Ethics In IT 466
chiefloko writes "I am presently taking a Business Ethics class while earning my MBA. For my final paper topic I have chosen 'Ethics within the Information Technology realm.' Over the past 13 years I have worked for three corporations and have seen everything from the typical BOFH to ungodly pirated software use. I also bore witness to a remote user logging in to a poorly administrated Sun station, finding out s/he was root, and then reading co-workers' emails. I am interested in what the norm is for ethics in the IT world and some of the stories and outcomes."
Reading users email? (Score:4, Interesting)
Anyone who has time to read peoples email obviously isn't busy enough (and is easily amused).
Do something useful or something popular (Score:5, Interesting)
Trust simulation and purpose-blindness (Score:5, Interesting)
But here's a problem: Technology is purpose-blind. It doesn't know for what purpose you're trying to do a particular thing -- only whether you've got access to do it. However, in the real world, we frequently want to trust someone with a particular resource, but only for certain purposes.
You're allowed to drive Daddy's T-bird to the library, but not to the hamburger stand. But the ignition system doesn't know that; it just knows you put the right key in. Your sysadmin is allowed to read your email files if she thinks something's wrong with the mail server, but not just because she thinks you're cute and wants to stalk you. But the permissions bits don't know that.
You're allowed to access Scientology's Web page to read it, but not to repeatedly reload it just to put load on their server and run up their bandwidth bill. But neither your browser (or wget) nor their server necessarily understand that.
So there's an ethical problem: you frequently have access to things for only certain purposes. How are those purposes defined and agreed on? Is it possible to make authorization systems more purpose-aware? Would that even be desirable, or would it just cause problems with unexpected situations?
Suppose Daddy's T-bird only allows you to drive to the library, by shutting off the engine if you try to go somewhere else ... and Daddy has a heart attack and you need to get him to the hospital. Down that road lie DRM and other systems that decrease the value of technology by getting in the way of legitimate uses.
The difference between IT and other professions (Score:5, Interesting)
When a doctor is asked by an employer to give him medical informations about his employees, he can point out that this would be illegal.
When a sysadmin is asked by his company to monitor users' web access, there are a lot of privacy issues that are raised but never addressed in the law. I mean, it can be part of the sysadmin job to prevent company computers from accessing porn sites but knowing which users access gay websites and which are ordering viagra online is something that should never be forwarded to upper management. He cannont prevent knowing this, but there should be something akin to medical secret regarding these data.
IT Ethics is Different from Business Ethics (Score:5, Interesting)
In many business programs, students are exhorted to compete from day one. Many students take away the message that they should maximize profits (or market share or whatever they use as a metric of success) by any means necessary.
(I have worked on a number of antitrust regulatory issues, and you would be astonished at the number of e-mails that have been unearthed in which executives send each other messages to the effect, "Let's use unfair competitive practices to squash the little guy!" I'm paraphrasing, of course, but not by much.)
In IT, on the other hand, the issues pertain more to privacy and intellectual property rights. If a system administrator reads someone's e-mail, it may be for personal gain or just out of curiosity, but it's not due to any sort of overriding business objective. Competition in IT is to build the best product, not to "get" the other guy. And the ethics reflect that.
By the way, I've also worked at a company where an admin, who reported to a manager I worked beside, was reading e-mails. The manager let him know that he knew, and that if anything came of it, it would come back to bite him, but also let it slide because (1) someone has to have access, and whoever it is will probably take a peek from time to time, and (2) he was relatively discrete about it, and others may not be. Was he unethical in letting the behavior persist?
Re:You need to clarify your question (Score:3, Interesting)
Comment removed (Score:3, Interesting)
Re:You need to clarify your question (Score:5, Interesting)
The whole subject of ethics in IT needs to be considered in a wider context with the ethics/morality of the other staff that make up the companies. Also even the whole of society and even at a given time in history affect interpretations of ethics. Each aspect of the context, can vary the interpretation.
The irony is most employees are far more trusting people than bosses or sales people. If we were more distrusting, we would seek out and learn to spot more examples of the gaps in what the bosses say, compared with what they do, and therefore be less easy to be exploited by some bosses. Its why some people are not called "business minded". What some bosses are actually describing as business minded, is a behaviour that is at times so twisted and lacking empathy, that I don't want to be like them. But I want to be successful in business, so it helps to learn to understand their behaviours, because once you learn to see these personality types, it gives a way of predicting their behaviours. Once you learn to see these personality types, its actually far easier to deal with them.
Ethics in big business like IT is a fascinating subject, as even their way of interpreting the law is at times different from most people. To most people (I hope!) the law is an uncrossable line. A solid boundary of ethical and moral behaviour. But to big business, I have been shocked at times at how the law is treated at times more like for example, the rules in Formula 1 racing cars, where they can twist and exploit the definitions of the law to suit themselves and how the government plays the same games back at them. For example government will say something like, "if you big company A do that now, to get around this law, then next time around, when we alter the wording of the laws, we will make it tighter still on you and all companies like you, so don't get around this law now". Its all political power biasing. The law at that level, isn't an absolute line, the way most of us interpret it. That kind of thinking in big business, I find, really puts the ethical worries of programmers into perspective.
Re:You need to clarify your question (Score:5, Interesting)
Re:You need to clarify your question (Score:5, Interesting)
A company is part of the social fabric.. it doesn't stand alone. It provides employment, which gives its employees a certain standard of living. It also generates wealth that improves the economy. The employees use their pay to give money to other companies, thus helping them also.
If a company mistreats its employees it breaks part of that. It may make more profit, but at a cost to the rest of society. That's why most countries have strict employment laws.
Re:ethics require education (Score:3, Interesting)
Is there a reason you can't require a password change on first login?
The slimy factor (Score:5, Interesting)
Crazy thing is he loved DEC computers and still does. He wistfully talks about their ability to multi-task and better file system.
Years later I was caught in an ethical bind and asked him what to do. "You can do the easy thing or you can do the right thing. Doing the right thing might be bad for you in the short term, but you will be able to look back later and feel good about yourself instead of feeling slimy every time your reminded about it."
I took a business ethics class taught by a retired corporate head of human resources. He gave a good explanation of why this is taught in some business schools. "If you think about this now when you have no pressure on you, you stand a much better chance of making the best decision when under pressure and you have to make a snap decision. Don't kid yourself and think these things won't happen to you. They will, and most of the time you will have no time to do any soul searching."
Re:You need to clarify your question (Score:3, Interesting)
To make myself clear let us recall a Simpsons Tree of Horrors episode where Homer is buying a "Crusty the Clown Toy at a strange shop in China Town"
Owner: We sell forbidden objects from places men fear to tread.
We also sell frozen yogurt, which I call ``Frogurt''!
Homer tells the owner that he is looking for a present for his son's
birthday. The owner hands to him a talking Krusty doll.
Owner: Take this object, but beware it carries a terrible curse!
Homer: [worried] Ooooh, that's bad.
Owner: But it comes with a free Frogurt!
Homer: [relieved] That's good.
Owner: The Frogurt is also cursed.
Homer: [worried] That's bad.
Owner: But you get your choice of topping!
Homer: [relieved] That's good.
Owner: The toppings contains Potassium Benzoate.
Homer: [stares]
Owner: That's bad.
Homer: Can I go now?
Here we see knowledge, expertise and how they determine what is considered good or bad, hence ethics.
And this exactly why Lawmakers, Artists and Business people in general are unqualified to
exercise good ethics in IT. Due to their lack of expertise and knowledge.
Re:Talking of reading other people's emails... (Score:3, Interesting)
Doing this job well? Always! (Score:3, Interesting)
I spent a year of straight "heads down" time, doing network administration, database administration (we use Access 2000, but it's exposure nonetheless), writing a backup tool (and porting it 3 times "...it's only temporary, you know." - yeah, right), and learning RHEL during the day. At night I was writing a win32 application, bash scripts, C/C++ code, Java, playing with advanced routing, samba, and kernels in Slackware Linux, and constantly digging in to technical documentation and CS theory. The time has paid off ten fold. The difference between myself and my peers without 'hand-on' experience is simply astounding!
I didn't realize until I took graduate level administration and programming classes last semester and this semester and I breezed through them without cracking a book. My code is cleaner, better documented, and formatted better than when I was taking AP C++ in high school. I look at applications (regardless of platform - I'm running 3 flavors of Linux, a Mac and a Windows box at home, a RHEL box at work, and work on a Solaris box at school) in a completely different way than ever before. I don't see an application any more, but rather layers of abstraction connected via interfaces.
Once I realized that everything is a connecting interface from the backend to the frontend (protocols, devices, GUIs, etc., everything), I found I could do incredibly complex things in both programming and administration - it's just about getting the right interfaces on the right layers. It was a moment of revelation that compares to when I found out in *nix, everything is a file. The light went on! I also found out that C/C++ is almost a completely different language on each platform. GNU, win32, xcode might as well be 3 separate languages. Good documentation is worth its weight in gold. Version control is How It Should Be. And, every bit of knowledge is a tool in your toolbox; the more tools at your disposal, the more elegant your solution and the less forehead dents in your desk. Finally, if your interface layers are concise all the way up, everything falls in to place all the way up to the GUI and troubleshooting and bug fixing become single line fixes instead of full function kludges. That being said, I still write a lot of crap code... but at least I know when I'm doing it now.
Sorry for that rant, but I really had to comment on what the job has taught me.
Re:You need to clarify your question (Score:3, Interesting)
The free-market economist would say: you buy your car from the company that makes the best cars that you can afford.
The companies, realising that they need to sell cars in order to achieve their goal (making money), set about making their cars better or cheaper.
A better example might be: You are choosing between Car Company A and Car Company B. Both companies make good cars -- you can't choose between them on technical grounds. Car Company A's cars are about 10% cheaper than Car Company B's. Car Company B pays its employees 10% more than Car Company A. Which car do you buy?