A. Definition of Ethics and How Ethics Compare to Law
Businesses are susceptible to ethical and legal issues due to various choices, decisions, strategies, and activities associated with their operations. Making unethical decisions can create many problems in the industry, even though the person who made the blunder will not be charged in the court of law. Business ethics entail the principles, rules, or obligations separating morally right principles and morally wrong principles (Duh et al., 2010). Well-run organizations establish a 'Code of Ethics' that gives their employees a guideline regarding appropriate behavior (Duh et al., 2010). In essence, business ethics are unspoken agreements that set up the company to operate under established rules, but the rules are not binding (Duh et al., 2010). An employee who breaches the rules cannot be punished under the law (Duh et al., 2010). Conversely, legal behavior is binding- written records. It follows the application of law principles- that upon breach of compliance and adherence, the perpetrator can be punished under the law (Herzog-Evans, 2016).
B. Corporate Social Responsibility and How It Relates to Ethical Business Practices
Corporate social responsibility (CSR) is an organizational strategy or initiative prioritized to make the organization more accountable (Windsor, 2006). Organizations employ a business philosophy that guides them to behave with decorum as corporate citizens- to conduct their business in a manner that does not cause environmental pollution or degradation of the environment. With CSR, organizations can maximize their profits by sticking to pro-social objectives. The adoption of practices that boost social responsibiloity allows business organizations to leverage increased stakeholder support, which is instrumental in their survival. Similarly, ethical business practices resonate with the social responsibility of executives of an organization since they have a social impact. As Windsor (2006) postulates, an organization molds its employees' behavior to act ethically to support its social responsibility.
A. Summary of The Ethical/Legal Issues Involved in This Situation
Mountain Top View Company has a principle that reads, "We are committed to keeping customer information secure and protected." The statement is written on the company’s website as a code of ethics to protect customers from infringement of privacy rights. The company protects the names, addresses, and phone numbers of customers. However, the company's database was hacked, and the customers who placed online orders were accessed. Steve, the information technology lead, breached the company's business ethics. First, he did not use his IT expertise to keep its database safe from hackers. Secondly, when hackers accessed the information, they did not take the initiative to inform the customers about this problem. The Privacy Act 1974 gives customers the right to privacy (Eden, 2004). Customers have the right to privacy, and their information is supposed to be protected from hackers. However, the right to privacy is not absolute (Eden, 2004). Hacking is an unintentional act that might be unavoidable by the IT lead.
B. Relevant Stakeholders, Key Facts, And Implications of the Situation
Stakeholders are groups or individuals interested in the organization and help keep the company afloat (Windsor, 2006). At Mountain Top View Company, the investors, employees, customers, and the business support groups are the major stakeholders. Clare is the sole proprietorship business (Mountain Top View Company). Clair's investments align with its ethical and social responsibility to help the public acquire its products. The company has employees like Steve, Carlos Rodriguez, and others. The company's customers purchase the equipment online. The business support stakeholders are social media companies that help market their products. The potential implication is that whenever customers whose information was hacked get to know about the breach, the company will lose its reputation, credibility, productivity, and finance.
A. The course of Action That Support Ethical Practices
Although the company has a code that shows its commitment to privacy protection, it should incorporate the IT lead to take responsibility if unethical practices like hacking are reported. The code of ethics can read, ‘the IT lead shall at all times keep customer information secure and protected.’ The company should engage more with the employee on reporting all matters relating to ethics to relevant leaders. Training of employees on business ethics should be paramount and a priority (Wijesinghe et al., 2021). Steve should be encouraged to learn from his mistakes. Employees should be ordered to report all unethical behavior to the management.
B. Reasons Behind Recommendations
Business ethical codes should be objective enough to allow employees to act with utmost integrity, comply with company policies, procedures, and law, and maintain a professional social responsibility (Archimi et al., 2018). The primary reason for having a focused code of ethics is to enhance a professional standard that fosters credibility, concept, and the organization's image (Archimi et al., 2018). It must guide employees on how to operate. The IT lead should know his consequences in case of breach of the code of conduct. Where an employee does not report the violation, they should face stricter disciplinary consequences. Having a code of ethics without adequately training employees to adhere to it cannot guarantee the absence of unethical conduct. Employees must be prepared to understand risk in the business setting and know the consequence of the breach. Training will help employees to improve their ethical behaviors.
- 3. Conclusion
Today's advances in technology have both legal and ethical implications. Many businesses depend on technology to conduct marketing and advertising their products (Sudha& Sheena, 2017). Online business transactions are protected legally by the parties concerned by placing high-security measures to prevent hackers from accessing pertinent information (Yaqoob et al., 2017). Trackers are frequently installed in transporting companies to monitor products for safety and delivery. However, privacy issues are still prevalent despite installing these digital trackers. Every person has a right to privacy, and tracking the person in every second might be a breach of their rights to privacy. In the US, the right to privacy is enshrined under the Privacy Act 1974.
Ethical test or framework
1. Duty Framework
Decisions from employees about what is ethically wrong or right permeate everyday life (Duh et al., 2010). There has to be an ethical framework to be used by all employees in times of moral dilemma. Making appropriate business ethical decisions require a practical perspective of weighing which framework to based on whether it resonates with the current problem. Three frameworks can guide employees in ethical decision-making: The Virtue framework, the consequential framework, and the duty framework (Brown University).
The duty framework focuses on employees' duties, responsibilities, and obligations in specific situations (Brown University). The framework guides employees to consider their ethical business obligations and practices. In this framework, employees are directed to act ethically in every engagement. The duty framework creates system rules consistent with all cadre of employees. This framework obliges workers to follow moral principles regardless of the outcome and accept any result, even if it is terrible. Therefore, the duty framework works best where there is a need to consider why obligations forbid or mandate a particular course of action.
This framework has several limitations. First, it brings rigidity since not all circumstances are the same. Secondly, it does not give solutions on which duty to follow when two or more situations conflict. The duty framework is appropriate for Mountain Top View Company because employees are directed to act ethically regardless of the outcome of a problem. Steve ought to have reported the breach to customers and management despite the consequences of their action.
2. Application of Duty Framework to The Scenario
First, Steve should have recognized the ethical issue. He ought to have realized that the moral issue was that hackers had gained access to vital information of online customers. The facts that broach here are immorality in hackers gaining access to the data. Secondly, Steve ought to consider the parties involved in the problem to guide his decision. People who were harmed were the online customers- whose information was accessed, and we are not sure of the motive of the hackers. The company was also affected negatively in terms of the loss of corporate image.
Thirdly, Steve should have gathered all pertinent information before taking action. Before correcting the code that allowed the hack, he ought to have gathered information to determine why the hackers accessed the customers ‘data. Besides, Steve ought to have formulated actions to enable him to consider alternative measures. Some of the questions that should have guided Steve’s action are: Which action is the best in this scenario and has less harm? Which action favors respect of the parties involved? Which decision enhances proportionality and equality? Which party adheres to CSR? Which action showcases my skills as an IT manager? Additionally, after observing all the actions, Steve should have made a big decision. Moreover, Steve should have contemplated reporting the matter to customers because that was the best scenario.
Archimi, C. S., Reynaud, E., Yasin, H. M., & Bhatti, Z. A. (2018). How perceived corporate social responsibility affects employee cynicism: The mediating role of organizational trust. Journal of Business Ethics, 151(4), 907-921.
Brown University. Science and Technology; A Framework for Making Ethical Decisions. https://www.brown.edu/academics/science-and-technology-studies/framework-making-ethical-decisions.
Duh, M., Belak, J., &Milfelner, B. (2010). Core values, culture, and ethical climate as constitutional elements of ethical behavior: Exploring differences between family and non-family enterprises. Journal of business ethics, 97(3), 473-489.
Eden, J. M. (2004). When big brother privatizes: Commercial surveillance, the privacy act of 1974, and the future of RFID. Duke L. & Tech. Rev., 4, 1.
Herzog-Evans, M. (2016). Law as an extrinsic responsivity factor: What's just is what works! European Journal of Probation, 8(3), 146-169.
Sudha, M., & Sheena, K. (2017). Impact of influencers in consumer decision process: the fashion industry. SCMS Journal of Indian Management, 14(3), 14-30.
Wijesinghe, D. P. S., Jayawardane, V. P. T., &Dasanayake, S. W. S. B. (2021). Ethics into Practice: Holding Paramount Health, Safety & Welfare of the Public by Entrepreneurial Engineers in Sri Lanka. ENGINEER, 54(03), 87-97.
Windsor, D. (2006). Corporate social responsibility: Three key approaches. Journal of management studies, 43(1), 93-114.
Yaqoob, I., Ahmed, E., urRehman, M. H., Ahmed, A. I. A., Al-garadi, M. A., Imran, M., &Guizani, M. (2017). The rise of ransomware and emerging security challenges in the Internet of Things. Computer Networks, 129, 444-458.
This essay is written by the student of the Valencia College in Orlando, Florida.