PrivacyBBA361

Business Ethics and Corporate Governance

PrivacyBBA361

Business Ethics and Corporate Governance

LectureLecture 4

Department of Business Administration

Chapter 6, “Ethics and the Conduct of Business”,John R. Boatright

Employee Privacy

Company collects employees information and data for hiring, placement, evaluation performance, and compensation purposes.

Basic personal data, i.e. race, sex, age and handicap status

Workplace monitoring: Computer record about number of phone calls,

duration, destination, keystrokes by a data processor to test duration of being away from the desk…..Employers claim to improve employees well-being, avoid employee theft, drugs…etc.

Psychological Testing Used to predict successful job performance and identify

potential dishonest and troublesome employees.

Consumer Privacy

The use of information gathered in the database marketing.

Record of consumers preference, direct mailing to them

One arguable consumer privacy issue is whether it is ethical to reveal information of customers to the direct marketer

Definitions of Privacy

1st Protect privacy of private life from unwanted publicity: “the right to be let alone—the most comprehensive of

rights and the right most valued by civilized men” 2nd Control over information about ourselves:

“Privacy is the claim of individuals…to determine for themselves when, how, and to what extent information about them is communicated to others.”

3rd Certain facts about a person are not known by others:“the condition of not having undocumented personal

knowledge about one possessed by others”

Few issues to be concerned

The kind of information to be collectedThe use to which the information is putThe persons in a company who have access to the informationThe disclosure of information to persons outside the companyThe means used to gain the informationThe steps taken to ensure the accuracy and completeness of the informationThe access that employees have to information about themselves

Justifying Purpose:

The first three issues can be justified by the PURPOSE of collecting the data.

E.g Maintaining medical records on employees for administer benefit plans, then:

1. medical information that is essential for this purpose can be collected

2. Only persons who are responsible for administering the benefit plan or monitoring employee health are justified to access to the information

3. These persons must use the information only for the intended purpose

Justifying Purpose: E.g Maintaining medical records on employees for E.g Maintaining medical records on employees for

administer benefit plans, then:administer benefit plans, then:1.medical information that is essential for this purpose can be

collected 2.Only persons who are responsible for administering the benefit

plan are justified to access to the information3.These persons must use the information only for the intended

purpose

Therefore: Privacy will be violated if: Personal information is gathered without a sufficient

justifying purpose Persons who are not in a position know the information Persons who are in such position use the information for

other purposes.

Disclosure to Outsiders

Disclosure of personal information to persons outside a company.

•E.G employer disclose content of personal files to landlords, lending agencies without consent of the employees involved.

•Sometimes even if it is for the legitimate purpose, employers may not have the right to provide employees information, because the employer is justified in collecting and using information for connecting employer-employee relationship, not for other purpose.

The Means used to Gather Information

•Use of some means may violate and employee’s right of privacy,

•such as polygraph testing since these means tend to collect more information than needed.

•Hidden cameras/ploygraph testing is intrusive because employees are deprived of chances to exercise control over how they appear to others, which is essential for being an autonomous individual.

The Means used to Gather Information

•Less intrusive means of gathering information are preferred

•e.g. seeking information about drug use by employees in the workplace are not justified by searching lockers and desks, hidden cameras in restroom, random drug tests, etc, when sufficient information can be gathered by closer observation of work performance, etc.

Accuracy, Completeness and Access

•The last two issues concerns with fairness matters.

•Employers maintain inaccurate or incomplete files and deny employees access to them are not invading privacy of employees but violate a right of fair treatment.

Not a possession of personal information matter by Not a possession of personal information matter by its use in ways which are unfair to employees.its use in ways which are unfair to employees.

•Polygraph machines are unreliable as only body responses but not mental experience being tested.

Information Collection

•Consumers may feel a lack of privacy when browsing Internet nowadays

•Some argue that there is no privacy in Internet, because it is a public arena and being online is like walking and talking in town square.

•Privacy is defined as control over personal information. Is information on Internet owned by us?

Protecting Privacy on Internet

Five principles on Internet privacy suggested by Federal Trade Commission:

1.1. Notice/Awareness:Notice/Awareness: Disclose the identity of the collecting party, means for collection, use of such information. Should be displayed and easily understood in homepage.

2.2. Choice/Consent:Choice/Consent: Provide a choice whether to allow information to be collected.

3.3. Access/Participation:Access/Participation: Allow consumers access to information collected and opportunity to contest the accuracy or completeness of the data.

Protecting Privacy on Internet

Five principles on Internet privacy suggested by Federal Trade Commission:

4.4. Integrity/Security:Integrity/Security: Inform users of the steps taken to protect against the alteration, misappropriation, or destruction of data and action that will be taken for a breach of security.

5.5. Enforcement/Redress:Enforcement/Redress: Assure consumers that the company follows responsible information practices and consequence for failing to do so.

Others: Inform employees whether cookies are used by some websites to track or modify their interaction with the website based on information sent by their internet browser to the server on which the website is located.

Is Email Private?

1. Email messages are accessible only with a password know to the users. Computer may belong to company but not the contents.

2. Employers may claim a right to monitor employees’ messages to ensure that system is not being misused.

3. Some privacy experts contend that employers have a right to read employees’ email if they announce the policy in advance, while others believe that reading Emails in company is always wrong, even if employees are put on notice.

Conclusion

Ethically Managing employees information:Ethically Managing employees information:

1. Specify the purpose of collection of data, how to collect and who will administer/access the personal data. These persons must use the information only for the intended purpose

2. Storage of information:

 (I) Employees personal data should be stored with high security. Such as only be accessed by authorized persons, and if it is stored in computer, personal information should be password-protected. Persons assigned to administer personal data need to strictly adhere to the regulation of relevant privacy protection.

Conclusion

Ethically Managing employees information:Ethically Managing employees information:

3. Give employees right to access their personal information:

 Employees should be given the right to access to and correct personal data at any time.

ConclusionEthically Managing employees information:Ethically Managing employees information:

4. Disclosure of information:

 (i)inform employees in advance about the disclosure and reason for using such personal data;

(ii) inform employees how their personal data be stored, how the company can review, change and delete the personal data collected/stored;

(iii) give employees option to choose whether to disclose their data

(iv)not disclose employee information to any third party, except to those company related parties; only for purposes stated when collecting personal data; and not to disclose the information to others without consent of employees.