Scribd Logo
Upload

Welcome to Scribd!

  • 3 views

    As3 BC

    Uploaded by

    Phương Ng

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    As3 BC

    Uploaded by

    Phương Ng
    3 views20 pages

    Original Title

    As3-BC

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    3 views20 pages

    As3 BC

    Uploaded by

    Phương Ng

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 20

    ASSIGNMENT 3

    LEGAL AND OPERATION


    ISSUES IN BUSINESS
    OPERATION What is the Whistleblowing?
    ISSUES

    WHISTLEBLOWING

    • Whistleblowing is central to a company’s


    system of checks and balances.

    • Whistleblowing shields companies from


    reputational and other risks. The ability to
    blow the whistle reflects shared
    responsibility and positive culture
    LEGAL ISSUES What is the GDPR?

    THE GDPR

    • The General Data Protection Regulation


    (GDPR) is the toughest privacy and security
    law in the world.
    • The purpose of GDPR protection is to help
    organizations in managing personal data
    more efficiently, reduce the risk of data
    breaches, and improve interactions with
    clients and consumers.
    LEGAL ISSUES What is the GDPR?

    THE GDPR
    • If you process data legally, you have to do so according to seven protection and
    accountability principles legal including:
    1. Lawfulness, fairness, and transparency
    2. Purpose limitation
    3. Data minimization
    4. Accuracy
    5. Storage limitation
    6. Integrity and confidentiality
    7. Accountability
    GOOGLE &
    THEIR
    PRIVACY
    What is the case about? When did it happen?

    • In March 2018, Google discovered a security


    vulnerability but they kept it a secret.

    • Until August 2018, the incident was exposed by the


    Wall Street Journal.

    • Up to 500,000 user accounts may be exposed to


    personal information
    INFRINGEMENT
    What was the infringement?

    • GDPR violations involved “failure to protect the personal data of


    more than 500,000 consumers”

    • GDPR’s principle of integrity & confidentiality was infringed.


    This means Google should have processed personal data “in a
    manner that ensures appropriate security of the personal data,
    including protection against unauthorized or unlawful
    processing…”
    • Google also didn’t notify users of
    problems with their personal information.

    • Therefore, Google didn’t comply with the


    GDPR on “The right to be informed”.
    CONSEQUENCE
    How did the organization respond?

    According to The Wall Street Journal,

    Because of fears that it would draw regulatory


    scrutiny and cause reputational damage,
    Google's top executives opted not to disclose
    the issue and said that the company found no
    evidence the user data had been improperly
    accessed or misused.
    How did the organization respond?

    “Whenever user data may


    have been affected, we go
    beyond our legal
    requirements and apply
    several criteria focused on our
    users in determining whether
    to provide notice,”
    - Ben Smith, Google’s vice
    president of engineering, said
    in a blog post revealing the
    bug.

    Ben Smith - Google’s vice president of Engineering


    What was the impact?

    The influence is not great

    • As part of its response to the incident, shares


    of Google parent fell more than 2%
    immediately after the report.
    • The stock was last seen roughly 1% down.
    What measures were done after?

    • The company immediately decided to


    permanently shut down all consumer
    functionality of Google+.
    • Users will be able to download and migrate
    their data to another service.
    • After the scandal for six months, Google
    officially closed the G+ platform.
    DRAW A
    LESSON
    Non-compliance with the right and the consequences of GDPR

    • Under the terms of GDPR, not only are organizations


    required to ensure that personal data is collected legally and
    under strict conditions, but all data collectors and managers
    are obligated to protect the data from abuse and exploitation,
    and respect the rights of data owners.
    Non-compliance with the right and the consequences of GDPR

    • Fines for violations of GDPR regulations are very high.


    There are two types of penalties:
    1. Up to 20 million euros
    2. 4% of global revenue (whichever is higher) plus data
    subjects have the right to claim damages.
    Personal lesson

    • Understanding and complying with international laws and regulations


    is critical to maintaining legal and ethical standards in the global
    business environment.

    • The lawful use of business


    information is a legal obligation
    and a strategic business
    practice.
    Personal lesson

    • By complying with legal


    requirements:
    1. Businesses protect
    themselves
    2. Build trust with stakeholders
    3. Establish a strong
    foundation for sustainable
    growth and success
    Thanks For Watching!

    You might also like