This discussion topic is to be reflective and will be using your own words and not a compilation of direct citations from other papers or sources. You can use citations in your posts, but this discuss

Adjust your audio • This is a narrated slide show. Please adjust your audio so you can hear the lecture.

• If you have problems hearing the narration on any slide show please let me know.

1© 2016 John Wiley & Sons, Inc. Chapter 13 Privacy and Ethical Considerations in Managing Information Three Breaches: TJX, Target, Home Depot • TJX Co: largest security breach of its computer system in the history of retailing: 90 million customer records were stolen • Target: 40 million; Home Depot: 56 million • All had to decide between notifying their customers immediately, or waiting the 45 days allowed by the jurisdictions.

• Stock fell 9% a few days after disclosure • Profits fell 46% in the following quarter • TJX:

• Stock fell 8% © 2016 John Wiley & Sons, Inc. 4 Cybersecurity Bill, 18 Dec, 2014 • Supports R&D to develop best practices • Supports education in the area • Prepares the workforce • Federal agencies need a cybersecurity plan:

• Guarantee individual privacy, verify software and hardware, address insider threats • Determine the origin of messages • Protect cloud information and data transmission © 2016 John Wiley & Sons, Inc. 5 Normative Theories of Business Ethics • Managers must assess initiatives from an ethical point of view • Most managers are not trained in ethics, philosophy, and moral reasoning • Difficult to determine or discuss social norms • Three theories of business ethics are useful for assessing an initiative © 2016 John Wiley & Sons, Inc. 6 Figure 12.1 Three normative theories of business ethics.

Theory Definition Metrics Stockholder Maximize stockholder wealth in legal and non - fraudulent manners. Will this action maximize stockholder value? Can goals be accomplished without compromising company standards and without breaking laws?

Stakeholder Maximize benefits to all stakeholders while weighing costs to competing interests. Does the proposed action maximize collective benefits to the company? Does this action treat one of the corporate stakeholders unfairly?

Social contract Create value for society in a manner that is just and nondiscriminatory. Does this action create a “net” benefit for society? Does the proposed action discriminate against any group in particular, and is its implementation socially just?

• Managers are bound to the interests of the shareholders (maximize shareholder value).

• Manager’s duties:

• Bound to employ legal, non - fraudulent means.

• Must take long view of shareholder interest.

• Any group that vitally affects corporate survival and success.

• Any group whose interests the corporation vitally affects.

• Management must balance the rights of all stakeholders without impinging upon the rights of any one particular stakeholder © 2016 John Wiley & Sons, Inc. 9 Social Contract Theory • Corporations are expected to create more value to society that it consumes.

• Social contract:

• 1. Social welfare – corporations must produce greater benefits than their associated costs.

• 2. Justice – corporations must pursue profits legally, without fraud or deception, and avoid actions that harm society.

• What are the advantages of notifying customers early?

• What are the advantages of waiting as long as legally permitted?

• What are the advantages of finding a way to avoid notifying customers?

© 2016 John Wiley & Sons, Inc. 11 Big Data • Can guess income from zip code • Therefore, can identify targets from zip codes • Should you pass up the opportunity to alert potential customers of your products?

• If not, your competitors will get there first!

• Buying habits were shared by other pregnant women:

• Unscented soap • Cotton balls • Vitamins • How did Target reveal this to the dad?

• Target sent her some ads for diapers and maternity clothes © 2016 John Wiley & Sons, Inc. 13 New Study in Science • Take a file from a credit card agency, with disguised credit card numbers: 1.1 million records • 90% of the identities can be found by connecting three things • Information easily found on Instagram, Facebook, FourSquare © 2016 John Wiley & Sons, Inc. 14 Ethical Tensions with Governments • UAE tried to require RIM to disclose confidential information for national security • Sony Pictures had a project ruined by North Korean threats • Google’s features are restricted in China © 2016 John Wiley & Sons, Inc. 15 Mason’s areas of managerial concern “PAPA” Area Critical Questions Privacy What information must a person reveal about one’s self to others?

What information should others be able to access about you – with or without your permission? What safeguards exist for your protection?

Accuracy Who is responsible for the reliability and accuracy of information? Who will be accountable for errors?

Property Who owns information? Who owns the channels of distribution, and how should they be regulated?

Accessibility What information does a person or an organization have a right to obtain, under what conditions, and with what safeguards?

© 2016 John Wiley & Sons, Inc. 16 Privacy • The right to be left alone • Possessing and using the “best” information helps an organization win • High priority: Keeping it safe and secure • Regulations cover the authorized collection, disclosure and use of personal information • But is it clear enough?

© 2016 John Wiley & Sons, Inc. 17 Privacy Paradox • Convenience vs privacy • Make it harder for criminals to steal information, it will be less convenient for genuine users • 15,000 customers in 15 countries:

• Overall, 51% said they wouldn’t trade off privacy for convenience; 27% said they would.

• Teens repeatedly demonstrate a lack of concern about privacy • Often they regret their decisions • 70% of recruiters have rejected candidates for postings they found online • But only 20% strengthened their privacy settings when Facebook began allowing it • Privacy is valued more in Europe than in the US © 2016 John Wiley & Sons, Inc. 19 Software or Site Terms of Service • Ignored widely, often due to length and legal language • Pen Pal’s Terms of Service are longer than Hamlet • Fewer than 2% read the terms • A UK site included selling a person’s immortal soul and thousands accepted it.

• So what’s the concern?

• Easy. Have a third party place content on your page • Widespread practice: DoubleClick has content on thousands of sites • But back to convenience: Without cookies, you could not have a “shopping cart” © 2016 John Wiley & Sons, Inc. 21 Accuracy • Controls are needed to ensure accuracy • Data entry errors must be controlled and managed carefully • Data must also be kept up to date • Removing data after needed or when legally mandated is not easy © 2016 John Wiley & Sons, Inc. 22 Bank of America Example • What did Bank of America do to the couple near Christmas?

• Just from checking out refinancing rates, appearance of risk rose • B of A admitted error but neglected to report this to credit agencies © 2016 John Wiley & Sons, Inc. 23 Property • Mass quantities of data are stored • Who owns the data?

• Who has rights to it?

• Who owns the images that are posted in cyberspace?

Photographer? Subject? Facebook?

• Proper ownership implies legal rights but duties too © 2016 John Wiley & Sons, Inc. 24 Accessibility • Access to systems and their data is paramount • Users must be able to access this data from any location (if legal and it can be properly secured) • Major issue – how to create and maintain access to information for society at large • This access needs to be limited to those who have a right to see and use it (to limit identity theft).

• Also, adequate security measures must be in place on their business partners’ end.

• Create a culture of responsibility • Post policies • Implement governance processes for information control • Avoid decoupling responsibility • i.e., make Managers responsible for their decisions that lead to privacy problems © 2016 John Wiley & Sons, Inc. 26 Green Computing • The digital economy uses 10% of the world’s energy • In 2007, the 5 largest search companies used 2.4 gigawatts.

• Hoover Dam only generates 2.0 • Since then it has reduced thanks to “green” efforts in data centers • Virtualization • Relocation for more natural cooling • e.g., Google in Finland © 2016 John Wiley & Sons, Inc. 27 Triple Bottom Line Impact • TBL (3BL) • People: Being socially responsible • Planet: Saving the environment • Profit: Saving money © 2016 John Wiley & Sons, Inc. 28 Summary • After you have listened to this lecture and read Chapter 13 of your text • Go to the Week 8 Discussion Board and answer the discussion prompt • It has been a pleasure working with each and every one of you.

• Best of luck!