P5 explain the legal and ethical issues in relation to the use of business information. In this essay I will be explaining the legal and ethical issues in relation to the use of business information at River Island What are legal issues? These are a matter requiring legal expertise. These are many items on legislation (law) to protect the use business information and if misused could lead to serious penalties. Data protection Act (1998) River Island and many businesses use information regarding people and their customers, this act protect information about their customers being misused and used to commit offence. The information that river island use must be: • • •
Obtained fairly and lawfully‐ this means that the company hasn’t broken the law, while getting the information. Used for the purpose of what you are doing‐ this means that if you as a sale assistant are asked to do something with this information you must do so. The information should not be kept for longer than necessary‐ this means that if a customer wants their details to be taken from the company or wants to remove their card number, River Island as a business MUST do that.
How River Island uses the data protection act: If any data is breached in the company, River Island will have to pay a substantial amount of money to get this information back, also if customers or many customers’ cards have been cloned and this person is committing fraud, River Island will again have to use a lot of money just to pay these customers back. Another example is if that an employee in the business has decided to pass on information to another business or another person in another company, you have breached the law and the business could get prosecuted for this. #
There is also the privacy act (1974) The Privacy Act of 1974, a United States federal law, establishes a Code of Fair Information Practice that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies. And there is the Human rights Act (1998) This is used in order to ensure that everyone has the freedom to believe in what they want to believe, the Government, police and local councils MUST treat everyone equally. Human rights act protects us with giving us the right to live, it stops inhuman treatment, it gives people of all races genders and sexuality freedom and liberty and it also gives people the freedom of thought and they can have whatever religion they would like and they can believe in what they want. There is also freedom of information Act (2000) this provides public access to information held by authorities, this is done in two ways: 1. Public authorities are obliged to publish certain information about their activities. 2. Members of the public are entitled to request information from public authorities Computer misuse Act (1990) This law works against certain activities using technology like hacking into people’s computers and looking at their account, misusing software or helping someone to gain access to protected files on somebody else’s computer. There are three sections to this law 1. Unauthorised access to computer material
2. Unauthorised access to computer systems with intent commit another offence 3. Unauthorised modification on computer material. If for example in River island an employee is helping another employee hack into the companies database to hack into the computer systems, both will be sent to prison this is because both people have decided to break the law with intent to commit an offence. Now I will be talking about the ethical issues What are ethical issues? An ethical issue brings systems of morality and principles into conflict. Unlike most conflicts that can be disputed with facts and objective truths, ethical issues are more subjective and open to opinions and interpretation. Ethics are business principles concerning acceptable and unacceptable behaviour by businesses I will be talking about the use of emails, internet, whistle blowing, organisational policies and information ownership. Use of email‐ businesses ‐like River Island need to ensure that they use the correct way to email their customers, they must make sure they use appropriate language and also you cannot put spam pages up otherwise the customer will end up unsubscribing and you have lost a customer also you will have to make sure you aren’t sending them illegal files to download that could harm their computers. Internet‐ River Island need to ensure that the internet is being used efficiently, this is because if for example an employee is using the internet to view something that is prohibited in the business for example using your working hours to go onto Facebook this will show that the employee doesn’t care about what they are doing. Whistle blowing ‐ Whistleblowing is when a worker reports suspected wrongdoing at work. Officially this is called 'making a disclosure in the public interest'. A worker can report things that aren't right, are illegal or if anyone at work is neglecting their duties, including: someone's health and safety is in danger. https://www.gov.uk/whistleblowing/overview If for example a worker at River Island is hacking onto the computers main systems to get information into the cards of customers and another worker in River Island sees that the person is committing an offence and doing wrong that person can go and tell authorities that this person has hacked the account
Organisational policies ‐ A set of policies are principles, rules, and guidelines formulated or adopted by an organization to reach its long‐term goals and typically published in a booklet or other form that is widely accessible. Read more: http://www.businessdictionary.com/definition/policies‐and‐ procedures.html#ixzz3Kw9elwVA River islands organisational policies are: ‐ Employment is freely chosen. ‐ Freedom of association and the right to collective bargaining are respected. ‐ Working conditions are safe and hygienic. ‐ Child labour shall not be used. ‐ Living wages are paid. ‐ Working hours are not excessive. ‐ No discrimination is practised. ‐ Regular employment is provided. ‐ No harsh or inhumane treatment is allowed. Information ownership ‐ The information owner is a key player in protecting sensitive data and systems. His or her role must be clearly defined in policies. P6 – Explain the operational issues in relation to the business information: Organisations like River Island always have to ensure that there are always ways to manage their countless pieces of information. For River Island to manage their information they will have to follow some procedures such as: • • • • • •
Security of information Backups Health and safety Organisational policies Business continuance plans Cost / increasing sophistication
Security of information:
Security of information is the practice of ensuring information is only read, heard, changed, broadcast and otherwise used by people who have the right to do so. If River Island do not use security of information well this can lead to many risks such as: 1. Human error: e.g. entering incorrect transactions; failing to spot and correct errors; processing the wrong information; accidentally deleting data. 2. Technical errors: e.g. hardware that fails or software that crashes during transaction processing 3. Accidents and disasters: e.g. floods, fire 4. Fraud ‐ deliberate attempts to corrupt or amend previously legitimate data and information 5. Malicious damage: where an employee or other person deliberately sets out to destroy or damage data and systems (e.g. hackers, creators of viruses) Back‐up copies: Back‐up copies is the process of backing up, refers to the copying and archiving of computer data so it may be used to restore the original after a data loss event. An example of having to use back‐up copies could be the 9/11 this is because on the 9th of September 2001 when it was the twin trade centres were bombed. This was used in order to, stop America from making trades but because they had back up they were able to restore. Another example is the iCloud on iPhones iCloud is a cloud storage and cloud computing service from Apple Inc. launched on October 12, 2011.The service provides its users with means to store data such as documents, photos, and music on remote servers for download to iOS, Macintosh or Windows devices, to share and send data to other users, and to manage their Apple devices if lost or stolen. Health and safety: In River Island health and safety regarding computers must be: • • • • • • • •
provide tilt able screens provide anti‐glare screen filters provide adjustable chairs provide foot supports make sure lighting is suitable make sure workstations are not cramped plan work at a computer so that there are frequent breaks appropriate eye and eyesight tests by an optician
This is because in River island workers must make sure that they are taking the correct precautions otherwise this can lead to irritating the eye and back problems. Organisational policies: The organisational policies of River Island is used to ensure that they can reach their long term goals which is to sell fashionable clothing at a reasonable price. Policies help make sure that staff have
guidance to help them comply with legislation (Data Protection Act for example). They should also help ensure that consistent decisions are made, which can be as important in internal communications as they are in handling customers. Business continuance plans: River Island has to ensure that they have a back‐up plan this is because river island need to make sure that they are capable of surviving a worst‐case scenario. e.g. regular backups of information. As a result of the plan, employees may need to change the way they work ‐ for example, storing information centrally rather than on their hard‐drive. Cost/ increasing sophistication River Island have to make sure that they are always Most businesses would like to implement the above policies but there are always costs involved. When deciding what policies to adopt and what measures to take, businesses need to consider the implementation and maintenance costs versus the benefits to the organisation. Some key considerations are: Additional resources needed ‐ would the business need to purchase new equipment or employ additional staff Increasing sophistication ‐ As there becomes a greater reliance on technology, and that technology becomes more and more advanced, there must be training for the employees on how to use it. If this is not done then the equipment or technology becomes less effective Mako Toure