Ethical Issues And Practices In Business Management

Published Date: 02 Nov 2017

Quite simply stated, ethics is a set of moral principles that govern a persons or group's behavior. What isn’t so simple is how these ethics are governed and managed through the broad and ever-changing world of information technology. There are recognized consequences for actions that are deemed inappropriate by society. For instance, if you steal your neighbor’s car, it is widely known and accepted that you will be punished in some form. We as citizens, accept the punishment as "just" for the safety and well-being of the greater good.

When businesses, management, or others do not maintain standards of ethical behavior costs can be exorbitant. An example of this occurred in 2010 when a data breach report was investigated and the results showed a loss of $7.2 million (Mooney, 2012b). Although most businesses have self-imposed standards of ethics in place, without a universal set of rules, companies remain at a higher risk of financial loss. Pryor (as cited in Mooney, 2012c) states:

As more and more of our personal information is collected and stored online and on computers, we need to ensure that the businesses storing this information are keeping it safe and giving us quick warning if it falls into the wrong hands.

Another study by Ponemon Institute concluded that cybercrime costs American corporations billions of dollars annually. In addition, the study found that hackers were regularly penetrating corporate network defenses. Over a four-week period, 45 companies participating in the study experienced 50 successful attacks per week or more than one successful attack per company each week (Mooney, 2012d).

Because of attacks like this and the financial burden to thwart such as attacks, companies are scrambling to fortify online security. Many people believe that some companies, in an attempt to heighten security, have unethically invaded the privacy and safety of consumers. In 2011, a lawsuit was filed against Aaron’s Inc., an office supply rental chain, alleging that the company secretly spied on customers. Aaron’s is alleged to have loaded spyware onto computers that it rented to customers. The spyware could then track the customers’ keystrokes, take screenshots, and even take a webcam image of customers using the computers in their homes or offices (Mandak, 2013).

According to Lipka, consumers were outraged when Sears Holdings was accused by the Federal Trade Commission (FTC) for using inappropriate measures to track online shopping of their customers. People were outraged that the penalty Sears received was a mere tap on the wrist. Sears failed to disclose that the software application consumers were purchasing, when installed, would monitor nearly all of internet behavior that occurs on consumer’s computers including miscellaneous dialect exchanged between shoppers and other entities that had no affiliation with Sears whatsoever. Certain information about customer’s shopping habits and sessions, that were supposed to be secure, were tracked and sent to remote computers at Sears. Some of this information was not even related to internet use (Lipka, 2009).

Some people fear that even the government is spying and collecting information on its citizens. The Utah Data Center, also known as Intelligence Community Comprehensive National Cybersecurity Initiative Data Center, is a data storage facility for the United States Intelligence Community that is meant to be the main storage location which has the ability to retain data on a scale of yottabytes (10008 bytes). As with most government initiatives, the primary reason for its existence and use is classified information, but, its purpose – as its title specifies – is to support the Comprehensive National Cybersecurity Initiative (CNCI). The NSA or National Security Agency is the executive agency for the Director of National Intelligence. Critics contend that in an attempt to store and protect the public’s information, the government is violating personal liberty, security, and privacy. Some have serious concerns about the collection and storage of so much data in one location.

Thomas Drake, a former NSA employee states, "It raises the most serious questions about the vast amount of data that could be kept in one place for many, many different sources," (Fox News, 2013). Drake goes on to say that Americans should be concerned about letting the governments go too far in order to ensure secure environments.

"It's in secret so you don't really know," Drake explained. "It's benign, right. If I haven't -- and if I haven't done anything wrong it doesn't matter. The only way you can have perfect security is have a perfect surveillance state. That's George Orwell. That's 1984. That's what that would look like (Fox News, 2013)."

Credit card fraud is another concern when it comes to the ethical handling of personal information. Although it is not as damaging to the public as a whole, it can be devastating at the individual level. In the old days – that is, prior to the late 1980’s and advent of Internet e-commerce – credit card swindlers were required to steal cards themselves, or buy stolen cards from a motley collection of pickpockets, muggers, purse-snatchers, and burglars. Next, in order to use a stolen card, the thief or an accomplice would have to physically take the card for purchases, putting him at risk. Today, technology has minimized those risks and made the process simpler for prospective thieves. Cyber thieves no longer need to see credit cards, much less steal them, before they spend the victim’s money.

Credit and debit card fraud is huge business in modern America. Visa Corporation reported a $490 million loss from these types of crimes in 1997, while reporting that the rate of fraud had dropped from previous years. Unlike the criminals of the past, where proximity was a must, these new cybercriminals are able to execute their crimes from a safe distance – sometimes from as far away as the other side of the globe.

Managing IT crime is an endeavor we must take on and manage as a society at every level. Too many opportunities for fraud, crime and misuse are available to criminals. One such offense is hacking. Hacking, whether performed by teenagers or sophisticated gangs akin to crime, is considered a significant national and global threat on communication infrastructures. Idealistic hackers refute a pertinent interest in making a profit off of their activities and cite their doing it for freedom of information. Crackers, however, dedicate themselves to large sums of cash, as well as personal and confidential information for the purpose of monetary gain (Newton, 2004a).

Limitation of Findings

In the world of information technology, there are businesses across the globe that are struggling to work together to come up with a common ethical system that is fluid and effective in our vast information society. Management is being held accountable more now than ever before and stricter laws are being executed pertaining to Information Technology as the society broadens. Without such rules, chaos would reign and security would most certainly be compromised. The Computer Crime and Intellectual Property Section (CCIPS) is responsible for implementing a plan and strategies to fight computer and intellectual property crimes worldwide.

Because of Agencies such as CCIPS, the United States is able to investigate and prevent worldwide crimes by working with other government agencies, private sectors, academic institutions, and foreign counterparts. The Section’s enforcement responsibilities against Intellectual Property (IP) crimes are similarly multi-faceted. IP has become a major player in the United States economy, therefore the country is targeted frequently by predators that are seeking this intellectual property such as trade secret designs or copyrighted material. Complex investigations are routinely run and unique investigative issues are being solved daily.

Global Limitations

Information is unique in that it is intangible and, as such, extremely susceptible to theft. Advances in Information Technology (IT) have allowed dishonest marketing techniques to be utilized and opened a communication bridge to potential victims in foreign countries. Fraudulent transfer of assets from the United States to foreign countries has been a gripping problem to tackle. International policies are non-existent that would allow the Federal Trade Commission to retrieve certain asset information from fraudulent marketers in foreign countries. It has become clear that the international markets have become highly susceptible to unethical practices.

A massive marketing and advertising scheme uncovered by the United States Justice Department revealed that over four million personal computers were maliciously infected with malware that sent internet users to unwanted websites that, in turn, resulted in over fourteen million dollars in advertising profits that were entirely the result of fraud. The malicious software that was credited for the fraudulent activity changed settings in user’s machines in more than one hundred countries worldwide. Over five hundred thousand of the infected computers were in the United States (Chabrow, 2011).

Crimes such as these are on the increase as internet use and large capacity data centers become more commonplace. New laws, such as The Cyber Intelligence Sharing and Protection Act (CISPA) are being passed to protect users globally from possible threats. These new laws however, are not without controversy. Criticism of this bill, and others like it, is beginning to mount as several free speech and civil liberties groups are lining up against CISPA. The main reason for criticism is the possibility of internet freedom and privacy being lost with the implementation of the bill; basically the Fourth Amendment of the United States Constitution will be null and void. Many believe the unpredictable wording of CISPA could possibly lead to companies releasing information not pertaining to cyber attack issues. There is also a concern about the bill because it would give military agencies, like the National Security Agency, the ability to access the private and personal information (Sasso, 2010). The fear is that much if not all the information collected by the government could be shared in part or in whole by those institutions it was deemed to protect. These bits of data which contain private information could be stored in facilities much like the Utah Data Center and used for purposes other than their intended use.

Ones such worry is a global spy system whereby even your resemblance would be considered data and as such, placed in your information file for future use. Biometrics, the use of automated technology to identify individuals via specific physiological or behavioral characteristics, is feared to be a possible target. Although its intention is to prevent crime, some feel it could be compromised and used to violate human rights. Verification devices such as fingerprint scanners, retina scanners, facial recognition scanners, and hand scanners are all ways corporations and other entities could use biometrics to ensure the security of their physical or intellectual property. An example of ways biometrics might be used is by tracking attendance at the workplace or gaining entrance into a secure location. Places such as banks, hospitals, incarceration facilities, or government agencies all have areas in which the general public would not be granted access. It is critical that these locations remain secure in order to protect the entity’s assets, intellectual property, or protect the public from harm. Biometric devices being utilized today include vaults, safes, custom vehicles, home security systems, personal computers, access to jails or prison cells, and various weapons such as smart guns that have been built to work only if held in a particular hand.

After the tragedy that occurred on September 11th, 2001 in New York City, demand for the implementation of biometric scanners and devices increased exponentially. Soon, however, problems were noted with the technology. The most serious of these problems and a major concern for activists, is that biometric scanners do not use pure images to calculate their decisions, but use a form of template instead. The templates are tiny files that derive its information from meniscal personal traits or characteristics. But, like any computer system, database, or file, the templates were very susceptible to harm and security breaches. Nothing is perfect and no one person will place their hand, finger, or another part of their body on a scanner the exact same way. The difference is sometimes microscopic, so ensuring one hundred percent accuracy during each biometric scan is almost impossible to achieve (Newton, 2004b).

Chalmers states:

Critical losses would occur if biometric failures were to be targeted by any number of internet savvy persons or groups. Jails could be opened, bank accounts drained, businesses could be brought to their knees with the implementation of a virus or the right coding. All it takes is someone with a message to have a bad day (Chalmers, 2013).