CSR MEMO
Consumer Protection
You work for the Vice President of Marketing and Consumer Affairs at Genesee Retail Corporation (GRC), which generates its revenues from its large website that sells a variety of products, manages an online streaming service, and operates a national distribution network for delivering its goods. Hackers have attacked the company website- the core of the company's business- stealing personal and financial information from 20 million consumers. The company's security department just became aware of the breach during the evening and the VP has asked you to outline a strategy to respond to this crisis to be on her desk by 12 PM (May 07, 2016). GRC is a publicly traded company and its corporate code of conduct and ethical standards are outdated from back when it was a brick-and-mortar operation, lacking guidance about how to handle this breach. The source of the problem is a contractor that GRC hires for market research, as well as to sell protected customer data and analytics to third parties.
The memorandum should address the following issues:
1. What are the legal requirements and liabilities for GRC? How have other organizations addressed similar situations?
2. Who are the stakeholders?
3. What are the options and how might they impact the stakeholders? Using the ethical frameworks for business ethics, what is the best response to this issue? Please be specific into how ethical principles apply to this situation and how the recommendation is using an ethical principle or multiple principles to arrive at its conclusion.
4. What are the technological solutions or innovations that may mitigate damage and prevent further cyber security issues for the company going forward?