ABC News’
online newspaper portal titled “Nine countries grill Facebook in Westminster, saying democratic
institutions 'upended by billionaire frat boys.” Frank reports the outcomes of Facebook Inc. after
the company faced complaints against alleged misconduct in which involved conceptions of
privacy, truth, and democracy. According to the reporter, the founders of Facebook decided to
fore-go hearing after they were summoned. The summoning was because Facebook Inc.
allegedly went against privacy laws and thus, charged with foreign interference with the U.S.
election results and the 2016 Brexit votes. The report further states that after Mark Zuckerberg –
the CEO of Facebook declined attending the summon by the British and European leaders, the
Facebook’s chief of European policy Politicians was called for hearing instead. In the
Westminster hearing, lawmakers from the U.K. posed questions alongside Brazilian,
Argentinian, Canadian, Singaporean, as well as Latvia parliamentarians among others. However,
the chief of European policy refused to cooperate, was forced to attend parliament proceedings,
and threatened will fines for contempt of court and possible jail time (Augstein, 2018).
What is intriguing about the article written by Frank is the level of deceit that Facebook has
played on its users. Charlie Angus states – and quoted by the writer that nothing in the form of
Facebook’s operational deceit has been witnessed before. While consumers are using their apps
and playing by their phones, Facebook is in the process of upending world democratic
institutions (with the narrator describing the CEO as a frat-boy billionaire from California).
Angus then adds that by the organization of Facebook trying to use the tactics of misinformation
– instead of practicing accountability; it has lost the trust of the people (Ferrell & Fraedrich,
2015). However, regulators are concerned while many other global lawmakers trying to pressure

Business Ethics 3
Facebook to provide an explanation to why Facebook declined protecting information privacy
for its users. Cambridge Analytica is among several institutions that worked alongside Facebook
to perform data breaches. According to reports, Cambridge Analytica used Facebook – back in
2014 to acquire the 50 million user profiles for its research processes (Basu, 2010). By providing
the 50 million user profiles, Facebook conducted a consequential data breach compared to none
in the entire social networking history. By exposing private information to its users, business
organizations have reported several problematic aspects of Facebook’s case. Most importantly,
serious ethical misappropriation takes place as soon as Cambridge Analytica gets involved in the
harvesting of private data of unknowing individuals (Cambridge Dictionaries, 2014). To make it
worse, not a single Facebook user was noted on the existence of surveys from Cambridge
Analytica and that personal information would be provided to a third party. The act – among
other several misappropriations go against the terms of service of Facebook. According to the
Federal Trade Commission’s guidelines, it is important to destroy information once they reach
unauthorized individuals. However, Facebook never complied with such guideline and ended up
keeping the data all the same (Rees & Smith, 2017). Afterwards, the Facebook gave Cambridge
Analytica was instrumental in creating techniques and models that influence Americans voted.
However, upon question, Cambridge Analytica denied ever receiving public information from
Facebook. As reported by its chief executive officer, Cambridge Analytica denounced being part
of providing service towards encouraging Trump’s win during the presidential campaign in
2016. On the other hand, questions arose whether Trump’s win in the just ended presidential heat
was advantaged by corruption of election data. Related research outcomes also show that
Facebook attempted to cover up the case by suspending Cambridge Analytica two year after the
discovery of the breach (Ruthergien, 2016). ABC News reports that some data related to the

Business Ethics 4
incident is still present in the internet. Moreover, in as much as Cambridge Analytica denies
inappropriately using data provided by Facebook, a whistleblower – who also happens to be a
former employee in the company, emphatically contradict such claims (Apple, 2014).
Currently, Facebook closes to about 2.1bn clients. From the 2.1bln, around 1.7bn uses the
platform on a daily basis. Since it is a social networking platform, individuals have the freedom
to share photos, ideas, as well as life events with family members and friends. Therefore,
Facebook has to provide the highest user image as well as the finest media company – while
noting that it also emphasizes on user emotions. However, with time, Facebook has become a hot
bet for business activities with advertisers targeting more than half the 2.2bn users to market
their brands (Andreotti & Pashby, 2013, pg. 231). However, few years ago, researchers
highlighted that the algorithms of Facebook could be employed in predicting political and or
product preferences using Facebook ‘likes’. Such researchers were however; more concerned
with privacy implications since Facebook's default likes settings is public. Therefore, Cambridge
Analytica – while using the research outcomes performed years ago as its basis of breaching
private information, thought it had the ability to change the politics of U.S. through exploitation
of insight. From such ethical incidences affecting the operation of Facebook, it is clear that
companies should protect private information of its customers. With technology growing
broader, millions of individuals are victims of privacy breaches and associated outcomes
(Andreotti, Jefferess, Pashby, Rowe, Tarc & Taylor, 2010, pg. 11).
The law is clear about breaching personal information. The access of an individual’s public
information is termed as privacy breach. In most cases, privacy breach occurs in the form of
disclosing personal data against privacy policies and legislation. Different statuses define
personal information differently (Articadv, 2014). However, private information forms the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Business Ethics 5
building block of several privacy laws. There are several types and examples of personal
information. However, examples that are more obvious include one’s nationality, home address,
ethnic origin, religion, color, marital status, level of education, or criminal history among others.
Most importantly, information privacy breach may be inadvertently or intentionally with the
outcomes devastating to its victims. Intentional information privacy breaches involve
manipulation of technology or thievery mostly used to protect or catalogue personal information
(Brea-Solís, Casadesus-Masanell & Grifell-Tatjé, 2012). The process may also involve hacking
that is about breeching electronic safeguards computer systems. When hacking is involved, the
problem might be serious since many multinational companies and government agencies rely on
databases that are heavily computerized. Intentional breaches may be vicious as well because
they may occur due to deliberate desires to collect, access, disclose, or use personal information
with the intention of perpetrating a crime or causing disturbance (Ferrell & Fraedrich, 2015).
On the other hand, information privacy breaches may result from ignorance or human error.
Breaches that result from ignorance and human error happen due to mistaken disclosures,
careless practices, or communication breakdowns. However, it does not matter that such
breeches are performed without malice since they are as greave as intentional breaches. When
privacy laws are breached, affected individuals are most likely, standing a chance of losing their
jobs and opportunities, face identity theft and physical risks, as well as embarrassment (Miller &
Le Breton-Miller, 2005). Most importantly, private information breach may cause financial
losses to major multinational firms. No matter the kind of breach that an organization faces – and
whether the information achieved illegally is used in fraud perpetuation or not, the organization
will face the same consequences of private information breach. Otherwise, it is prudent that
organization be aware of the responsibilities they hold towards handling private information – as

Business Ethics 6
stipulated in the laws governing the land. Therefore, business organizations should implement
practices that prevent private information from reaching the domain of unauthorized personnel
(Andreotti & Pashby, 2013, pg. 230).
To conclude on this matter, it is important to destroy private when usage is complete. Coming up
with proper disposal and information destruction policies is vital in preventing breaches. Policies
of destroying personal information should account for the destruction of technological and
physical elements of the information. Most importantly, hard copy or paper records with
personal information need shredding. However, the process of destroying personal data should
be monitored and certified (Bysani, 2013). On the other hand, unnecessary electronic files need
to be destroyed or wiped out. It is also important that organizations respond to privacy breaches
by enacting preventative measures and best practices. As mentioned before, information privacy
breach may be inadvertently or intentionally with the outcomes devastating to its victims. For
intentional information privacy breaches, thievery or manipulation of technology is employed
with the intention of protecting or cataloguing personal information (Grollman, 2014, pg. 6). The
process may also involve hacking that is about breeching electronic safeguards computer
systems. Intentional breaches may be vicious because they are likely to occur as deliberate
desires to collect, access, disclose, or use personal information with the intention of perpetrating
a crime or causing disturbance. However, information privacy breaches may result from
ignorance or human error. Breaches that result from ignorance and human error happen due to
mistaken disclosures, careless practices, or communication breakdowns. Contrarily, privacy
protection weaknesses do not create alarm in most cases until breaches occur. In such a case, the
breach is described as an outcome of employing business practices that are faulty. The breach
may also result from operational breakdowns (Belcher, 2009). Therefore, an organization must

Business Ethics 7
employ strategies as soon as possible to rectify cause damages. When a breach occurs, the first
72 hours is important towards its containment and the potential damages or harm that the third
parties or the organization may suffer. When an organization is sluggish in its containment
processes, the damages that the breach may have on organizational stakeholders may be
detrimental (ACSI, 2014). Therefore, managing the situation may be difficult. Apart from that,
employing privacy legislations and organizational policies is important. As mentioned before,
the law is clear about breaching personal information. The access of an individual’s public
information is termed as privacy breach. In most cases, privacy breach occurs in the form of
disclosing personal data against privacy policies and legislation. Different statuses define
personal information differently. However, private information forms the building block of
several privacy laws. Most importantly, by ensuring that organization personnel understands the
obligation of keeping private data undisclosed, then third parties to whom access to private data
is granted must also comply with the stipulated policies on information privacy (Ferrell &
Fraedrich, 2015). In addition, third party compliance obligations must be contractually written to
avoid misunderstanding – as well as establishing standards as agreed upon. The contractual terms
must seek to solve information security issues to avoid private information disclosure. The
contractual terms must also help in investigating privacy breaches allegations while responding
to claims and inquiries from government officials and individuals. By ensuring that the
contractual terms have an audit – that is favoring the organization in relation to the practices of
the third party, then it is easy for the third party to comply with the stipulated obligations against
privacy infringement (Azyan, Pulakanam & Pons, 2017, pg. 471).
How, therefore, can Private Information Breach be Reduced? This section will highlight
recommendations – or best practices to limit situations of information misappropriation. First,

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Business Ethics 8
organizations need to adopt aggressive and proactive approaches. However, privacy practices
should be built on four pillars. The first pillar is that an organization’s management should
understand the obligations of the firm under applicable standard and law. Therefore, the
management of the organization must understand regulatory and statutory obligations as
highlighted in the legislation of the land. In addition, the firm will have to review its privacy
policies, industrial standards, and contracts with third parties – binding the firm to operate in the
manner that it does. The second pillar is the fact that managers should be able to properly
understand their organization’s practices towards handling private information. Such
understanding should be broad enough to encompass knowing the source and nature of private
information on intake as well as knowing how an organization stores, uses, discloses, and
transfers personal information. Other aspects include understanding how the firm deletes, renders
anonymous, or destroys private information already rendered useless. Therefore, organizations
should develop and implement technology-based and wireless security protections to reduce
unauthorized access of personal information (Sekaran & Bougie, 2016). In addition, the use of
digital locks, password protection, and encryption programs may help in reducing hacking and
theft cases. In many organizations, encryption of personal information is employed as a standard
mechanism towards storing personal data. The third pillar is that organizational management
should enact privacy policies. The privacy policies, however, should portray practices of
handling private data in compliance with the applicable standards and the law of the land. The
final pillar encompasses implementing provisions of the formulated policies after developing the
policy (ACSI, 2014). One of the instrumental elements of carrying out such an implementation
process is that the management of the organization ensures that officers, employees, consultants,
directors, and third parties comply with the policies as formulated. In case officers, employees,

Business Ethics 9
and directors do not get proper education on the stipulated privacy infringement laws and privacy
policies as stipulated, it is difficult to prevent privacy breaches (Thames & Schaefer, 2017). As
aforementioned, an organization that ensures its personnel understands the obligation of keeping
private data undisclosed also ensures that the third parties to whom access to private data is
granted must also comply with the stipulated policies on information privacy. Most importantly,
third party compliance obligations should be contractually written to avoid misunderstanding and
establish standards as agreed upon. The contractual terms must seek to solve information security
issues to avoid private information disclosure. The contractual terms must also help in
investigating privacy breaches allegations while responding to claims and inquiries from
government officials and individuals. By ensuring that the contractual terms have an audit – that
is favoring the organization in relation to the practices of the third party, then it is easy for the
third party to comply with the stipulated obligations against privacy infringement (Louis, 2017).
Article 2
Zoe Wood – on November 5, 2018 at 0601hours GMT, published an article on “The Guardian”
called “Traidcraft eyes young ethical consumers with rescue plan.” According to Wood (2018), a
retailer firm by the name ‘Traidcraft’ – on the brinks of closure, re-strategized t target ethical
consumers, more so, younger consumers. Since the firm is based on religious doctrines, its
traditional marketing and supply chain management technique involved working with volunteers.
Such volunteers were charged with circulating tea and coffee products at school fairs and church
hall stalls. However, at the beginning of November, the firm broke news by warning about its
intentions to stop trading. However, the management claimed that the business would only
continue with its processes if it were able to develop a model that would ensure profitability -
after registering poor sales caused by the shock that Brexit had on the pound. However, Zoe

Business Ethics 10
Wood claims that Traidcraft’s CEO, Mr. Robin Roth showed up on behalf of the organization to
clear the air. The CEO claimed that the firm had developed a strategy to keep its operational
hopes alive after it sorted pieces of advice from different stakeholders. The main message that
the CEO put to the media is that Traidcraft got pieces of advice against giving up. Traidcraft
operates from Gateshead and will clock 40 years of operation by 2019. However, the company
has fired about 80% of its staff while also outsourcing its warehouse. In the beginning of next
year, the company will re-launch operations using a paid-for membership scheme entitling
customers to discounts (ACSI, 2014). The company also intends to reduce the range of products
sold to put more focus on popular items like tea, coffee, rice, and sugar instead of handicrafts. As
a company, Traidcraft struggles because of the Brexit affair with church attendance reducing.
Mostly, the reduction of church attendance was because of the austerity cuts impact on the
standards of life in general. The Traidcraft micro business recorded a drop in sales from
approximately £17.5m back 2010 to about £9m by March 2018. Within a span of five years –
from 2013 to 2018, Traidcraft has also fired close to 1500 volunteers running weekend stalls
leaving behind approximately 4,250 elderly volunteers. However, the reaming stallholders can
only generate half the total sales. Traidcraft, according to one of the leader in the organization, is
a business venture paying up front (Uzuner-Smith & Englander, 2015, pg. 69). Therefore, with
the falling of the pound after the Brexit referendum, the organization took a hit. However, the
company stands on its prices as published unlike other retailer firms that changed prices after the
Brexit event. The most important moral aspect that Traidcraft demonstrated is standing by the
customers and absorbing additional costs – with rise in prices kept as minimum as possible
(Ferrell & Fraedrich, 2015). In the olden days of 1980s and 90s, Traidcraft promoted the
development of fair trade products. However, Roth, one of the managers at Traidcraft, elaborated

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Business Ethics 11
that the company is currently “sidelined” with major supermarkets in the country hitting the
£1.7bn market. Therefore, for Traidcraft to gain to regain an upper hand in the market, it needs to
come up with radical agenda by having the product prices broken down. By breaking down
product prices, Traidcraft will make transparent the prices, costs, and profits aligned with every
sold product (Green, 2016). Most importantly, Roth believes that Traidcraft has the capacity to
operate beyond boundaries of what individuals understand about fair trade. In the article, the
writer makes it clear concerning how agitated Roth is when saying that they cannot let
supermarkets define fair trade for micro organizations. In fact, Roth believes that Traidfact
should lead the market while other organizations follow. The aim of Traidfact, therefore, is to
cause good trouble by envisioning onto the historical trajectory of Traidcraft – using the
objectives that were laid in 1979 by the six pioneers of fair trade. Among the strategies that the
company intends to employ include (1) encouraging customers to venture into new food trends
like zero-waste shopping (2) adopting cooperative sales and marketing and (3) addressing
younger audience to encourage the production of vegan, ethical, and organic goods (Sabah,
2016).
Otherwise, what do we need to know about fair trade? Fair Trade happens to be a partnership for
trading. The basis of Fair Trade is transparency, dialogue, and respect. With transparency,
dialogue, and respect, greater trade equity is achievable in the international block. Fair Trade
contributes to the goals outlined in U.N’s sustainability and sustainable development through
several means including (1) providing better trading conditions (2) ensuring that the rights of
marginalized traders and is secured. Organizations within the fair trade treaty are clearly
committed towards meeting the goals of the partnership and must adhere to the core principals of
its vision and mission (Antonio, 2010). Since clients heavily back the partnership, producers

Business Ethics 12
receive fathoming support. Such support also leads to the creation of awareness towards
amending rules that would increase the efficiency of conventional international trade. Since the
partnership has existed for a long time, the group no longer advocates for trading alone. Fair
Trade (1) tries to highlight on the importance of greater justice in the world of business and trade
(2) tries to showcase the importance of amending trading practices and rules while demonstrating
how successful businesses could give its customers and stakeholders the first priority. Most
importantly, Fair Trade also contributes to the fight against climate change, poverty, and
economic crisis (Brunn, 2016). Therefore, the partnership is about good working conditions,
better prices, fair trade terms, local sustainability, and general sustainable development. Fair
Trade ensures that member companies offer prices at prices that are sustainable – however, such
prices must not fall below market price. In addition, the partnership strives to tackle injustices
within conventional trade – one of which currently discriminates against weak, poor producers.
Therefore, the weak producers are able to have greater control over their business lives and
improve their market position. Fair Trade gives small and large business organizations and
customers the ability to revolutionize trading. By creating simple shopping choices for customers
and businesses, better trading deals are created. Most importantly, small businesses are not
bullied by large businesses into making market decisions (Bennett, Dawson, Bearman, Molloy &
Boud, 2017, pg. 679).
Therefore, does Brexit break or make Fair Trade? To begin with the obvious, the producers at
Fair Trade in developing countries worldwide need assurances whether their goods can undergo
tariff-free trading once Britain decides to leave the European Union. Otherwise, if Fair Trade
cannot provide such assurance, major fallout is likely to be realized. The message is clear from
most campaigners Oxfam, Traidcraft, and the Trade Justice Movement. Traidcraft, for instance,