Select one of the case studies found in Collins (2019), found in Part V: Cases. Apply (any of) the ethical principles covered in this course and address the following: Case overview/background What ethical principals were being ignored or violated? What recommendations might you have given to the individual/organization if you were in a counsel or advisory role during the height of the ethical dilemma/crisis? Cite using current APA formatting.
CASE OVERVIEW
The past 10 to 20 years have witnessed significant changes in how society approaches personal data. Advances in technology have improved the ability to amass data in real time and to enhance storage options. In addition, the range of what constitutes “personal data†has dramatically increased. No longer limited to explicit personal information such as a telephone number, Social Security number, and health records, it now includes additional collectible information such as buying preferences and browser history.
As a society, people rely on and reap benefits from the easy collection of data—but this convenience comes at a cost: Data has become more vulnerable and attractive to would-be thieves. In addition, “thieves†have taken on a modern form, shedding their old-fashioned black gloves and lockpicks in exchange for laptop computers equipped with keystroke loggers, IP address spoofers, proxy servers, and other sophisticated cybercrime tools.
One of the more surprising data breaches occurred in 2015 when Ashley Madison, a Canada-based online dating and social networking service that markets specifically to people who are married or in committed relationships, suffered a data “leak.â€1 Somewhat different from a simple data breach, where an intentional or unintentional release results in an unauthorized user acquiring access to personal information, in a data leak personal information gets shared with the general public. This “sharing†is exactly what happened when cybercriminals released information stolen from the Ashley Madison database to the public.2
This case study underscores the importance of corporations exercising responsibility in their collection, storage, and use of personal information about stakeholders (including customers, employees, and the corporations themselves). Although the cybercriminals engage in inappropriate, unauthorized behavior that causes data breaches and leaks, the knowledge that such breaches can occur imposes on organizations the responsibility to invest in top-of-the-line data security systems to fend off would-be cybercriminals. That a data breach occurs is generally de facto evidence that an organization has not invested sufficiently in such technology