Corporate Governance and Ethics
You and your colleague have recently been appointed as senior executives, whom report to the CFO, overseeing the company’s data storage and security operations of a privately-held multinational company that has been lauded for transforming and/or revolutionizing the transportation industry. The members of the board of directors along with the company’s key investors’ hope to position the company for a public offering in 2018.
Prior to your appointment, you were aware of the following information, all of which was publicly available information. For the past twelve months, the company has experienced increasing growth and a growing cash position, but has been subject to significant regulatory issues. The company has also faced multiple allegations of sexual harassment, theft of trade secret from at least one competitor, and fraud. In addition, the company faces criminal probes in the United States for bribery, software used to evade law enforcement as well as trade secret theft. In 2015 the company disclosed a data breach that impacted 50,000 US drivers; it later upped the number to 100,000. In early 2017, the company settled charges with the Federal Trade Commission over its deceptive privacy and data security claims.
Upon assuming your position, you assembled your new team and initiated an internal examination of systems. You expect to report the same to the Board of Directors at its forthcoming meeting in December. In the course of your examination of company systems and operations, you discovered information of a data breach: personal information of 50 million riders globally and 7 million drivers, including the license numbers of 600,000 US drivers. It appears U.S. Social Security numbers were not part of the data breach. You also discovered that the company entered into a confidential “settlement agreement” and paid the hackers $100,000 not to release the personal information or disclose that a breach occurred, and the CFO was aware of the payment.
You know, if the company were public, the CEO and CFO are required to issue a statement pursuant The Sarbanes-Oxley Act 0f 2002 certifying that: (i) the accompanying financial statements and disclosures fairly present, in all material respects, the operations and financial condition of the company; and (ii) the company has been operating in a socially responsible and ethical manner. And, each of these officers will need to rely on your assessment of the situation.
The fundamental question: Do you disclose the payment, the breach, and the CFO’s knowledge to the CEO and the Board of Directors? Explain in a concisely written manner your decision as well as such decisions relationship to Corporate Social Responsibility. Also, identify the following:
• Applicable Facts and Alternative Courses of Action
• Stakeholders and Stakeholder Perspectives
• The Ethical Dilemma and Evaluate Using an Ethical System from the textbook (David P. Baron Business and Its Environment).
The Ethics Systems are:
Utilitarianism
Rights and Justice
Behavioral Ethic