Legal and Ethical Implications of Facebook's Cambridge Analytica

Verified

Added on 2023/04/23

AI Summary

This essay provides a comprehensive analysis of the Facebook Cambridge Analytica scandal, examining the legal and ethical implications of the data breach. It explores the ethical dilemma arising from Facebook's actions, particularly the violation of user data privacy, and assesses the case using utilitarianism and deontology ethical frameworks. The essay further delves into the legal aspects, focusing on consumer protection laws and cyber law, and how Facebook's practices violated these regulations. It highlights the inadequacy of current consumer protection policies and the need for stronger regulations to safeguard user data in the digital age. The essay concludes by summarizing the key findings and observations regarding the scandal's impact on consumer rights and the legal environment of business.

0
Legal Environment of Business
Facebook Cambridge Analytica Scandal

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
The impact of corporations on the public has increased substantially with the
popularity and implementation of advanced technologies in the business. Organizations use
these technological advancements in order to improve their products and services along with
their operations. However, it has become difficult for them to comply with relevant legal and
ethical principles while conducting their business which adversely affects the interest of
customers. The importance of customer protection policies has increased significantly in the
past few decades as it became easier for companies to exploit their rights (Wu, Huang, Yen
& Popova, 2012). The corporations avoid compliance with corporate governance principle
while conducting their business operations which leads to violation of the interest of their
stakeholders. In this essay, the case of Facebook will be evaluated since it has been in the
news recently due to violation of consumer protection policies. The key ethical dilemma
which arises in this case will be evaluated along with an analysis of the case by using two
ethical frameworks which will be used to evaluate the decision of the management. The legal
concept of consumer protection and how it has violated by Facebook will be assessed in this
essay. Additionally, three legal topics will be applied to this case in order to evaluate the
decision taken by the management. Lastly, a conclusion will be drawn based on the above
observations.
Ethical Dilemma
Recently, Facebook was in the news due to a recent controversy titled Cambridge
Analytica scandal. This was a major scandal in which the private data of more than 87
million Facebook users were breached by the company called Cambridge Analytica (Waters,
2018). The users of Facebook are considered as its customers since they use its services
and in return, the company uses their data to show them advertisements as per their
interest. This data was collected by the corporation in order to find potential voters for
supporting the Presidential Campaign of Donald Trump in 2016. A major ethical dilemma
which arises, in this case, was that this breach was occurred due to immoral actions of the
management of Facebook. The corporation launched a platform in 2010 called Open Graph;
this platform was launched to attract more developers in the company. This platform enables
developers to collect private data of users and people added in their friend list by only getting
the acceptance of single users. In 2013, an application was launched on Facebook called
‘thisisyourdigitallife’ which allowed users to create a psychological profile by answering
specific questions. This application was used by 300,000, and it collected their private data
(Meredith, 2018). However, due to the availability of Open Graph platform, this application
was also able to collect the private data of users who were added as friends in the list of
users who give their permission to this application to use their data.

2
Later, the management of Facebook changed the privacy policies of the company,
and they discontinued the Open Graph platform. After a year later, it was reported by the
Guardian that Cambridge Analytica had collected the private data from Facebook users in
order to help and support the Presidential Campaign of Ted Cruz. Later in 2017, it was
reported that the data of Facebook users were used in order to find potential voters for
Donald Trump which assisted in the defeat of Hillary Clinton (Martin, 2018). In the beginning,
it was reported that data of 50 million users are violated; however, this number later
increased to 87 million. The CEO of Facebook, Mark Zuckerberg, apologizes from its users
and promised them to improve the security policies of Facebook. However, the corporation
only changed its policies for asking permission from its users and gave them information
about which applications are collecting their data. The corporation continued collecting the
private data from its users. The Information Commissioner’s Office (ICO) imposed a penalty
on the company for its failure to protect customer rights. A fine of £500,000 was imposed on
the company; however, this did not stop the company from continuing its operations
(Hodgon & Kuchler, 2018).
The Congress established a committee to entertain this matter in which Mark
Zuckerberg appeared to give his testimony. He provided that it was his fault that the privacy
of Facebook users is breached by third parties, and he will ensure that appropriate steps are
taken in the company to protect the privacy of its users in the future (Wong, 2018). However,
no such action was taken by the company, and it continued to exploit the private data of its
users without their permission. Most Facebook users are unaware regarding the fact that the
company collect their private data and use it for different purposes. It raised an ethical
dilemma in the company regarding whether it should continue its operations to maintain its
profitability or should it completely avoid collecting the data of its users to ensure their
privacy. This ethical issue is directly related to the violation of customer rights. It has also
shown that current customer protection regulations are not suitable to ensure that the
privacy of online users are maintained or their customer rights are not violated.
Ethical Framework
The Cambridge Analytica scandal will be evaluated by using two ethical frameworks
which include Utilitarianism and Deontology ethical theory. The Utilitarianism ethical
framework is also called Consequential theory which focuses on the consequences of a
situation while judging its morality. If the consequences of the actions taken by parties are
positive, then those actions are considered as ethical (Drolet & Hudon, 2015). As per this
theory, ethical actions focus on achieving ‘greater good for a greater number of people’. The

3
consequences of ethical actions lead to achievement of greater happiness. As per this
ethical framework, the actions of Facebook and its management are considered as
unethical. The corporation decided to exploit the privacy of its users by launching Open
Graph platform which did not require the consent of its users to collect and use their data. It
shows that the objective of Facebook was to generate more profits by exploiting the rights of
its customers. The consequences of the decision taken by the management of Facebook
resulted in adversely affecting the interest of over 87 million users. These customers were
unaware that the company and its developers are using their personal data without their
permission (Hern & Pegg, 2018). This action did not achieve greater happiness for a greater
number of people since it exploited their data. Therefore, the actions taken by Facebook and
its management are considered as unethical.
Another relevant ethical framework which applies in this scenario is the Deontology
ethical theory. This theory is opposed to the consequential theory since it did not consider
the consequences of the situation. This framework judges the morality of actions taken by
the parties in order to decide whether they are ethical or not. As per this theory, parties
should not violate their duties even if the consequences of such breach leads to positive
outcomes (Ferrell, Crittenden, Ferrell & Crittenden, 2013). This theory evaluates the maxim
of the parties which justifies why they have taken a specific action. In the case of Facebook,
the management of the company violated their duties toward their customers by exploiting
their privacy without getting their permission. A duty is owed by the company towards its
users to ensure that their private data is maintained properly in the company and it is not
being used in an unfair manner. The company has failed to discharge its duties towards the
customers by allowing third parties to access their data without getting their approval first
(BBC, 2018). After this incident, the company continued to conduct its practices without
taking strict actions to improve the private data of its users. The maxim of the company
focused on generating more profits through any medium possible, and the company did not
consider its duties while achieving its goals. Therefore, the actions of the company are
unethical as per the Deontological ethical theory.
Consumer Protection
Consumer protection has become a major issue across the globe based on which the
government has implemented different policies to protect the rights of customers. A good
example is the laws implemented by the federal and state level governments in order to deal
with customer affairs. The Federal Trade Commission is responsible for implementing the
policies of the Federal consumer protection along with the Consumer Financial Protection

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
Bureau, the Federal Trade Commission and the US Department of Justice (FTC, 2019). The
purpose of these policies is to protect customers from unscrupulous business practices of
companies. With the popularity of social media sites and online services websites, the
importance of protection of consumer rights on these digital platforms has increased. These
regulations protect the private data of users which is shared on these online platforms to
ensure that their privacy is not violated. Facebook has to comply with these regulations
because it collects the private data of its users in order to show them relevant advertisement
through which the company generates its profits; therefore, its users are considered as its
customers. The government has imposed policies for customer proprietary network
information (CPNI) which are governed by the Federal Communications Act. These
regulations are imposed by the Federal Communication Commission (Frieden, 2013). Along
with these regulations, the company has to comply with the guidelines issued under the Fair
and Accurate Credit Transaction Act of 2003 and the Children’s Online Privacy Protection
Act of 1988.
Although the current regulations imposed by the government are not enough to
ensure that the rights of users are protected online. The current regulations did not enforce
Facebook to maintain transparency regarding protecting the privacy of its users because the
company did not notify its users that their privacy is breached. Although a penalty of
£500,000 was imposed on Facebook by ICO for its operations; however, this penalty is not
enough to make Facebook and its management realize its mistake. The company generates
more than this amount in less than 10 minutes which shows the inability of customer
protection policies to protect the data of users which is used by company as commodity to
offer their services for “free” (Elliott, 2018). As per the provisions of the California Right to
Know Act, the corporations who are collecting the data of their users have to issue a copy
when requested. Most Facebook users are unaware regarding the fact that the company is
collecting their private data which include details about their likes, preferences, preferred
products and services, political preferences and others. Most users are unaware of how the
company uses this data to generate profits in the business. Due to the lack of regulatory
enforcement, the government of the US established a committee to entertain the case of
Facebook (Lecher, 2018). However, the committee was not able to reach a conclusion due
to the lack of governmental policies which enforce the company to protect the data of its
users.

5
Cyber law
Cyber law is referred to a part of overall legal system in which provisions regarding
governance of the internet, cyberspace and their online mediums are given (Eichensehr,
2014). In the case of the United States, the cyber law policies are not sufficient to ensure
that the data of online users are protected. The legal policies are not able to change as per
the rapid growth in the technology which makes it challenging for the regulators to hold
technology companies liable for their actions. A major issue with current cyber law policies in
the US is that the policies for punishing the corporations for their failure are not given. Due to
the fault of the management of Facebook, the privacy of more than 87 million users was
breached; however, the company was not penalties appropriately for its actions (Osborne &
Day, 2018). There are also no governmental policies implemented in the country which can
stop Facebook from accessing and collecting the private details of its users.
White-collar crime
The criminal activities which are conducted by people while discharging their day-to-
day business activities are referred as white-collar crimes; these crimes include
embezzlement, fraud, extortion, cybercrimes, and bribery (Simpson, 2013). The senior
executives of Facebook were involved in white-collar crimes since they misuse their powers
to conduct fraud to their customers. The company collected and allowed other developers to
collect private information about its users which leads to exploitation of their private data.
The decision taken by the top level management to issue the Open Graph platform shows
that they have prioritized generating profits above the interest of its customers. Through this
platform, the company collected the data of its users without getting their approval which
shows that the company has violated its duties towards its customer and its senior
executives have engaged in white-collar crimes (CPO, 2018).
Corporate Social Responsibility (CSR)
The importance of the social responsibility of companies has increased significantly
as their impacts expand on the customers. The CSR is a business model which they adopt
in order to hold themselves and their executives socially accountable for their decisions. As
per this model, the corporations have to take appropriate measures in order to maintain a
balance between the interests of their stakeholders (Aguinis & Glavas, 2012). In the case of
Facebook, the corporation and its management decided to earn more profits by violating the
privacy of its users. The company did not maintain a balance between the interests of its
stakeholders since it issued platform for third-party developers to access and violate the

6
privacy of users. Moreover, after violation of the private data of users, the company did not
take appropriate measures to stop similar incidents in the future (Grasso, 2018). It shows the
unethical practices of Facebook and its management and how these practices are negatively
affecting the interest of its users.
Based on the above observations, it can be concluded that the actions taken by
Facebook and its management are unethical since the company breached the privacy of its
users. Due to the decisions taken by the senior executives of Facebook to increase the
profits of the company, the corporation violated the private data of its customers which was
used by third parties for illegal activities. The consumer protection policies are violated by
the company; however, the company was not appropriately penalized for its actions due to
lack of availability of relevant authorities. The ethical dilemma which is raised in this case is
evaluated based on two ethical frameworks in this essay. The key consumer protection
policy which is violated by Facebook and its executives and gap in the current area of law is
also highlighted in this essay. Lastly, three additional legal concepts are applied in this case
for its evaluation which includes cyber law, white-collar crimes, and CSR model. The
corporation should adopt a CSR structure to comply with relevant consumer protection
regulations which will enable the company in addressing the ethical dilemma and improving
its overall operations.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
References
Aguinis, H., & Glavas, A. (2012). What we know and don’t know about corporate social
responsibility: A review and research agenda. Journal of management, 38(4), 932-
968.
BBC. (2018). Facebook-Cambridge Analytica data breach. Retrieved from
https://www.bbc.com/news/topics/c81zyn0888lt/facebook-cambridge-analytica-data-
breach
CPO. (2018). Inside the Facebook Cambridge Analytica Data Scandal. Retrieved from
https://www.cpomagazine.com/data-privacy/inside-the-facebook-cambridge-
analytica-data-scandal/
Drolet, M. J., & Hudon, A. (2015). Theoretical frameworks used to discuss ethical issues in
private physiotherapy practice and proposal of a new ethical tool. Medicine, health
care and philosophy, 18(1), 51-62.
Eichensehr, K. E. (2014). The cyber-law of nations. Geo. LJ, 103, 317.
Elliott, F. (2018). Facebook fined 10 minutes’ sales over Cambridge Analytica scandal.
Retrieved from https://www.thetimes.co.uk/article/facebook-fined-500-000-over-
cambridge-analytica-scandal-lcqxhrhjj
Ferrell, O. C., Crittenden, V. L., Ferrell, L., & Crittenden, W. F. (2013). Theoretical
development in ethical marketing decision making. AMS review, 3(2), 51-60.
Frieden, R. (2013). The rise of quasi-common carriers and conduit convergence. ISJLP, 9,
471.
FTC. (2019). What We Do. Retrieved from https://www.ftc.gov/about-ftc/what-we-do
Grasso, C. (2018). Cambridge Analytica and Facebook data breach: A corporate social
responsibility analysis. Retrieved from
https://medium.com/@CSREthicsBlog/cambridge-analytica-and-facebook-data-
breach-a-corporate-social-responsibility-analysis-c295e6889dd9
Hern, A. & Pegg, D. (2018). Facebook fined for data breaches in Cambridge Analytica
scandal. Retreived from
https://www.theguardian.com/technology/2018/jul/11/facebook-fined-for-data-
breaches-in-cambridge-analytica-scandal

8
Hodgson, C. & Kuchler, H. (2018). Facebook formally fined £500,000 for Cambridge
Analytica scandal. Retrieved from https://www.ft.com/content/2f4593ee-d832-11e8-
ab8e-6be0dcf18713
Lecher, C. (2018). Facebook’s UK Cambridge Analytica fine was incredibly small. Retrieved
from https://www.theverge.com/2018/10/27/18029694/facebook-uk-fine-cambrige-
analytica-charts
Martin, A. (2018). Cambridge Analytica and Facebook: What happened and did the company
shift many votes?. Retrieved from https://www.alphr.com/politics/1008854/cambridge-
analytica-facebook-what-happened
Meredith, S. (2018). Here's everything you need to know about the Cambridge Analytica
scandal. Retrieved from https://www.cnbc.com/2018/03/21/facebook-cambridge-
analytica-scandal-everything-you-need-to-know.html
Osborne, C. & Day, Z. (2018). Facebook appeals £500,000 penalty over Cambridge
Analytica scandal. Retrieved from https://www.zdnet.com/article/facebook-appeals-
500000-penalty-over-cambridge-analytica-scandal/
Simpson, S. S. (2013). White-collar crime: A review of recent developments and promising
directions for future research. Annual Review of Sociology, 39, 309-331.
Waters, R. (2018). Facebook sued by US regulator over Cambridge Analytica scandal.
Retrieved from https://www.ft.com/content/683554b2-03c2-11e9-99df-6183d3002ee1
Wong, J. C. (2018). Congress grills Facebook CEO over data misuse – as it happened.
Retrieved from https://www.theguardian.com/technology/live/2018/apr/10/mark-
zuckerberg-testimony-live-congress-facebook-cambridge-analytica
Wu, K. W., Huang, S. Y., Yen, D. C., & Popova, I. (2012). The effect of online privacy policy
on consumer privacy concern and trust. Computers in human behavior, 28(3), 889-
897.