Ethics, moral dilemmas, and tough decisions: the many challenges of

Please read the case and answer 3 questions at the end:

 

Ethics, Moral Dilemmas, and Tough Decisions: The Many Challenges of Working in IT.

 

What Bryan found on an executive’s computer

 

six years ago still weighs heavily on his mind.

 

He’s particularly troubled that the man he

 

discovered using a company PC to view pornography of

 

Asian women and of children was subsequently promoted

 

and moved to China to run a manufacturing plant. “To this

 

day, I regret not taking that stuff to the FBI.” It happened

 

when Bryan, who asked that his last name not be published,

 

was IT director at the U.S. division of a $500 million multinational

 

corporation based in Germany.

 

The company’s Internet usage policy, which Bryan

 

helped develop with input from senior management, prohibited

 

the use of company computers to access pornographic

 

or adult-content Web sites. One of Bryan’s duties was to use

 

products from SurfControl PLC to monitor employee Web

 

surfing and to report any violations to management.

 

Bryan knew that the executive, who was a level above

 

him in another department, was popular within both the

 

U.S. division and the German parent. Yet when the tools

 

turned up dozens of pornographic Web sites visited by the

 

executive’s computer, Bryan followed the policy.

 

“That’s what it’s there for. I wasn’t going to get into

 

trouble for following the policy,” he reasoned.

 

Bryan’s case is a good example of the ethical dilemmas

 

that IT workers may encounter on the job. IT employees

 

have privileged access to digital information, both personal

 

and professional, throughout the company, and they have the

 

technical prowess to manipulate that information. That gives

 

them both the power and responsibility to monitor and report

 

employees who break company rules. IT professionals

 

may also uncover evidence that a coworker is, say, embezzling

 

funds, or they could be tempted to peek at private salary

 

information or personal e-mails. There’s little guidance,

 

however, on what to do in these uncomfortable situations.

 

In the case of the porn-viewing executive, Bryan didn’t

 

get into trouble, but neither did the executive, who came up

 

with “a pretty outlandish explanation” that the company accepted,

 

Bryan says. He considered going to the FBI, but the

 

Internet bubble had just burst and jobs were hard to come

 

by. “It was a tough choice,” Bryan says. “But I had a family

 

to feed.”

 

Perhaps it would ease Bryan’s conscience to know that

 

he did just what labor attorney Linn Hynds, a senior partner

 

at Honigman Miller Schwartz and Cohn LLP, would have

 

advised in his case. “Let the company handle it,” she says.

 

“Make sure you report violations to the right person in your

 

company, and show them the evidence. After that, leave it to

 

the people who are supposed to be making that decision.”

 

Ideally, corporate policy takes over where the law stops, governing

 

workplace ethics to clear up gray areas and remove

 

personal judgment from the equation as much as possible.

 

“If you don’t set out your policy and your guidelines, if

 

you don’t make sure that people know what they are and

understand them, you’re in no position to hold workers accountable,”

 

says John Reece, a former chief information officer

 

at the Internal Revenue Service and Time Warner Inc.

 

Having clear ethical guidelines also lets employees off

 

the hook emotionally if the person they discover breaking

 

the policy is a friend, someone who reports to them directly,

 

or a supervisor, says Reece, who is now head of consultancy

 

at John C. Reece and Associates LLC. Organizations that

 

have policies in place often focus on areas where they had

 

trouble in the past or emphasize whatever they are most

 

worried about. When Reece was at the IRS, for example, the

 

biggest emphasis was on protecting the confidentiality of

 

taxpayer information.

 

At the U.S. Department of Defense, policies usually

 

emphasize procurement rules, notes Stephen Northcutt,

 

president of the SANS Technology Institute and author of

 

 

IT Ethics Handbook: Right and Wrong for IT Professionals.

 

 

 

Adding to the complexity, an organization that depends on

 

highly skilled workers might be more lenient. When

 

Northcutt worked in IT security at the Naval Surface

 

Warfare Center in Virginia, it was a rarefied atmosphere

 

of highly sought-after PhDs. “I was told pretty clearly that

 

if I made a whole lot of PhDs very unhappy so that they

 

left, the organization wouldn’t need me anymore,” says

 

Northcutt.

 

Of course, that wasn’t written in any policy manual, so

 

Northcutt had to read between the lines. “The way I interpreted

 

it was: Child pornography, turn that in,” he says. “But

 

if the leading mathematician wants to download some pictures

 

of naked girls, they didn’t want to hear from me.”

 

Northcutt says that he did find child porn on two occasions

 

and that both events led to prosecution. As for other

 

offensive photos that he encountered, Northcutt pointed out

 

to his superiors that there might be a legal liability, citing a

 

Supreme Court decision that found that similar pictures at a

 

military installation indicated a pervasive atmosphere of sexual

 

harassment. That did the trick. “Once they saw that law

 

was involved, they were more willing to change culture and

 

policy,” Northcutt says.

 

When policies aren’t clear, ethical decisions are left to

 

the judgment of IT employees, which varies by person and

 

the particular circumstances. For example, Gary, a director

 

of technology at a nonprofit organization in the Midwest,

 

flat-out refused when the assistant chief executive officer

 

wanted to use a mailing list that a new employee had stolen

 

from her former employer. Yet Gary, who asked that his last

 

name not be used, didn’t stop his boss from installing unlicensed

 

software on PCs for a short time, although he refused

 

to do it himself. “The question is, how much was it really

 

going to hurt anybody? We were still going to have 99.5 percent

 

compliant software. I was OK with that.”

 

He says he uninstalled it, with his boss’s approval, as

 

soon as he could, which was about a week later.

Northcutt argues that the IT profession should have two

 

things that professions such as law or accounting have had

 

for years: a code of ethics and standards of practice. That

 

way, when company policy is nonexistent or unclear, IT professionals

 

still have standards to follow.

 

That might be useful for Tim, a systems administrator

 

who works at a Fortune 500 agricultural business. When

 

Tim, who asked that his last name not be published, happened

 

across an unencrypted spreadsheet of salary information

 

on a manager’s PC, he copied it. He didn’t share the

 

information with anyone or use it to his advantage. It was an

 

impulsive act, he admits, that stemmed from frustration with

 

his employer. “I didn’t take it for nefarious reasons; I just

 

took it to prove that I could,” he says.

 

Tim’s actions point to a disturbing trend: IT workers are

 

justifying their ethically questionable behavior. That path

 

can end in criminal activity, says fraud investigator Chuck

 

Martell. “We started seeing a few cases about seven or eight

 

years ago,” says Martell, managing director of investigative

 

services at Veritas Global LLC, a security firm in Southfield,

 

Michigan. “Now we’re investigating a tremendous amount

 

of them.”

 

Whole Foods Market Chairman and CEO John Mackey

 

spent years earning a positive reputation as a corporate

 

leader who was not afraid to take a stand on ethics issues.

 

Before other companies figured out that it pays to be environmentally

 

friendly, Whole Foods led by setting standards

 

for humane animal treatment. In 2006, Mackey took the

 

bold step of reducing his own annual salary to one dollar,

 

pledging money instead for an emergency fund for his staff.

 

Not shy about expressing his views, Mackey challenged leading

 

thinkers, like Nobel Prize–inner Milton Friedman, on

business ethics issues. Like many leaders, Mackey seemed to

 

relish the public spotlight.

 

On July 20, 2007, however, Mackey got more than he

 

 

bargained for in terms of publicity.The Wall Street Journal

 

 

 

reported that Mackey had long used the pseudonym “Rahodeb”

 

to make postings in Yahoo Finance forums that flattered

 

his own company and leveled criticisms against the

 

competition. Serious financial and possibly legal repercussions

 

continue to unfold from this incident, and the final

 

consequences may not be known for some time.

 

Amid the furor that followed this disclosure of Mackey’s

 

secret online alias, it is vital that we not lose sight of the

 

critical issues it raises about ethics and leadership in a rapidly

 

evolving business world. There is no question that the current

 

climate has prompted many more companies to tackle

 

ethics issues.

 

By now, “business ethics” is an established part of doing

 

business, not just in the United States, but also increasingly

 

around the world. People no longer joke that “business ethics

 

is an oxymoron,” as society has come not merely to expect,

 

but to demand, that business conduct itself according

 

to basic rules of ethics and integrity. Business will always

 

need to pay attention to ethics and leadership, but these lessons

 

are continually challenged by new developments, including

 

technological advances that promote new kinds of

 

communication online. Business leaders cannot afford to

 

overlook these challenges, as even a single misstep can be

 

enough to undo a reputation for ethical leadership.

 

QUESTIONS:

1.Companies are developing ethical policies and guidelines

 

 

 

for legal reasons, but also to clarify what is acceptable

 

and what is not. Do you think any of the issues raised in

 

the case required clarification? Would you take exception

 

to any of them being classified as inappropriate behavior?

 

Why do you think these things happen anyway?

 

 

2.In the first example (Bryan’s), it is apparent that he did

 

 

 

not believe justice had been ultimately served by the

 

decision his company made. Should he have taken the

 

issue to the authorities? Or was it enough that he reported

 

the problem through the proper channels and

 

let the organization handle it, as was the recommendation

 

of Linn Hynds? Provide a rationale for the position

 

you are willing to take on this matter.

 

 

3.In the case, Gary chose not to stop his boss from installing

 

 

 

unlicensed software, although he refused to do

 

it himself. If installing unlicensed software is wrong, is

 

there any difference between refusing to do it versus

 

not stopping somebody else? Do you buy his argument

 

that it was not really going to hurt anybody? Why or

 

why not?