Compliance and Ethics in Review: July 24, 2018

The Latest and Greatest Industry News

GDPR snafus, code of ethics updates, toxic corporate cultures, and more

Each week, Convercent will highlight some of the top stories and most newsworthy events in the ethics and compliance industry. The focus is global, but you might be surprised by how relevant these stories are, both across borders and businesses.

British Airways shows everyone how not to GDPR

There’s certainly room for confusion when trying to adhere to the EU’s General Data Protection Regulation (GDPR), but British Airways might need some extra clarification. Last week, the airline’s social media staff were, “caught unintentionally encouraging customers to post personal data (such as their address and passport number) into a public forum — by failing to make it clear they should only send the information via a DM (i.e. rather than post it publicly to Twitter, as some apparently did) — and here’s the anti-privacy cherry! — claiming it’s necessary for GDPR compliance!”

Clarification was issued hours later, but that’s not the end of British Airlines’ GDPR woes. Mustafa Al-Bassam, an information security PhD student (and the person who first flagged the social media debacle), also filed a data protection complaint against the company. Upon trying to check in for a flight, he realized that the check-in page was sharing his personal data with third parties for ad targeting purposes.  

ACM updates computing ethics code for first time in 26 years, here’s what’s new

After two years of work, the Association for Computing Machinery (ACM) has updated its Code of Ethics and Professional Conduct. Why is this such a big deal? Well, the last time the organization’s code was updated was in 1992, and technology has changed quite a bit since then.

The ACM Code of Ethics is “a collection of principles and guidelines designed to help computing professionals make ethically responsible decisions in professional practice. It translates broad ethical principles into concrete statements about professional conduct.”

If this news from the ACM has you thinking, “Hmm, maybe we need to update our code, too,” these resources will set you down the right path.

The Morning Risk Report: More Boards Getting Compliance Training

With the #MeToo movement as a catalyst, an increasing number of organizations are now requiring board members to receive compliance training. According to a survey of approximately 1,200 executives, 73% said they now provide their boards with general compliance training, up from 44% who said they did so last year, and 58% who said they did in 2016.

If these findings leave you feeling inspired to up the ante on your own compliance training program (both at the board and employee level), here are some resources to help.

Telia continues on the TV acquisition trail

Not too long ago, the Swedish-based telecom company Telia announced the acquisition of GET and TDC Norway for roughly €2.2 billion. Even more recently, the company has confirmed their acquisition of Bonnier Broadcasting.

The new business will be a separate entity within Telia, and here’s the best part — there’s already a “comprehensive ethics and compliance framework” in place. Mergers and acquisitions can be tricky, so it’s nice to see an emphasis on ethics from the beginning.

The Inside Story Of Papa John’s Toxic Culture

We’re all familiar with the unacceptable comments former Papa John’s CEO John Schnatter has recently made, but there’s more to the story. Forbes interviewed 37 current and former employees, including executives and board members. Per their accounts, Schnatter’s alleged behavior includes everything from spying on his workers to sexually inappropriate conduct. 

This article offers a fascinating look into a toxic culture that was perpetuated for far too long, though the saga is far from over. On Sunday, the company issued a press release detailing a limited duration stockholder rights plan. Through a set of financial maneuvers, the plan will prevent any shareholder, including Schnatter, from gaining a controlling interest in the company.

Concerned there might be a cultural issue within your organization? Luckily, there are several KPIs you can measure to assess potential problems.

July 2018 Corporate Law and Governance Update

This monthly roundup from the National Law Review includes information about corporate social responsibility (CSR) initiatives, enforcement of corporate codes of ethics, board committee structures, and much, much more.