The Situation: You have just been engaged by a state government to be chief software architect and technical lead for a large database integration project. The project will consolodate personal information of citizens in order to better serve them. Names, addresses, mental and physical health details, child protective services comments, criminal records, and court documents are all to be coordinated into a cental database. It is expected that once data is collected and validated, it will be retained forever. One of the primary targets of the system is the state's children, especially those in poverty or hardship. However, data will be collected on everyone, just in case.
Problem is, you get a creepy feeling off the people from the state you're working with. Dispite assurances that the system will only be used to help people in need and to make life better for all the state's citizens, the nature of the system and the data to be collected is such that there is a strong potential for abuse; both casual abuse by individual users and systematic abuse by the state government themselves. The more they smile and try to reassure you, the more convinced you become that they're up to something.
There is no possiblity that the system could be constructed by the client themselves. They simply don't have the necessary people. Nor would they be able to perform any but routine maintenance on it.
The icing on the cake is that it's too late to just say no. You're holding the two million dollar purchase order, along with the contract obligating you to provide the sofware and services necessary to implement this system.
In your spare time you've put together a system by which an arbitrary set of instructions can be encoded to look like routine code (like say bury the instructions in the whitespace). It occurs to you that you could include a sort of "Doomsday Device" into the system, one that would lock out control, scram the database, and nuke the hardware. You'd trigger it by sending an special message via e-mail. (For our purposes, assume you know how to do this already.)
The Dillemma: Given the sinister nature of the system and the eroding civil-rights climate, should you stick by your professional cannon and code what was asked for or live up to your responsibilities to your fellow citizens and make sure you can take out the system should it ever be necessary?
Slashdot Mirror
The Situation:
You have just been engaged by a state government to be chief software architect and technical lead for a large database integration project. The project will consolodate personal information of citizens in order to better serve them. Names, addresses, mental and physical health details, child protective services comments, criminal records, and court documents are all to be coordinated into a cental database. It is expected that once data is collected and validated, it will be retained forever. One of the primary targets of the system is the state's children, especially those in poverty or hardship. However, data will be collected on everyone, just in case.
Problem is, you get a creepy feeling off the people from the state you're working with. Dispite assurances that the system will only be used to help people in need and to make life better for all the state's citizens, the nature of the system and the data to be collected is such that there is a strong potential for abuse; both casual abuse by individual users and systematic abuse by the state government themselves. The more they smile and try to reassure you, the more convinced you become that they're up to something.
There is no possiblity that the system could be constructed by the client themselves. They simply don't have the necessary people. Nor would they be able to perform any but routine maintenance on it.
The icing on the cake is that it's too late to just say no. You're holding the two million dollar purchase order, along with the contract obligating you to provide the sofware and services necessary to implement this system.
In your spare time you've put together a system by which an arbitrary set of instructions can be encoded to look like routine code (like say bury the instructions in the whitespace). It occurs to you that you could include a sort of "Doomsday Device" into the system, one that would lock out control, scram the database, and nuke the hardware. You'd trigger it by sending an special message via e-mail. (For our purposes, assume you know how to do this already.)
The Dillemma:
Given the sinister nature of the system and the eroding civil-rights climate, should you stick by your professional cannon and code what was asked for or live up to your responsibilities to your fellow citizens and make sure you can take out the system should it ever be necessary?