Slashdot Mirror
Ethics In IT
chiefloko writes "I am presently taking a Business Ethics class while earning my MBA. For my final paper topic I have chosen 'Ethics within the Information Technology realm.' Over the past 13 years I have worked for three corporations and have seen everything from the typical BOFH to ungodly pirated software use. I also bore witness to a remote user logging in to a poorly administrated Sun station, finding out s/he was root, and then reading co-workers' emails. I am interested in what the norm is for ethics in the IT world and some of the stories and outcomes."
Ethics on an MBA - do the marks from this module get subtracted from your overall score?
At the bottom of the
While it's not strictly related to IT, I can spend a whole week doing any number of things that are really useful in the long-term to the business from an IT perspective. Or I can do something that will make the boss happy. Like a flashy widget on the intranet or a set of graphs that prove nothing. One gets me a better bonus and the favour of all those above me. One makes me a good tech. What's the norm here? Balance I guess, depends on the job. This year I'm going to spend a lot more time on the latter. Hopefully get the bonus and pay off the mortgage - most people trade ethics for a mortgage eventually.
But here's a problem: Technology is purpose-blind. It doesn't know for what purpose you're trying to do a particular thing -- only whether you've got access to do it. However, in the real world, we frequently want to trust someone with a particular resource, but only for certain purposes.
You're allowed to drive Daddy's T-bird to the library, but not to the hamburger stand. But the ignition system doesn't know that; it just knows you put the right key in. Your sysadmin is allowed to read your email files if she thinks something's wrong with the mail server, but not just because she thinks you're cute and wants to stalk you. But the permissions bits don't know that.
You're allowed to access Scientology's Web page to read it, but not to repeatedly reload it just to put load on their server and run up their bandwidth bill. But neither your browser (or wget) nor their server necessarily understand that.
So there's an ethical problem: you frequently have access to things for only certain purposes. How are those purposes defined and agreed on? Is it possible to make authorization systems more purpose-aware? Would that even be desirable, or would it just cause problems with unexpected situations?
Suppose Daddy's T-bird only allows you to drive to the library, by shutting off the engine if you try to go somewhere else ... and Daddy has a heart attack and you need to get him to the hospital. Down that road lie DRM and other systems that decrease the value of technology by getting in the way of legitimate uses.
One of the key difference between IT-related ethics and other fields like medicine or law is that there is no official body emitting guidelines and no rights and duties recognized by the law.
When a doctor is asked by an employer to give him medical informations about his employees, he can point out that this would be illegal.
When a sysadmin is asked by his company to monitor users' web access, there are a lot of privacy issues that are raised but never addressed in the law. I mean, it can be part of the sysadmin job to prevent company computers from accessing porn sites but knowing which users access gay websites and which are ordering viagra online is something that should never be forwarded to upper management. He cannont prevent knowing this, but there should be something akin to medical secret regarding these data.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
The Association for Computer Machinery (ACM) has a Code of Ethics. Have a look at it. It gives quite a lot of guidance converning professional conduct in IT.
from the to-stupid-for-words dept.
You also have to add in the ethics of other departments within a company. I've found often to my surprise, the ethics of sales people & marketing people are at times very different from that of programmers and other workers in a company.
... call it what you will, but to a sales person, its also part of the game they play.
Many sales people are not scientifically minded people. I'm a programmer and I worked in one company where the programmers were on one side of a desk divider and the other side had the sales people. We were killing ourselves laughing at then kinds of statements sale people were making about the products we were creating!. Often it wasn't based on fact at all. Ignorance or ethics?
They talk with complete conviction on a subject and it sounds like they know what they are saying (to anyone who doesn't know the subject), but with programmers I've found we often add disclaimers, because we see there are gaps in our knowledge and gaps in areas where we want to carry out more tests etc... Sales people's eyes often glaze over and they loose interest after telling them details for more than a few seconds. They don't what to know the details. They want to push a certain version of the truth (to me that's not truth at all and its ethically wrong, yet to sales people, its part of their way of communicating).
Also the ethics of high up bosses are often even worse than sales people. But they often do have one personality trait that helps them deal with sales people, as bosses I have found are often very distrustful people, even though on the surface they give a good image of confidence, deep down they show their insecurity and distrust of others. (Many even have recognisable personality disorders like NPD). They approach dealing with others, in a very different way to e.g. how programmers would work together.
The whole subject of ethics especially in big business like IT is very subjective depending on what people you ask.
There are 10 kinds of people in the world... those who understand binary and those who don't.
When I was a general manager, one of my policies was always to pay the small suppliers promptly, because they need it most. That's not only ethics, it is simple common sense.
It is interesting that one of the most developed business environments in the world -that little region that includes Northern Italy, Switzerland, parts of South Germany and South-East France - relies heavily on networks of trust. I have sealed the deal there more than once with no paperwork and a handshake. I suspect that the reason that "Business ethics" needs to be taught in an MBA class is because many new graduates have fantasies of the ruthless corporate world based on Hollywood and computer games, and they need to be made a little safer before they can get out and cause their companies serious damage.
The fact that some CEOs are psychopaths should not blind us to the fact that most are not.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
That's sociopaths, not psychopaths.
Think of it as the difference between a politician and a serial killer.
A friend of a friend was working in IT as a Windows administrator. He was called to fix someone's computer, who then went out to lunch leaving the friend alone with the computer. He saw a mail on the computer that he found interesting, so he forwarded it to himself.
This is surely a bad thing to do, and the end of the story is that he got fired, but he probably would have got away with it apart from the mistake he made....
He managed to spell his own name wrong in his email address. So when the guy got back from lunch, there was a bounce mail waiting for him in his inbox....
To expand this thought a bit (because it is pretty accurate imho) there is a direct link between an IT worker's behavior and the culture from which they come. I have worked in everything from infrastructure to development (solo and team) as well as security. From my observation IT workers have tremendous amounts of access to information and normally do not violate this "trust" if they think they will get caught.
This, as I said, is probably more to do with what kind of culture they are from (I am American) and the social norms they were taught (or not taught) than any commonality of ethic due to corporate department (just because you are classified as IT). The email example will show the classic "Yes, I CAN read all your emails, but I don't. Not because I think it would be wrong for ME to do so necessarily, but because I am too busy to care what you wrote." This is the only unique Ethical constraint I see in IT, where those of us who manage the information and the resources to access it choose an "ethical" path on a daily basis by choosing to solve OTHER PEOPLE's info problems rather than our own with a given block of time. Most IT workers will "feel" ethical if they are doing something useful for those in power over them (i.e. paycheck signers) rather than bending the resources at their disposal to their own amusement/education (i.e. displaying ten different will-it-blend's on different LCD's to see how cool it is).
Ultimately, this behavior is altruistic because upper management, given enough time from which to sample, can tell if an IT worker is "useful" or not and thus reward or punish them. America has a very minimalistic ethic of "if it isn't hurting anyone else.." so unless there are other cultural factors they can lose out to those from other cultures (see: Indians).
Yes unfortunately there are many high up bosses who go beyond even NPD. (Its an interesting sliding scale, as even NPD's lack a great deal of empathy. The higher up in this form of disorder, the more they lack empathy ... but often the more they perfect their image of being a good confident even moral person ... this suppression of empathy towards others is ironically why we have a world with such extreme behaviours ... even terrorists fit high up on this scale, as their self-righteousness blinds them from the horror of their actions. Scary world we live in thanks to these kinds of people. Thankfully most people in the world are not like them).
The whole subject of ethics in IT needs to be considered in a wider context with the ethics/morality of the other staff that make up the companies. Also even the whole of society and even at a given time in history affect interpretations of ethics. Each aspect of the context, can vary the interpretation.
The irony is most employees are far more trusting people than bosses or sales people. If we were more distrusting, we would seek out and learn to spot more examples of the gaps in what the bosses say, compared with what they do, and therefore be less easy to be exploited by some bosses. Its why some people are not called "business minded". What some bosses are actually describing as business minded, is a behaviour that is at times so twisted and lacking empathy, that I don't want to be like them. But I want to be successful in business, so it helps to learn to understand their behaviours, because once you learn to see these personality types, it gives a way of predicting their behaviours. Once you learn to see these personality types, its actually far easier to deal with them.
Ethics in big business like IT is a fascinating subject, as even their way of interpreting the law is at times different from most people. To most people (I hope!) the law is an uncrossable line. A solid boundary of ethical and moral behaviour. But to big business, I have been shocked at times at how the law is treated at times more like for example, the rules in Formula 1 racing cars, where they can twist and exploit the definitions of the law to suit themselves and how the government plays the same games back at them. For example government will say something like, "if you big company A do that now, to get around this law, then next time around, when we alter the wording of the laws, we will make it tighter still on you and all companies like you, so don't get around this law now". Its all political power biasing. The law at that level, isn't an absolute line, the way most of us interpret it. That kind of thinking in big business, I find, really puts the ethical worries of programmers into perspective.
There are 10 kinds of people in the world... those who understand binary and those who don't.
Interesting stuff. What doesn't help is that by and large, we, as a society, reward the kind of errant behaviour you describe whilst wringing our hands and muttering about how unpalatable it is. As a species we're our own worst enemy in many respects.
I want a list of atrocities done in your name - Recoil
For example:
If I as an individual, go out and set fire to somebody's car, I'm likely to spend a good deal of time in jail. I would possibly lose years off of my life and get a criminal record that would hurt the ability to provide for myself in the future. Knowing that trade off would deter me.
If a big businesses made a car that burst into flames then their likely punishment will all be in dollars and cents. So, any deterrent to them would be to not lose money. But sometimes, it's more profitable to make an unsafe car than it is to make a safe one. If that causes a violation of the law for them, then so be it. Even after the punishment is dealt out, they can come out better than before. As long as they can avoid the public action and boycotting that happened to Firestone, then there really isn't any punishment.
I think there needs to be a better punishment system for big business. Perhaps prosecution of CEO's, or forced closing (short term or permanent), maybe a fine to the shareholders.... I don't know.
Star Pirates
That's where we go wrong (it appears to be a very US centric view also - I've never heard that from a european company & I've spoken to more than a few over the years).
A company is part of the social fabric.. it doesn't stand alone. It provides employment, which gives its employees a certain standard of living. It also generates wealth that improves the economy. The employees use their pay to give money to other companies, thus helping them also.
If a company mistreats its employees it breaks part of that. It may make more profit, but at a cost to the rest of society. That's why most countries have strict employment laws.
Here is an example from my dad. He was an engineer at a manufacturing plant in the 70's that decided they needed to go to CAD. He was given the project. He started working with DEC and they quoted XXX,XXX.00 as the price for a great system. He took that back to his bosses and they agreed. He goes back to DEC and the salesman starts mentioning things like, "Would you like an OS with that? It will cost XX,XXX.00 more." and "Would you like the special power cord? It will cost an extra XXX.00" They kept this up until the price was now one and a half times the original quote. Dad was getting embarrassed at going back to his bosses over and over asking for more money and finally got mad and started threatening to kill the deal. At this point the salesman mentions that it includes a Rainbow computer (their version of a PC and rather pricey at that) that wouldn't show up on the invoice and could be shipped to any address. That was about the point were Dad exploded.
Crazy thing is he loved DEC computers and still does. He wistfully talks about their ability to multi-task and better file system.
Years later I was caught in an ethical bind and asked him what to do. "You can do the easy thing or you can do the right thing. Doing the right thing might be bad for you in the short term, but you will be able to look back later and feel good about yourself instead of feeling slimy every time your reminded about it."
I took a business ethics class taught by a retired corporate head of human resources. He gave a good explanation of why this is taught in some business schools. "If you think about this now when you have no pressure on you, you stand a much better chance of making the best decision when under pressure and you have to make a snap decision. Don't kid yourself and think these things won't happen to you. They will, and most of the time you will have no time to do any soul searching."
Is he strong? Listen bud, He's got radioactive blood.
This is why I now refuse to do work for public companies (I am self-employed). Once a company becomes a public entity, all motives except the profit motive go by the wayside. Employees and suppliers become numbers on a balance sheet.
Private companies, on the other hand, are free to have other motives in addition to profit such as providing employment etc. In my experience, private companies are much more likely to actually give a shit about their employees and suppliers. Of course there are private companies out there that are purely profit motivated, but it's not all of them.