Equifax had a data breach in 2017 that had at least 2000 people’s information stolen and sold for a profit. Supposedly the company would give random credit scores and it would either give you good or bad luck depending on it. The scores would have to go through the Consumer Financial Protection Bureau if it were wrong and there was bad luck with them and the mistaken scores. The company would have no recollection of any databases with the information or they would claim they have no internet access. Equifax never informed anyone of the status of their data and left people confused and scared. People claim Equifax is unethical because they have a severe lack of credibility and are leaving people with stolen accounts and social security numbers. The company would charge money for days at a time so that someone could freeze their account, pressuring the person to spend more money. They also would immediately ask for an SSN to check for any compromises. In this Case Analysis I will argue that deontology shows us that the Equifax breach harmed their customers by selling their information and this was morally bad.
In Friedman’s text, there’s a concept called “the social responsibilities of business.” It’s known for a lack of rigor and looseness that works analytically. It claims a corporation to be an artificial person and says that it would have responsibilities and that a business can’t have responsibilities. It first needs clarity through examining the doctrine for social responsibility to find out what relates to who. Social responsibility is usually for corporations and businessmen that are responsible. This claims that the people who are responsible are businessmen, such as individual proprietors or corporate executives. Within a free enterprise, the corporate executive is the employee to the owners of the business and has direct responsibility to his employers. They’re to conduct business in accordance with the desires of their employers, such as making as much money as possible while conforming to basis societal rules, both law and ethical customs. There may also be other customs or services that his employers may be working towards such as schooling or medical. In this case, the corporation is a bank, so their motive is to protect the money of their customers and make sure they have a sufficient amount when someone needs to take out some for their personal reasoning, thus making their objective to not have money for profit but for providing people a service for their own lives. The corporate executive is the agent of the people the executive works for and his primary responsibility is to them. A hierarchy is formed within a free-enterprise system, a corporate executive is underneath the owners and above the employees, giving him the responsibility of their employees by making as much money as one can while still following societal rules, in law and ethicality. Managers are given a different role below corporate executives, having to pertain different services in the company. Social responsibilities refer to the individuals and not the business, meaning that they have to act in a way that is indifferent to the employees. An example would be that they can’t hire someone who has no experience in work for corporate profit over workers with experience to reduce poverty and contribute to the social objective. The social responsibility doctrine is used for wage justification and forces people to be responsible for their actions and doesn’t allow for exploitation. They can do things that are on the good side of the possibilities, but only on their own accord.
When it comes to this concept and the case, it would be better for Equifax to have this kind of concept within their walls. It causes the employers and higher-ups to think about their actions before performing them, and the data breach would’ve not been as bad as it was if there was more common sense inside of the walls of the company. Going through this kind of situation with responsibility would’ve probably even prevented this situation from occurring, let alone allowed it to be settled humanely compared to how it was settled. Their actions could have been looked upon by someone higher within the working hierarchy and the whole thing could’ve been avoided if handled correctly. Since it was performed this way, they most likely lost a good majority of their customers.
When deontology is brought into this kind of situation, it would’ve been handled much better than it was. If the higher-ups were to think about the situation in hand, they’d be performing better to help their customers find out if they had their data breached. Instead of asking for an SSN right away and demanding payments for account freezing, they should have done the right thing by asking for legitimate reasoning for freezing and allowing the accounts to be frozen without unnecessary payments and asked for a form of identification that didn’t include giving away a very important piece of information. When it comes to deontology, things are performed based on the best reasoning for performing. If there was a specific reasoning to have caused these kinds of actions, I don’t think the reasoning was the right kinds for what was performed. If you use the categorical imperative though, the way that the company is treating their customers is only going to backfire on them. They’re only using their customers for economic purposes from what I read. Selling their customers data will only make people stop using their services and cause the company to go under, thus making it claim bankruptcy and close down for good. The actions should have been different and the company most likely had bad reasons for performing this kind of behavior. If they had thought about this kind of ideology, they would’ve thought more about the people rather than themselves. Putting thought into the people makes it easier for everyone and if done like this, it just causes a bad reputation for your business and makes you lose credibility. Their harm was morally bad because it left people in shock and confusion. People were left unable to do anything because they were afraid of either losing money or losing their identity. Having only put thought into themselves as a corporation greatly showed they didn’t care about their customers and that they only cared about wealth.
In Anshen’s text, there’s a concept called “the social contract.” It began from a Greek philosopher named Epictetus and went along with Thomas Hobbes’ intellectual system in the 17th century. Hobbes used his intellectual system for obedience in terms of the social contract and John Locke converted it to the consent of the citizens a few decades later. Jean Jacques Rousseau added onto the idea that everyone entered an implicit contract with other people, defining human behavior, a century later. Upon Rousseau’s words, he stated that the minority would accept the majority’s decisions, express their resistance, and would wait before rebellion. To Rousseau, the rebellion would be a rejection of the contract rather than a rebellion against the majority. John Kenneth Galbraith’s book The New Industrial State had challenged the contract and defines the private enterprise in society today, the popular view of their responsibilities and performance, and the relationships among corporations, governments, and citizens. The contract specifies that businesses can operate how they like within the rules of conduct constraints. If performed for competition, it benefits for society with products and services for society as products and services earned for supplying their wants by working for businesses. For a long time, it was believed that private firms didn’t need to carry shares of the costs of environmental contamination. If there was any sort of growth within a business, the only costs that were carried along were for obtaining resources on the market and using them for producing and selling goods and services. It also stated that private businesses had no responsibility when it comes to local communities and their life. The contract’s terms were defined by the norms of acceptable business behavior and were rarely questioned by managers who were responsible. Managers today understand the importance of adapting to the economic and technological changes while most managers don’t have the best perception of the power of social change for traditional goals, strategies, and business organization values.
When it comes to this concept and the case, the company had thought of these kinds of ideas as societal norms and figured it was okay to perform them. If there was any sort of growth within the company, they could do whatever they wanted if they were using their services for financial growth. They believed that the minority would accept their decisions because they were the majority, yet people weren’t happy about it, and it left people scared and untrustworthy of the company. The company felt that they could get away with it as long as it was deemed a norm, but it went in a way that completely backfired because of their constant money asking. The breach caused the company to act in a way that left them with a bad reputation. It follows the concepts of Ashen by proving that Equifax only cared about the money. They had done whatever they wanted within what they felt was the law and extorted money from all of their customers. They felt their actions would benefit the company and performed them to the point where nobody wanted to be part of the company anymore. The company felt their behavior was normal, especially from the managers who made sure things were in check and kept doing what they were doing. The company most likely felt they would be able to beat other banks in a competition of wealth and felt they could do as they pleased, thus causing a huge downfall for them.
With this concept and deontology, the case was definitely performed through social norms and bad reasoning. Equifax felt that they were still in the right to ask for money just for checking breaches, and deontology counts that as a bad reason to be considered in the right. Deontology counts that as doing things wrongly even though they think it’s for the better. They should have thought of better norms regarding freezing and asking about breaches. Allowing checks for breaches should be a thing to do without having to provide your SSN because that just feels like you’re throwing your identification out the window. It could even be directly related to the breach, and you lose your identity right then and there. Societal norms were completely scrapped when Equifax thought of what to do, completely staining their morals with bad intentions. The harm left the minority under such pain and fear that nobody could figure out why Equifax did what they did. When you use the categorial imperative to go about this case, they definitely didn’t treat their customers with respect and treated them like dirt, making them unhappy and scared for their lives. Them selling the data and making the customers freeze their accounts to spend more money for the bank was entirely unethical and their response had completely thrown everything under the water.
Although they felt they were in the right, they were definitely in the wrong with this situation. They wouldn’t have gotten the kind of confusion and backlash that they got if they had thought of a different and more reasonable way to approach the situation, allowing for easier access and better responses to the sequence of events. If they had thought about the people and came up with better solutions and reasoning, this entire situation probably wouldn’t have been as big as it was. It may have been just a normal headline, yet it became the way it was due to how they responded to the breach. They could’ve probably saved their reputation if they had thought of a way to reassure their actions and regain the trust of their customers, though it was probably too late as they started demanding payments time after time and requesting social security. Their reputation probably also went downhill because of this reaction to the breach, and it hurt them dearly for it.