What are the ethical issues surrounding the breach? Support your answer with course materials

Below is the initial question that the following two responses are answering.

Instructions:

Instructions for Classmate ResponsesRespond specifically to your classmate’s answer of Question 2. Refute your classmate’s answer by providing support from another course material source other than the one your classmate used. Example: your classmate used the eBook to support the opinion that Marriott is complicit. You argue that Marriott is not complicit, using another source from course content (other than the eBook) to argue your case.

All citations of course materials in this course should include a page or paragraph number (except videos and podcasts). (i.e. – (Brown, 2016, p. 160) or (Brown, 2016, para 7))

Response 1:

  1. What are the ethical issues surrounding the breach? Support your answer with course materials.

The ethical issues surrounding the breach at the Starwood properties was the violation of customers’ privacy and compromising their personal information. Some examples that define personal information is bibliographic and financial information (Britz, n.d.). Not only were customers’ personal information compromised, they were not aware their information was being breached since 2014.

  • In ethical terms, what is at the root of this issue for Marriott and the Starwood acquisition? Even though the breach happened in 2014, how is Marriott now complicit? Or is Marriott not at fault at all? Support your answer with course materials.

The root of the issue for Marriott and the Starwood acquisition is that the organization did not protect its customers’ data. The organization is going to suffer reputational losses, and data breaches last a long time (Cloudmask, n.d., p. 5). Marriott is now responsible, although the breach happened in 2014, they did not replace the IT system, only replacing the employees. Since Marriott acquired Starwood, they also acquired their customers and should have ensured customers’ data was protected. Just like any organization that has confidential data, organizations must ensure they have cybersecurity solutions in place to prevent breaches. 

REFERENCES

Britz, J. (n.d.).  Technology as a threat to privacy: Ethical challenges to the information professionhttp://web.simmons.edu/~chen/nit/NIT%2796/96-025-Britz.html

Cloudmask(n.d.). http://The Business Ethics Workshop. (2012). Saylor Academy. https://saylordotorg.github.io/text_the-business-ethics-workshop/index.html

Response 2:

  • What are the ethical issues surrounding the breach?

One of the main ethical issues involved in this case is focused on privacy rights for customers and a company’s duty to protect privacy and personal information.  Privacy rights are protected by law and linked to ethical responsibility of companies to maintain confidentiality of personal information, including financial information.  (Britz) Starwood hotels had an ethical responsibility to protect the confidentiality of financial information of their clients. What makes this case worse is the fact that Marriott was aware of the problems that caused the initial breach and they continued to use the same system without taking steps to address the problems that caused the first breach.

  • In ethical terms, what is at the root of this issue for Marriott and the Starwood acquisition? Even though the breach happened in 2014, how is Marriott now complicit? Or is Marriott not at fault at all?

The root issue for Marriott’s acquisition of Starwood is that once they acquire Starwood, they become responsible for protecting the privacy of Starwood clients and maintaining confidentiality of their financial information.  When they made this acquisition, they should have been aware of the vulnerabilities that led to the initial breach of customer data, so they should have taken steps to address these vulnerabilities.  Marriott may not be responsible for the initial breach that happened before they acquired Starwood, but they are responsible for everything that happened to Starwood after they acquired this company, including their efforts to address the problems caused by the data breach.  Investing in better data security would be the right thing to do ethically and it would probably also be a good investment since companies typically spend more on responding to data breaches than preventing them. (Cloudmask)

References:

Britz, J.J., Technology as a Threat to Privacy: Ethical Challenges to the Information Profession, Retrieved from: http://web.simmons.edu/~chen/nit/NIT%2796/96-025-Britz.html

Cloudmask, The cost of data security: Are cybersecurity investments worth it?  Retrieved from: https://www.cloudmask.com/blog/the-cost-of-data-security-are-cybersecurity-investments-worth-it

Initial Question

Discussion #6 Question

Marriott International

Marriott International, an American hospitality company founded in 1927, is the largest hotel chain in the world, with 30 different brands in 131 countries. It has been on the Fortune 500 list of 21 years, and prior to the COVID pandemic, was ranked 151 on this list.

Marriott acquired the Starwood Hotels chain in 2016. Starwood Hotels had run upon some difficult times in the previous couple of years. In 2014, Chinese State Sponsored Attackers were able to install malware to steal debit and credit card data at some of the Starwood Hotels. When discovered in 2015, Starwood Hotels reported this breach of customer information, with a total of over 50 of their hotels and their guests impacted.

However, in 2016 when Marriott bought Starwood Hotels for $13 billion, they decided to maintain the same IT system within the Starwood properties. Only the Starwood IT staff were replaced.

In 2018, after using the original Starwood IT system for two years, a security tool inside Marriott picked up on a “suspicious event” within the guest reservation system. After further research, Marriott determined that the Starwood reservation system had been accessed. An internal investigation determined that the hack resulted in the data of 500 million customers being stolen. Worse, it was found that this breach had been going on since 2014.

Click this link to read the Official Statement made by Marriott in 2018:

Marriott Official Statement Nov 30 2018

QUESTIONS:

  1. What are the ethical issues surrounding the breach? Support your answer with course materials.
  2. In ethical terms, what is at the root of this issue for Marriott and the Starwood acquisition? Even though the breach happened in 2014, how is Marriott now complicit? Or is Marriott not at fault at all? Support your answer with course materials.

My submitted response to Question 2

The information exposed in a data breach can vary and the data can be lost due to everything from insider threats to hacking to employee negligence, all data breaches contain personal identifying information in a format that can be read easily by thieves (Novinson, 2018, p. 1). Marriot management assumption on the safety of the Hotels, was ethically a mistake – considering that they had history of the Hotel’s Impacts. This alone makes Marriot complicit to the breach. In ethical terms, the management of Marriott should have considered every aspect of Starwood before making their call of purchase. The authorities should determine every fault and rectify it to ensure a safe accommodation facility for the customer base. However, Marriott did not consider the safety of the people, making them complicit for a data breach that started in 2014.

Reference:

Novinson, M. (2018, July 31). The 10 Largest Data Security Breaches Of 2018 (So Far). Retrieved from https://www.crn.com/slide-shows/security/300107291/the-10-largest-data-security-breaches-of-2018-so-far.htm/1 

Course Material

Theme 1:  Emerging Technology

https://www.youtube.com/watch?v=pQ1VaCeRoyA
https://www.technologyreview.com/s/610275/meet-the-woman-who-searches-out-search-engines-bias-against-women-and-minorities/
https://qz.com/1260121/facebook-is-making-public-the-rules-it-uses-to-police-content/
https://www.cnbc.com/2017/12/13/net-neutrality-rules-look-doomed–will-consumers-pay.html
https://www.washingtonpost.com/technology/2018/06/27/california-is-verge-passing-sweeping-new-online-privacy-law-targeting-facebook-google-other-tech-giants/?utm_term=.ca9bf525d9d3

Theme 2:  Data Protection

https://www.insurancejournal.com/news/national/2018/02/13/480357.htm
https://www.cloudmask.com/blog/the-cost-of-data-security-are-cybersecurity-investments-worth-it
https://www.washingtonpost.com/postlive/the-ethics-of-hacking-101/2014/10/07/39529518-4014-11e4-b0ea-8141703bbf6f_story.html?utm_term=.e9c36c86d53a
https://www.bbc.com/news/technology-27421969
https://www.youtube.com/watch?v=f_f5wNw-2c0
https://www.moneywise.co.uk/work-family/family-life/what-happens-to-your-digital-assets-when-you-die

Theme 3:  Privacy

http://web.simmons.edu/~chen/nit/NIT%2796/96-025-Britz.html
https://www.healthcareitnews.com/news/fda-medical-device-plan-zeros-cybersecurity-public-private-partnership
http://healthvoices.org.au/issues/november-2017/ethics-advanced-medical-devices-need-new-approach/

Consumer Privacy Bill of Rights—not the law

https://www.nbcnews.com/news/world/european-union-hits-google-record-5-billion-fine-android-antitrust-n892326
https://www.crn.com/slide-shows/security/300107291/the-10-largest-data-security-breaches-of-2018-so-far.htm/1
find the cost of your paper

Essay about the book “Their Eyes were watching god”

In Chapter 10 we meet Tea Cake Woods, the third man who is a major influence in Janie’s story. We discussed this character and the development of their relationship a….

Case Study Assignment: Assessing Neurological Symptoms

Imagine not being able to form new memories. This is the reality of patients with anterograde amnesia face. Although this form of amnesia is rare, it can result from severe….

Case Study Assignment: Assessing Neurological Symptoms

Imagine not being able to form new memories. This is the reality of patients with anterograde amnesia face. Although this form of amnesia is rare, it can result from severe….