Introduction
Vodafone is a mobile service provider. Cases have been reported of security breach within the company as leaks have been realized into people’s personal details accounts. The accounts which are supposed to be guarded under the company’s internal security systems are reported to be available over the internet where they are accessible to anyone subject to application of the company’s password.
There have been reports of leaked password to a number of people who are in a position to further expose the password to any person who can then use the password to access people’s accounts.
Reports of people checking on their spouses’ accounts have for example been reported. The company, however, claimed it would check on its control measures and admitted that the security breach was substantial (O’Brien, 2011, p. 1). This paper seeks to discuss ethical principals with respect the case study. The paper will look into a number of ethical principals that were breached by the Vodafone Company with respect to the breach.
Ethical Principals
Ethics is the concept of knowing the right and wrong things. It deals with making decisions on the right thing to do and taking full responsibility for actions. Every decision involves its side effects which can either be good or bad.
Principles of ethics are outlined statements or values that relates to the things that are acceptable and those that are not acceptable. Examples of ethical principals include values such as respect for “people’s privacy”, people taking responsibility over what they do, acting in the “best interest of others,” (Goree, 2007, p. 10) fairness among others.
Principles of respecting people’s privacy
As a move to uphold ethical principals, a person or an entity is for example expected to respect other people’s privacy. Respecting the privacy of a person or an entity involves refraining from getting into private information about these people or entities.
It also involves safeguarding information that an individual, whether a person or an entity has been entitled with. Information of a subject that has been revealed to another is for example retained as a secret by the latter party. Information that is provided to a corporate body by its customers is strictly expected to remain in safe custody of the institution unless otherwise allowed by the customer.
Such permission to reveal a customer’s private information by an institution is required to be in a written form. Institutions or individuals are only allowed to reveal such customers’ private information without customers’ consent on condition that such information is a threat to the customer or to other people (Weinstein, 2009, p. 1).
Anybody that is entrusted with such private information is further required to inform their customers of circumstances under which the customer’s right to privacy can be breached (Europsyche, 2002, p. 1). The ethical principal of respecting people’s privacy is also covered in the general principle of respecting people. It also covers the respect for a person’s rights in general that includes right to privacy and dignity (Campbell and Houngton, 2005, p. 280).
The Vodafone Company can for this particular case be seen to have violated the ethical principle of privacy. The company is supposed to, under this principle; take necessary measures to ensure that unless allowed by legal provisions, their customers’ accounts remain in safe custody of the company.
Allowing the secret codes into the company database to be revealed to people outside the company creates an ethical breach. Usage of the company’s breached information system by individuals to investigate on the behavior of people’s spouses or that of other people also have the potential of destroying people’s reputations thereby infringing the principle of privacy (O’Brien, 2011, p. 1).
Acting in the best interest of others
Ethics also require that an organization acts in the best interest of their customers or clients. This is called the concept of beneficence. Under this principle, an entity is expected to ensure that the best interest of its client is put first in the entity’s operations. An institution is therefore expected to fulfill its customers’ expectation in all aspects of utility. Measures such as continuous assessments are therefore supposed to be taken by any corporate entity to ensure that the customers’ interests are properly protected (Play, 2008, p. 1).
Acting in the best interest of others also involves exposing other people to what one expects others to expose him or her to. Management of a corporate body together with employees of the body should take measures to protect their customers in the exact manner in which they expect others to treat them if they were instead customers (Fallon and McConnell, 2007, p. 334).
The case study reveals a breach of this principle by the Vodacom Company. A person’s details such as residence are critical security information that should not be let to the general public access. There are chances of thieves or even gangs tracing a person to his or her home, a case that can at times cost lives or property or even both. Such breach of information is in the first place a security threat to these clients.
The company, by failing to provide a mechanism by which this information could be protected, compromised its duty to care for its customer’s interests. Allowing access to information that is for example used by people to investigate their spouses also has an impact of causing tensions or even separations in families. People who are forced into such situations by such leaks from the company would suffer from the company’s irresponsibility to care for its customer’s best interests (O’Brien, 2011, p. 1).
Principle of taking responsibility for actions
The principle of taking responsibility is rather a wide one. It seemingly covers other principles that require a level of commitment of an entity to its clients. An entity is supposed to be responsible for all undertakings that will ensure that the rights of their client taken care of. Issues such as “interruption of services, termination of services, and access to records, privacy and confidentiality” (Social, n.d., p. 1) among others are responsibilities of companies to control as regards its relation with its customers.
Vodafone therefore has the responsibility to ensure safety of its customers’ information and should have as well taken measures to ensure that no such leaks of password occurred. The company has also failed to initiate a serious action which could be carried out by an independent authority rather than the company. Resorting to internal systems to investigate it could have been a cover up (Social, n.d., p. 1).
Conclusion
Following the case study and the above discussed principles of ethics, Vodafone was in gross violation of ethics in its inefficiency into the information leak as well as its method of investigating the leak.
References
Campbell, T. & Houngton, K. (2005) Ethics and auditing. Australia: ANU E Press.
Europsyche. (2002) Statement of ethical principles. Web.
Fallon, L. & McConnell, C. (2007) Human resource management in health care: principles and practice. Sunbury, MA: Jones & Bartlett Learning.
Goree, K. (2007) Ethics in the work place. Sunbury, MA: Jones & Bartlett Learning.
O’Brien, N. (2011) Mobile security outrage: private details accessible on net. Web.
Play. (2008) Ethical framework principles. Web.
Social. (n.d.) NASW Code of ethics. Web.
Weinstein, B. (2009) The ethics of multitasking. Web.