Legal Memoradumfinal

TO: John and Ann Applewood FROM: Sacha Wilson DATE: February 7, 2023 RE: Mountain Top View Inc. Case Considering the legal issues Mountain Top View Inc. will potentially be facing, I would like to take this time to review and share my findings to help educate you and set the path that is forthcoming. First let me explain to you the two types of law we are looking at in simple terms. Regarding the data breach and the injured customer, these are related to tort law. A tort is "something that occurs when one person's negligence directly causes property or personal damage to another individual" (DeBoff, 2019). There are three main categories of torts which are intentional, negligent, and liability. The data breach would be considered negligent because customer information was not well protected and thus stolen by another party. You maintained customer personal data within a database that you owned and therefore it is the company's responsibility to ensure this data is protected at all times from anyone who may try to get a hold of it for malicious reasons. In your case, many customers' names, addresses and phone numbers were stolen which will cause much alarm to those impacted - understandably. In court, the facts about how the business protects sensitive data and what safeguards, if any, are in place will be reviewed and a determination will be made as to weather or not Mountain Top View Inc. has sufficient safeguards in place. There are some things you may want to consider before your case ever goes to court. To show that you sincerely care about sensitive data and to make it fully apparent that you accept responsibility for the accident and want to make it right for all those involved, you could consider offering to pay for a credit monitoring service for everyone who data was compromised. This will show that you're acknowledging that it offered and that you want to do all that you can to ensure that no one encounters further damage due to the data breach. While
this is not legally required of you, it would be the ethically thing to do to make this right for your customers. The injured customer would fall into (product) liability since the harm was not intentional, but it is accused that it is due to poor product sold by your company. Tort laws are civil matters and are not criminal. The facts around the accident, weather the product was used correctly and was not damaged from a prior use, as well as weather or not the customer did anything to cause the product to fail will be reviewed in civil court. Once all the facts are laid out, a decision will be made as to weather or not your company provided a faulty product. We will do everything we can to ensure the product was not faulty, including testing similar products, researching if this has happened to others, and the full history of such incidents (or lack thereof) with your company. However, pertaining to the accusation of insider trading, this is related to criminal law which is "legally defined as any ubiquitous wrongdoing against society" (DeBoff, 2019). This case will be held in a criminal court and could result in criminal charges against the parties involved and found guilty of a crime. This includes you as the owners if it is determined that the owners did not do their due diligence when the incident was first reported. It would be best if the owners made a decision as to how they will handle the employees until the criminal case is determined in court. If the company doesn't already have policies in place for corrective action in these instances, it is vital that you put some in place immediately. It is in a company's best interest to come up with "corporate social responsibility" which is a " business initiative designed to meet specific goals related to ethics, sustainability and social impact." (Benevity, n.d.) In your case, you didn't have this in place when your company encountered a data breach, thus you were not sure what to do. While your intentions are good and you're looking out for your customers
and your business and employees, you're not being transparent with your customers, and it could appear to them that you are hiding something. Putting corporate social responsibility guidelines in place would guide you through what steps need to be taken immediately and how you can share the news with your customers and ensure that you will remedy the situation. Insider trading has historically dissolved businesses due to all the financial wreckage an accusation like this can cause. I would also suggest that a statement be given to all stake holders to explain the situation at hand and the steps that are being taken until the criminal case is resolved. It's important to ensure that the stakeholders feel confident in your actions and that this will not break the company apart. What is corporate social responsibility? "Corporate social responsibility is the one focused on here. It is a specific conception of the responsibility to profit while playing a role in broader ethical questions about community welfare." (Brusseau, n.d.) It can be broken down into 4 parts: 1. The economic responsibility to make money. 2. The legal responsibility to adhere to rules and regulations. 3. The ethical responsibility to do what's right even when not required by the letter or spirit of the law. 4. The philanthropic responsibility to contribute to society's projects even when they're independent of the business. Using these as a guide when determining new projects or initiatives for the business will ensure that the company is considering more than just the economic impact. Weather it has to do with customer sensitive information, environmental impacts, employee engagement, and community involvement. Using the triple bottom line theory to measure metrics and
Uploaded by ChancellorFreedomWren34 on