Ethics, moral dilemmas, and tough decisions: the many challenges of

Please read the case and answer 3 questions at the end:


Ethics, Moral Dilemmas, and Tough Decisions: The Many Challenges of Working in IT.


What Bryan found on an executive’s computer


six years ago still weighs heavily on his mind.


He’s particularly troubled that the man he


discovered using a company PC to view pornography of


Asian women and of children was subsequently promoted


and moved to China to run a manufacturing plant. “To this


day, I regret not taking that stuff to the FBI.” It happened


when Bryan, who asked that his last name not be published,


was IT director at the U.S. division of a $500 million multinational


corporation based in Germany.


The company’s Internet usage policy, which Bryan


helped develop with input from senior management, prohibited


the use of company computers to access pornographic


or adult-content Web sites. One of Bryan’s duties was to use


products from SurfControl PLC to monitor employee Web


surfing and to report any violations to management.


Bryan knew that the executive, who was a level above


him in another department, was popular within both the


U.S. division and the German parent. Yet when the tools


turned up dozens of pornographic Web sites visited by the


executive’s computer, Bryan followed the policy.


“That’s what it’s there for. I wasn’t going to get into


trouble for following the policy,” he reasoned.


Bryan’s case is a good example of the ethical dilemmas


that IT workers may encounter on the job. IT employees


have privileged access to digital information, both personal


and professional, throughout the company, and they have the


technical prowess to manipulate that information. That gives


them both the power and responsibility to monitor and report


employees who break company rules. IT professionals


may also uncover evidence that a coworker is, say, embezzling


funds, or they could be tempted to peek at private salary


information or personal e-mails. There’s little guidance,


however, on what to do in these uncomfortable situations.


In the case of the porn-viewing executive, Bryan didn’t


get into trouble, but neither did the executive, who came up


with “a pretty outlandish explanation” that the company accepted,


Bryan says. He considered going to the FBI, but the


Internet bubble had just burst and jobs were hard to come


by. “It was a tough choice,” Bryan says. “But I had a family


to feed.”


Perhaps it would ease Bryan’s conscience to know that


he did just what labor attorney Linn Hynds, a senior partner


at Honigman Miller Schwartz and Cohn LLP, would have


advised in his case. “Let the company handle it,” she says.


“Make sure you report violations to the right person in your


company, and show them the evidence. After that, leave it to


the people who are supposed to be making that decision.”


Ideally, corporate policy takes over where the law stops, governing


workplace ethics to clear up gray areas and remove


personal judgment from the equation as much as possible.


“If you don’t set out your policy and your guidelines, if


you don’t make sure that people know what they are and

understand them, you’re in no position to hold workers accountable,”


says John Reece, a former chief information officer


at the Internal Revenue Service and Time Warner Inc.


Having clear ethical guidelines also lets employees off


the hook emotionally if the person they discover breaking


the policy is a friend, someone who reports to them directly,


or a supervisor, says Reece, who is now head of consultancy


at John C. Reece and Associates LLC. Organizations that


have policies in place often focus on areas where they had


trouble in the past or emphasize whatever they are most


worried about. When Reece was at the IRS, for example, the


biggest emphasis was on protecting the confidentiality of


taxpayer information.


At the U.S. Department of Defense, policies usually


emphasize procurement rules, notes Stephen Northcutt,


president of the SANS Technology Institute and author of



IT Ethics Handbook: Right and Wrong for IT Professionals.




Adding to the complexity, an organization that depends on


highly skilled workers might be more lenient. When


Northcutt worked in IT security at the Naval Surface


Warfare Center in Virginia, it was a rarefied atmosphere


of highly sought-after PhDs. “I was told pretty clearly that


if I made a whole lot of PhDs very unhappy so that they


left, the organization wouldn’t need me anymore,” says




Of course, that wasn’t written in any policy manual, so


Northcutt had to read between the lines. “The way I interpreted


it was: Child pornography, turn that in,” he says. “But


if the leading mathematician wants to download some pictures


of naked girls, they didn’t want to hear from me.”


Northcutt says that he did find child porn on two occasions


and that both events led to prosecution. As for other


offensive photos that he encountered, Northcutt pointed out


to his superiors that there might be a legal liability, citing a


Supreme Court decision that found that similar pictures at a


military installation indicated a pervasive atmosphere of sexual


harassment. That did the trick. “Once they saw that law


was involved, they were more willing to change culture and


policy,” Northcutt says.


When policies aren’t clear, ethical decisions are left to


the judgment of IT employees, which varies by person and


the particular circumstances. For example, Gary, a director


of technology at a nonprofit organization in the Midwest,


flat-out refused when the assistant chief executive officer


wanted to use a mailing list that a new employee had stolen


from her former employer. Yet Gary, who asked that his last


name not be used, didn’t stop his boss from installing unlicensed


software on PCs for a short time, although he refused


to do it himself. “The question is, how much was it really


going to hurt anybody? We were still going to have 99.5 percent


compliant software. I was OK with that.”


He says he uninstalled it, with his boss’s approval, as


soon as he could, which was about a week later.

Northcutt argues that the IT profession should have two


things that professions such as law or accounting have had


for years: a code of ethics and standards of practice. That


way, when company policy is nonexistent or unclear, IT professionals


still have standards to follow.


That might be useful for Tim, a systems administrator


who works at a Fortune 500 agricultural business. When


Tim, who asked that his last name not be published, happened


across an unencrypted spreadsheet of salary information


on a manager’s PC, he copied it. He didn’t share the


information with anyone or use it to his advantage. It was an


impulsive act, he admits, that stemmed from frustration with


his employer. “I didn’t take it for nefarious reasons; I just


took it to prove that I could,” he says.


Tim’s actions point to a disturbing trend: IT workers are


justifying their ethically questionable behavior. That path


can end in criminal activity, says fraud investigator Chuck


Martell. “We started seeing a few cases about seven or eight


years ago,” says Martell, managing director of investigative


services at Veritas Global LLC, a security firm in Southfield,


Michigan. “Now we’re investigating a tremendous amount


of them.”


Whole Foods Market Chairman and CEO John Mackey


spent years earning a positive reputation as a corporate


leader who was not afraid to take a stand on ethics issues.


Before other companies figured out that it pays to be environmentally


friendly, Whole Foods led by setting standards


for humane animal treatment. In 2006, Mackey took the


bold step of reducing his own annual salary to one dollar,


pledging money instead for an emergency fund for his staff.


Not shy about expressing his views, Mackey challenged leading


thinkers, like Nobel Prize–inner Milton Friedman, on

business ethics issues. Like many leaders, Mackey seemed to


relish the public spotlight.


On July 20, 2007, however, Mackey got more than he



bargained for in terms of publicity.The Wall Street Journal




reported that Mackey had long used the pseudonym “Rahodeb”


to make postings in Yahoo Finance forums that flattered


his own company and leveled criticisms against the


competition. Serious financial and possibly legal repercussions


continue to unfold from this incident, and the final


consequences may not be known for some time.


Amid the furor that followed this disclosure of Mackey’s


secret online alias, it is vital that we not lose sight of the


critical issues it raises about ethics and leadership in a rapidly


evolving business world. There is no question that the current


climate has prompted many more companies to tackle


ethics issues.


By now, “business ethics” is an established part of doing


business, not just in the United States, but also increasingly


around the world. People no longer joke that “business ethics


is an oxymoron,” as society has come not merely to expect,


but to demand, that business conduct itself according


to basic rules of ethics and integrity. Business will always


need to pay attention to ethics and leadership, but these lessons


are continually challenged by new developments, including


technological advances that promote new kinds of


communication online. Business leaders cannot afford to


overlook these challenges, as even a single misstep can be


enough to undo a reputation for ethical leadership.



1.Companies are developing ethical policies and guidelines




for legal reasons, but also to clarify what is acceptable


and what is not. Do you think any of the issues raised in


the case required clarification? Would you take exception


to any of them being classified as inappropriate behavior?


Why do you think these things happen anyway?



2.In the first example (Bryan’s), it is apparent that he did




not believe justice had been ultimately served by the


decision his company made. Should he have taken the


issue to the authorities? Or was it enough that he reported


the problem through the proper channels and


let the organization handle it, as was the recommendation


of Linn Hynds? Provide a rationale for the position


you are willing to take on this matter.



3.In the case, Gary chose not to stop his boss from installing




unlicensed software, although he refused to do


it himself. If installing unlicensed software is wrong, is


there any difference between refusing to do it versus


not stopping somebody else? Do you buy his argument


that it was not really going to hurt anybody? Why or


why not?


15% off for this assignment.

Our Prices Start at $11.99. As Our First Client, Use Coupon Code GET15 to claim 15% Discount This Month!!