The Ethics of the Equifax Hacking Scandal
Finance as we know it would not exist without credit and credit-reporting companies. The big three credit bureaus, Experian, TransUnion and Equifax, are some of the largest data providers in the world. These credit bureaus collect massive quantities of data to tell companies whether billions of people around the world are worth lending money.
Simply put, if you are in pursuit of the American dream, complete with the car and home with a white picket fence, you are likely at the mercy of one of these three companies. You entrust your personal information to them in the hopes of achieving these major life milestones and you hope that they will take all the necessary measures to safeguard it.
On Sept. 7, Equifax let down up to 143 million Americans when they announced that they had suffered a major data breach. Realizing that this security mishap could have negative implications on their personal finances for years to come, consumers turned to Equifax for help and were let down yet again. The steps Equifax took following its announcement created the public perception that the company didn’t care about its customers.
As future public relations professionals, we conduct ourselves within the parameters of the PRSA Code of Ethics. It seems that Equifax could have benefited from its managers adhering to a similar code of ethics when dealing with this crisis. Here are a few ideas about how Equifax could have handled this breach within the context of the PRSA Code of Ethics.
Honesty.
“We adhere to the highest standards of accuracy and truth in advancing the interests of those we represent and in communicating with the public.”
As professional communicators, we should always aim to disseminate accurate information about our clients in a timely manner. We want our interactions with consumers to be concise, clear and effective.
In Equifax’s case, the company waited almost a month after being hacked to share pertinent information with their customers and investors. Its customers were denied the opportunity to try to protect their information until long after it would have been compromised.
In addition to Equifax’s unethical withholding of vital information, its communications efforts following the announcement were inadequate and sloppy.
The Equifax Twitter page sent consumers to the wrong website, leading them to enter their personal information on a page that wasn’t associated with the credit bureau. Within the organization, there have been allegations of insider trading, as several company executives sold their shares before disclosing the security breach to the public.
Many of Equifax’s actions have been dishonest, while it could have been open and honest with their consumers from the beginning. Equifax offered confusing misinformation when it could have been helpful to its vulnerable customers.
The company’s failure to be truthful and transparent has left its customers feeling violated and deceived.
Advocacy.
“We serve the public interest by acting as responsible advocates for those we represent. We provide a voice in the marketplace of ideas, facts, and viewpoints to aid informed public debate.”
As public relations practitioners, our job is to serve as an advocate for both our client and the public.
Unfortunately, Equifax’s actions seem to indicate that they were only out to serve their own interests. Equifax’s website provided consumers differing results on whether or not their information was safe, leaving many frustrated and confused. Many struggled to get Equifax representatives to answer their questions or respond to their concerns. When consumers initially consulted the Equifax website to freeze their credit reports, the company even charged them a fee.
The public should feel that a company is there to help them after a major crisis. Equifax just made their customers’ lives more stressful. Equifax could have reassured their customers and acted as their advocates but instead they took the opportunity to make another buck and left their customers in the dark.
In conclusion, Equifax neglected to act in an ethical fashion following its data breach and subsequently damaged the relationship with its customers. If the company had been honest and advocated for its customers, its communications efforts would have been more effective.
—
Taylor Evans is a senior public relations major and psychology minor at the University of South Carolina. She is a member of her school’s PRSSA chapter, and she currently serves as an integrated communications intern in U of SC’s Office of Communications and Public Affairs. To learn more about Taylor, connect with her on LinkedIn.
