AU Communication Challenges Low Confidence in Solving Issue Memorandum

This journal entry should relate to the moral problem that you are addressing in your memo.  Think about the one or more solutions that you have formulated for addressing the one or more moral problems in your organization.  Answer the following questions:1.    What is the biggest personal challenge that lowers your confidence in being able to enact the solution to the moral problem?  You can name one of the challenges explained by Gentile (2011) or something else.2.    Script a counter-argument to the aforementioned challenge.3.    Which leaders in the organization are likely to mobilize political support behind the solution?4.    What resources (e.g., time, equipment, and money) are needed?5.    What about your organization might hinder success? Facebook
Date: October 25, 2022
To: Erin Egan, Chief Privacy Officer, Policy
Fr: Customer Service Representative, Data Breach Incident’s Press Release
Re: Facebook Data Breach
This memo recommends the Chief Privacy Officer (CPO) on how the company will
communicate the data breach incident to the media. These recommendations are based on the
best way to effectively communicate the issue without causing more mental problems.
The challenge
The main decision Facebook needs to make concerns the information it will release to
the public concerning the data breach. This will include the extent of the breach, the number
of people affected, and the kind of information accessed. The decision should also have the
kind of reassurance to give the affected stakeholders concerning the current measures to
protect their private information.
Communicating to the media about the data breach will bring to light the infringement
of the right to privacy that Facebook promises all its users, which is likely to cause
psychological damage such as stress, anxiety, and panic. According to Davis (2019), a data
breach will likely result in a loss of trust in an organization. The world has become a global
village, which means news of the data breach at Facebook will travel fast. Identity thieves
may still have to steal critical data if no measures are enacted immediately. How the
organization communicates with the media will be pivotal in managing mental health issues
amongst the stakeholders. In addition, if Facebook withholds relevant information about the
breach, it will amplify the mental problems when the hidden information gets uncovered.
Facebook users, advertisers, and employees will likely be the most affected. The
platform has billions of users from all over the world. Effective communication by Facebook
assures the users that there are necessary steps to identify the culprits and take legal action
against them. It also guarantees that more safeguards are in place to prevent a reoccurrence.
That way, the users will trust Facebook’s procedures to protect against further harm.
Advertisers are Facebook’s source of income (Kissinger, 2018). Therefore, the press release
informs them that Facebook is a safe platform to advertise their products. Such a claim is
likely to convince them to stay in the network. Lastly, the press release tells Facebook
employees that the organization is taking all the necessary steps to regain the trust of its
users. It will rebuild the employees’ commitment to organizational goals and team
performance.
The release will be to create awareness and reassure stakeholders. However, the
stakeholders affected by the press release can choose how they will be affected. Users may
migrate to other social media platforms where they feel their information might be safer.
Advertisers can also choose other social media platforms to advertise their products.
Similarly, employees can choose to stay with the organization through the rebuild or resign.
As stated earlier, a data breach damages the users’ right to privacy. Facebook privacy
principles say that users will have control of their privacy (Facebook, 2022). The regulations
also promise to help the users understand how their data is used. This means that Facebook
needs to communicate with its users concerning the data breach. The principles also state that
the organization will work hard to secure users’ information. Therefore, it will be essential to
prove the breach was unavoidable and that adequate measures have been put in place to keep
all information secure.
The approach
After critically investigating and identifying the moral problem present in Facebook’s
organization on how to effectively communicate the news about data bridge Facebook, there
was a need to develop a specialized team. Factors such as psychological stress to
stakeholders, trust, effective communication to ensure the arrest of the culprits, and
fulfillment of corporate moral responsibility presented a challenge in fulfilling the moral
obligation and needed a unique approach. Also, with such a big and complex organization
that relies on the success of its stakeholders to achieve its success, it was important to identify
and understand how both internal and external stakeholder groups were affected by the social
responsibility issues raised by the data breach.
A board meeting involving the CEO, board members, and department managers
formed the three most important persons to tackle the data breach news communication to
prevent stakeholder psychological stress. According to the stakeholder theory (Mohammed,
2022), identifying stakeholders is integral to preventing psychological stress. For this reason,
in an impromptu board meeting involving the IT CEO of Facebook, the board members, and
department managers were called to address how to identify the different stakeholders and
give them information without causing psychological stress. To prevent a communication
crisis, the meeting decided to communicate the information to primary stakeholders, the
Facebook users, and take a remedial and assurance approach. The restorative procedure
involved resetting Facebook’s servers to prevent multiple data breaches (Heaslip, 2022). The
assurance approach involved timing and clear identification of the data breach source with
proposed measures to avoid a future data breach. Additionally, the IT CEO was tasked to
explain how the data breach was unavoidable. The two approaches provided less toll on the
stakeholders’ psychological state associated with a data breach.
The second moral obligation from Facebook concerns the identification of the culprits
and a way to bring them to justice. The IT CEO was tasked with identifying the source of the
security threat. The process of determining the start of the data breach involved target
identification and exploiting computer vs. human errors to assess known vulnerabilities after
identifying the source and developing means to retaliate and infiltrate the attacker’s system to
recover breached data. To bring the culprits to justice, a group of FBI specialists and our team
of IT experts ensured the tracing and apprehension of the people behind the data breach
attack on Facebook. While communicating with the stakeholders, the details of the culprits
were shared to foster trust and reduce psychological stress.
To ensure trust for all our stakeholders, the approach taken to address the data breach
on Facebook involved the following steps. First is the provision of a sincere and honest
report, and although the data breach was not at companies’ fault, the company took full
responsibility. Second, the team provided a detailed report explaining the reasons behind the
data breach. Third, a special update package was delivered to all users to reset their Facebook
accounts while fully retaining their private information and data. The fourth step involved
educating secondary stakeholders within the Facebook community, especially the IT and
R&D departments, on preventing such attacks. Finally, the company invited open dialogues
from all Facebook users in a particular review section concerning the data breach.
To correct past mistakes and meet the legal requirements during the data breach, the
team headed by the CEO informed the public promptly as to the details of the data breach.
The team was fully aware of the non-existence of laws requiring companies to alert their
companies in case of any data breach cases (Riley, 2022). Facebook data breach team
approached the lack of laws as a strength for the company’s reputation by outlining a clear
communication plan to avoid legal backlash while ensuring trust from stakeholders.
The Causes
After examining Facebook’s challenge to address communication about a recent data
breach and the approach on how to do so, the team further finds it wise to investigate and
discuss some of the causes of Facebook’s data breach challenge. There are external and
internal causes of the data breach. External causes are without the company and originating
out of the company, while internal causes are within the company.
External causes
Users may use legitimate functions of Facebook to cause a Facebook data breach. The
recent data breach resulted from a function used by Facebook but canceled in 2018. The
function allowed Facebook users to use phone numbers to find friends and virtual friends
online. However, the feature was exploited to collect data and store the culprits in an online
database and released later (O’Sullivan, 2019). For example, malicious facebook owners use
such legitimate Facebook functions to cause a data breach.
Another external cause is hacking to access the personal information of Facebook’s users
in their accounts. Hackers use access tokens to log into their Facebook accounts. Access
tokens are temporary access keys given once a user logs into their account with their
credentials. These access keys allow the user access to the mainframe account and change
every time the user logs in (MSG Management Study Guide 2019). Hackers use these access
keys to bypass security requirements and siphon personal information from the mainframe
account.
To solve such external causes, Facebook should ensure vigorous scrutiny of different
applicability or any chance of malicious users exploiting their platforms. In case a problem is
found, affirmative measures should be implemented to ensure that every aspect of the
problem that may lead to a data breach is removed. To prevent hackers from exploiting
access tokens, Facebook’s firewall developers should consider granting access tokens unique
auto-generated passwords specific to the user’s account.
Internal causes
The lack of regular debugging of Facebook’s legitimate tools contributes to data
breaches. for example, the contact import feature is thought to have an error. The feature
allows Facebook users to import their contacts from their phones, tablets, or i-pads to their
Facebook account for safety (Facebook, 2022). However, the feature is reported to be
vulnerable to hacking during The import process creating access for hackers to gain access to
the user’s contacts leading to further data breaches.
Poor communication from Facebook’s panel attributes to the recent data breach.
According to sources such as the New York Times, most of the sources that Facebook is
accused of for data breaches had been reported earlier, but Facebook made no point in
communicating the issue. While this is seen as a strategic business move to alleviate the
psychological stress of stakeholders, as discussed earlier, not communicating promptly to its
users gives the hackers an added advantage. Uninformed users do not know how to protect
themselves; therefore, the hackers continue exploiting them and finding new ways to siphon
personal data from them/
Internal causes, such as vulnerable firewalls and lack of communication, can be solved
quickly. Weak firewalls can be solved by creating a structured firewall upgrade system with
outlined intervals provided by the company. The interval should never be missed under any
circumstance. Additionally, investing in new and encouraging developments of new firewall
features to guard the company’s data should be a priority for Facebook. On the other hand,
prompt and accurate communication should be captured as a section in the company’s
constitution. A clause that mandates the necessary individual or group of individuals to
communicate to all the users and the general public about a recent data breach or a system
update foster trust among all the stakeholders. Furthermore, open communication tells the
parties to think of exploiting the hack-proof system with the best firewalls.
References
Davis, M. (2019, July 25). 4 Damaging After-Effects of a Data Breach – Cybint. Cybint.
https://www.cybintsolutions.com/4-damaging-after-effects-of-a-data-breach/
Facebook. (2022). Facebook Privacy Basics. Facebook.
https://www.facebook.com/about/basics/privacy-principles
Facebook. (2022). Manage contact uploading with the Facebook app: Facebook helps
center. Manage contact uploading with the Facebook app | Facebook Help Center.
Retrieved October 23, 2022, from
https://web.facebook.com/help/355489824655936?_rdc=1&_rdr
Heaslip, E. (2022). How to Communicate a Data Breach to Customers.
https://www.uschamber.com/co. Retrieved October 17, 2022, from
https://www.uschamber.com/co/grow/customers/how-to-communicate-data-breach-tocustomers.
Kissinger, D. (2018, June 20). Facebook Inc. Corporate Social Responsibility & Stakeholder
Analysis. Panmore Institute. https://panmore.com/facebook-inc-stakeholderscorporate-socialresponsibilities#:~:text=Facebook%20Inc.%20has%20the%20following%20stakehold
er%20groups%20relevant
Mohammed, Z. (2022). “Data breach recovery areas: an exploration of organization’s recovery
strategies for surviving data breaches,” Organizational Cybersecurity Journal:
Practice, Process, and People, Vol. 2 No. 1, pp. 41–59. https://doi.org/10.1108/OCJ05-2021-0014
MSG Management Study Guide. The Facebook Data Breach. (2019). Retrieved October 23,
2022, from https://www.managementstudyguide.com/facebook-data-breach.htm.
O’Sullivan, D. (2019, September 5). Hundreds of millions of phone numbers once tied to
Facebook accounts posted online | CNN business. CNN. Retrieved October 23, 2022,
from https://edition.cnn.com/2019/09/04/tech/facebook-phone-numbers-exposed.
Riley, T. (2022). The Cybersecurity 202: A massive Facebook breach underscores limits to
current data breach notification laws. TheWashingtonPost. Retrieved October 17, 2022, from
https://www.washingtonpost.com/politics/2021/04/06/cybersecurity-202-massive-facebookbreach-underscores-limits-current-data-breach-notification-laws/.
.