Comparative Ethical Analysis of Choicepoint and Sony Breaches
Introduction:
Ethics refers to what comes off as right or wrong to an individualâs conscience .The internet age has brought about new ethical issues, not only for an individual but for the society as well as it has eased anonymous manipulation and distribution of information, creating new and easier paths for committing crimes like piracy, identity theft, infringement of an individualâs privacy etc. In this paper we will be analyzing the Choice-point case and the âSony data breach âcase from an ethical point of view. (Laudon &Laudon, 2010, p.128)
Background:
The ChoicePoint Data breach:
On September 27 of 2004, ChoicePoint,a company that aggregates and stores personal information, suspected that some of its small business customers were involved in suspicious activities and informed the police. (Paine, Phillips, 2008)On February of 2005, ChoicePoint only notified those residents of California whose data had been leaked to the illegal customers, since a certain law in California requires it. A protest from the public, however, forced the company to notify the details of the breach to the other involved parties residing in the other states. The swindlers who scammed ChoicePoint had created over 50 accounts with previously stolen identities over the course of a year or even longer. (Pantesco, 2006)
Changes in business practices (Otto, Anton & Baumer, 2007):
ChoicePoint made numerous changes after the 2004-2005 data breach. The company closed the 50 fake accounts and made a policy to refuse any faxed business licenses in the future .The Company formed a new policy, that all nongovernmental organizations need to be re-credentialed in order to do business with it, and increased its procedures in verifying the identity of the company. More stringent and better business policies in ensuring the safety of their customerâs data, for e.g. partial masking of social security numbers were employed. The company continued its investigations of its databases for further indications of foul play and brought in outsiders to assess and rectify their practices.
The Sony Data Breach:
The Sony data breach was a result of an intrusion from an outsider party, causing an outage in the PlayStation Network and Qriocityâs services between 17th April 2011 and 19th April, 2011.A confirmation from Sony revealed that pieces of personal information had been stolen from each and every 77 million accounts. This breach resulted in Sony shutting off the PlayStation Network for 23 days. (Hirai, 2011)
Sony stated that the chairman of the company had submitted explanations wanted by United States House subcommittee regarding the attack and that they were taking some measures to prevent further breaches. When questioned about the delay in making the breach public,