A Case Of Shady Business Ethics Business Essay

Octopus credit cards limited is the operator of the Octopus rechargeable contactless smart credit card used in an electric payment system in Hong Kong. It is a wholly held subsidiary of Octopus Holdings Small. It was proven under the name of "Creative Superstar" by the major transportation companies in Hong Kong, Octopus Cards Limited is the operator of the Octopus System and the issuer of Octopus. The Octopus cards was created in 1997 with the purpose of providing a simple way to pay fares on general public carry in Hong Kong. Octopus then extended its reach into simple micropayments for acquisitions in shops and a straightforward way for cardholders to get access to buildings and schools and identify themselves. In January 2002, it was renamed Octopus Credit cards Limited from Creative Star. Prompted by the business enterprise enlargement of the Octopus card, Octopus Holdings Limited was formed in 2005 following a company restructure and Octopus Cards Limited became a wholly-owned subsidiary of the new company.

The system grips the average 11 million financial ventures each day. THE FEDERAL GOVERNMENT keeps a 20 % talk about of Octopus Holdings Pty. The majority shareholder is the central transit expert, the MTR, with a 57 per cent stake.

The issue and its origin

Octopus arrived to the spotlight in June, after having a public survey disclosed that more than 90 % of the respondents said they hadn't browse the personal information statements when they provided data to use for Octopus services. The study results were picked up by then Personal privacy Commissioner Roderick Woo, who launched a study. Woo has since been substituted by new Commissioner, Mr. Allan Chiang Yam-wang, who got office in August.

While still in office, Woo forced for greater protection of private data, urging the government to introduce strict laws for the technologically-infected metropolis. In Sept 2009 Woo suggested more than 50 amendments to the present privacy charge in a report known as the Personal Data Review.

Among the advice was a clause that could curb "irresponsible dissemination of leaked personal data. "

Post this, according to local press reviews, Octopus has been paid HK$44 million during the last four and a half years by six companies, including Cigna Worldwide Life Insurance, for data that was used for marketing.

Octopus chief executive Prudence Chan primarily refused that data have been sold but she has since backtracked in the face of fierce criticism from Hong Kong's level of privacy commissioner Roderick Woo, who acquired launched a study.

Later Chan accepted that the problem was not handled well. That what they said (previously) didn't fully reflect the truth, as well as for that they apologize to the Hong Kong open public. She said the company has suspended all such marketing partnerships in a bid to "regain public confidence. "

The Concerned Parties

The parties mixed up in controversey were

Octopus Cards Small, for disclosing the non-public data.

Privacy commissioner Roderick Woo, whose main concern was how u can lawfully deal with the safeguard of personal data.

The Six companies to that your information was disclosed to. This consists of Cigna Worldwide Insurance Hong Kong which participates in the Octopus Rewards program, with which customer information is distributed to offer special insurance plans.

And most of all the ignorant users of the credit cards whose privateness was breached.

The Ethical Issues Arrising FROM THE Controversy

One concentrate was whether people who provided their data were prepared about the use of the information when collecting their data. Around 10% of the Octopus credit cards in issuance have personal data mounted on them, permitting them to collect reward details, for case, and providing security if they are lost. In addition, personalized Octopus cards are used for gain access to control at some dominant office properties and apartment complexes.

Octopus said a few of its customer data, such as contact information, were sold to insurers, for example, who used the info to target policy sales. Normally, according to Octopus's CEO Chan, 1. 97 million cardholders experienced their data approved since 2006, and each cardholder was approached by immediate marketers on average 1. 7 times.

The charges for such privateness breach, presently, is an excellent of a few thousand HK us dollars, which is an insufficient deterrent for large multi-million businesses. On their behalf a few HK dollors is wirth when the income derived by retailing of such personal data is a lot more. The penalty presents a miniscule amount for a large multinational.

There has only been one case of monetary penalty due to personal privacy infringement. This indicates that little attention has been paid to sensitive data handling, due to the fact personal privacy breaches have been increasing in Hong Kong. The current regulations in Hong Kong fail to protect citizens and leave them exposed to information abuse.

Very poor managerial skills are shown in respect to business ethics and ethical behaviour as such because of the level of privacy infringement.

Actions Post The Controversy

The Octopus data drip has sparked public outrage over level of privacy laws and regulations in Hong Kong, with many voicing concern that their private information is being uncovered and there are few laws to protect them.

In Hong Kong, due to amount of customers' money that Octopus handles, the business is governed by the Hong Kong Monetary Authority, the city's banking regulator, as a deposit-taking institution.

The HKMA has asked Octopus to appoint an unbiased auditor to look at its methods and consider if the sharing of private information was lawful.

Roderick Woo recommended making such activities an offence "if a person obtains personal data without the consent of the data individual and discloses the non-public data so obtained for profits or malicious purposes. "

The majority shareholder of Octopus is MTR whose own bulk shareholder is the Hong Kong SAR Federal government. Octopus should be seen as a public corporation (not only since it is publicly outlined) and therefore, the SAR Federal government shouldn't, and cannot, get away from responsibility relating to guidance and monitoring of business ethics of the business.

Recent news explains to that the CEO has resigned amid powerful criticisms over her handling of data personal privacy issues at the business, which last week admitted to reselling personal data of nearly two million customers.

The Office of the Level of privacy Commissioner for Personal Data, Hong Kong, kept a public hearing on July 26 on the Cigna-Octopus concern.

The commissioner also offered summonses on the folks in charge of Octopus Holdings, Octopus Rewards, Cigna and Cards Cover Plan.

MTR Corp has apologized again for the level of privacy scandal regarding Octopus Cards.

MTRC chief executive Chow Chung-kong vowed the smart cards operator will never again sell any personal information.

The Results After

As CEO of the company and the person who might well initiate such offers, Chan should have had full understanding of the business enterprise. Through her general population denial when confronted by the multimedia and legislators who pressed serious concerns on behalf of the public, she has shown the ugliest area of corporate and business management, namely, a lack of honesty, insufficient business ethics, and insufficient interpersonal responsibility. Business teachers at local colleges teaching aspiring corporate executives must use her circumstance as an example of poor business ethics; and of what the local corporate community should avoid if Hong Kong is going to continue being a world city of business.

So far the general public is still skeptical about the 'fact' disclosed by Ms Chan. Questions stay as to whether the information so far disclosed is only the end of the iceberg regarding the misuse of clients' personal data for the company's revenue. Was the management of the business, including the table of directors, totally aware of the unethical characteristics of the practice or were they misled by the CEO and her personnel? The Privacy Commissioner is yet to survey on the occurrence, and probably even if the finding shows the company didn't violate the current privacy rules of Hong Kong, legislators should revise regulations to increase safety of the level of privacy of Hong Kong individuals. Legislators also should give penalties to deter purposeful violation of personal privacy by businesses and government organizations.

The Octopus controversy features an elevated sense of general population awareness for privacy privileges. While criticizing the carry out of Octopus for advertising cardholder data, a wider issue has been lifted as to whether the public's needs have absent beyond existing regulations.

More significantly, the company has a market monopoly over electronic digital money in Hong Kong. The system handles an average of 11 million financial ventures each day and impacts many areas of the daily life and work of Hong Kong residents and firms. It will not be left to the discretion of management, who might lack dedication to business ethics and admiration for legal regulations despite their high incomes and impressive educational skills. Octopus should be firmly supervised and watched like the best banks in Hong Kong. Given the present tendency of market and technology development, electronic money and the electronic payment system has a great possibility of exponential extension over the arriving years. The monopoly of Octopus will not be on a little scale nor will Octopus be one of the many ordinary deposit-taking organizations that are currently registered to be under the Hong Kong Monetary Expert. The government and the general public have to have limited control to avoid not merely the misuse of personal data of a huge number of local citizens but also the actual hazard that the management might create financial hazards to the company and the neighborhood community caused by its blind quest for maximized gains.

Following the disclosure of the info exchange between Cigna and Octopus for marketing purposes, the plank of Octopus Holdings Ltd. said on July 25 that on recommendation of its special committee on data level of privacy, the company and everything its subsidiaries will no longer take part in any future activities that require the provision of customer personal data to merchant lovers for marketing purposes.

The company added Octopus Rewards is positively working with Cigna and Credit card Security Plan Ltd. toward the first termination with their cooperation agreements, such as the provision of certain customers' personal data for marketing purposes. This move is aimed at alleviating customer and general public concerns on personal data handling.

There are various confidentiality requirements in Hong Kong for insurance providers and insurance intermediaries to see regarding client information, which covers insurers, insurance providers and insurance agents.

For insurance providers in Hong Kong, the Code on Conduct for Insurers provides that the assortment of personal data by insurers and everything personal data accumulated by an insurance company is at the mercy of the non-public Data Ordinance.

Insurers should ensure that their workers and insurance agents know about their obligations under the ordinance, which also requires insurance providers take all reasonable steps to get to ensure that insurance brokers keep client information private, based on the OCI.

For insurance agents, the Code of Practice for the Administration of Insurance Agencies provides that realtors treat all information supplied by a potential policyholder as confidential and comply at all times with the procedures of the Personal Data Ordinance when interacting with personal data provided by potential or current policyholders, noted the regulator.

Under Hong Kong insurance regulations, insurance agents are also required never to disclose any information attained from his customer except with the written consent of your client or in concerns related to the administration of the worried insurance deal.

These issues were highlighted and made known only following the occurrence of the function, which should not need been the situation.

Actions TO GET Taken

An occurrence as this makes us alert to the many issues experienced in an environment of competition and revenue run business. Because of this the following actions have to be taken up to avoid further breach of privateness.

Privacy regulations should be strengthened to compel companies to be more forthcoming and transparent on how and whom they disperse personal data.

This would go to the public's right to know. For example, all telemarketers should be required to disclose the source of the individuals personal data.

To place the users minds at ease, the best way frontward is to terminate all activities that involve the provision of customers' personal data to merchant lovers for marketing purposes.

The administration should completely review the rules. At the same time only reviewing is not beneficial. Actions should be studied to stop this event from occurring again.

The the government never to take summer break; begin working [to investigate] at the earliest opportunity.

Large companies change the methods of data collection, dialling for a more translucent process.

If there occurs a need to disclose private information to an authorized, the user should be duely educated of the same and the data gathered should be disclosed only after he offers his consent.

Local legislators alongside the privacy payment should find out the entire truth regarding the sale of the personal data of Octopus clients and whether there have been violations of existing level of privacy law.

The bulk owner of the business should also take action in good trust, apologizing to the general public by going back the 44 million dollars gains, either to the Octopus cards holders or even to local charity.


Privacy breach is appaling as it damage the self-assurance of the users. Regardless of how efficiently a system works privacy issues need to be handled with care. Slipping off the "trail" and being insensitive about privateness protection needs to be avoided. For this appropriate rules and follow ups need to be conducted by the federal government, the auditors and the business itself. The stated actions if acted after is a stepping stone towards containment of such malpractices undertaken by big companies. Therefore may help us users to truly have a reason to trust these businesses once more.

Also We Can Offer!

Other services that we offer

If you don’t see the necessary subject, paper type, or topic in our list of available services and examples, don’t worry! We have a number of other academic disciplines to suit the needs of anyone who visits this website looking for help.

How to ...

We made your life easier with putting together a big number of articles and guidelines on how to plan and write different types of assignments (Essay, Research Paper, Dissertation etc)