Purpose: The purpose of this commentary is to reflect on the transformative changes organisations experience, in the form of increased use of emergent information and communication technologies (ICTs), as a significant factor in enabling the continuation of normal business practices during the COVID-19 pandemic, and subsequent key ethical considerations in the use of new technology by organisations . Design/methodology/approach: This commentary adopts a reflective approach and is based on a review of theories on diffusion of innovation, dynamic capabilities and data ethics and governance, as well as up-to-date business reports to reflect on the ethical implications of new technologies for organisations . Findings: Organisations from different industries and sectors around the world have experienced major disruptive changes because of the COVID-19 pandemic . Adoption and integration of new ICTs occurred at an accelerated pace in a collective effort to maintain “ business as usual ” . The use of emergent technologies is not without risks . The commentary argues that, in times of crisis, it is vital that organisations address the growing concerns around privacy and security of personal data by designing effective data governance frameworks that go beyond a mere compliance with existing policies and prevailing data privacy and protection laws to ensure data security and protection for all stakeholders . Originality/value: This commentary is making the case for more considered approaches to data governance and data ethics in business following the unprecedented challenges posed by the recent COVID-19 pandemic and suggests possible ways of moving forward from an ethical perspective.