Unethical Technological Practices of Employees in Hewlett Packard (HP)
Category : Employee Empowerment, Ethics, Organizational Behaviour, Work Place Issues
Why be ethical? Is being lawful or righteous not enough? Would it be acceptable to do the lawfully right but morally wrong? These and other questions that centers on ethical governance are faced by virtually all companies. Global software companies are not an exemption but actually the most challenged by this so-called ‘ethics’ conception. For this paper, I have chosen to focus on unethical technological practices of employees within an organization. Hewlett Packard (HP) will be considered for this report. Although I have no connections with the company just yet, I am planning to work for the organization after the completion of my course. It is of my best belief that HP is one of the most successful IT companies worldwide. This is because of its unique culture which values innovation, development and employee empowerment. In this report, various workplace ethical issues committed by employees using technology will be discussed.
Background of Hewlett Packard
Hewlett-Packard (HP) is a technology solutions provider to consumers, businesses and institutions globally. The company’s offerings span from IT infrastructure, personal computing and access devices, global services and imaging and printing for consumers, enterprises and small and medium businesses. The central tenet of all activities within HP is epitomized by the “HP way” philosophy. The HP way can be summarized as a combination of different concepts. These concepts are love of the product, love of the customer, innovation, quality, open communication, commitment to people, trust, confidence, informality, teamwork, sharing, openness, autonomy and responsibility (Needle 2004). HP values every employee from all levels and they are viewed as important individuals with unique ideas, skills, experiences and perspectives that they bring in their jobs.
Unethical technological practices
Ethics on the other hand goes above and beyond laws and is not limited to specific acts and defined moral codes as it encompass moral ideals and behaviours by and large. Ethics guide the companies to make the right decisions and to act responsibly. Specifically, software companies are guided by the recently upheld computer ethics. Stamatellos (2007) defines computer ethics as the systematic study of the ethical and social impact of computers in the information society (p. 3). There are three theoretical approaches that focus on moral action that could be applied to the virtual society: virtue ethics – centers on the intentions of the moral agent, deontological ethics – deals with the moral action itself and utilitarian ethics – focus on the consequences of the action (pp. 6-7). These approaches will be further explored in light of the different ethical issues that challenge the HP workplace.
Primarily, it has been argued that these ethical dilemmas are committed because of abuse of power and exploitation of the capacity to do so (Shinder, 2005). The rhetoric of computer ethics deals with how HP should commit its people in adhering into ethical principles and they would likely to respond to moral and/or ethical dilemmas as it emerge. Amongst the many business violations that are faced by employees of HP are industrial espionage, hacking, spamming and random acts of information warfare with symptoms such as denial of access, denial of service attacks, illegal entry methods, theft of source code and theft of operating software or misrepresentation of authorship/ownership (Clarke, 2007).
First is industrial espionage which means to acquire intelligence that is driven by commercial purposes. Industrial espionage generally involves secretive theft of trade secrets or any information with relative value such as formulas, patents, new technology developments and other intellectual properties by either foreign or domestic companies against other businesses” (Salinger, 2004). In an environment wherein informations are treated as commodity, employees of IT companies like that of HP is being subjected to pressures and threats of liaising with other companies to acquire specific business informations to be used against the company in exchange of hard cash. Salinger (2004) made mention that majority of the offenders are employees (85%) and that the most commonly used technique for spying are computers and IT systems.
HP is one company which understands the seriousness of economic espionage. Why is this so? Informations and other intangible utilities like research and development strategies, manufacturing, marketing plans and customer lists no matter how secure or confidentially kept remains sensitive and accessible. The act of espionage as well knows no authority and boundary especially if one can do it by all technical means. What HP has done was to adopt policies that foster ‘ethical’ innovation such as policies that improve ability to attract, educate and retain the best IT talent (Baskin et al, 2006). HP regulates employee conduct through the stabilization of software platforms and digitalizing work processes.
The importance of control is greatly realized at HP wherein as much as possible it will control and modify the behaviours of its employees. Gratton (1999) control must be accomplished as it can be used to align the actions of individuals to the interests of the organization. Control processes ensure that employee goals, employee behaviors used to achieve those goals, and feedback of information about performance are linked to the organizational strategy (Sims, 2002).
Second is hacking or the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose. Hack is basically defined as the “use a computer or other technological device or system in order to gain unauthorized access to data held by another person or organization”. Hackers are the people who engage in computer hacking activities (Hinders, 2008). Hinders (2008) continued that hackers are not at all bad because computer hacking effectively leads to constructive technological advancements. What make ‘hacking’ illegal are the less noble motives of the hackers.
The paradox is that big software companies such as HP actually employ computer hackers as part of their technical support staff. The perception of the company is that these individuals could contribute to the company by utilizing their skills to identify the flaws in these companies’ security systems. HP makes use of the intelligence of these hackers to further advance learning about security systems. These people are treated as prized-possessions and regarded them with highest respects and this reflects to all HP employees. Sims (2002) related that such perception is important because HP acts based on its interpretation of events. It is a cognitive process which helps individuals select, organize, store, and interpret the stimuli into a meaningful and coherent picture.
For HP, computer hacking is an art form where you can display your technical know-how and is treated as white hacking. Shinder (2005) defines white hacking as the use of advanced programming skills to help companies and individuals protect against unauthorized access to security. Nevertheless, in order to regulate the behaviours of employees when it comes to black hacking, HP disclose in its code of conduct the sanctions employees will face if they involve in any form of black hacking (Bayles et al, 2005). HP considers that the attitudes of its employees determinants of behaviour since they link with perception, personality and motivation. Experiences are the results of attitudes that influence a person’s response towards other people, objects and situations (Sims, 2002).
Third is that act of spamming or receiving and forwarding unsolicited emails. Open SMTP relays, proxy servers and free commercial Web based email services are the common tools for spammers. When it comes to spamming, the anticipation of the use of viruses is rather difficult to detect. Spamming is considered unethical especially when done in the office because it creates traffic between the company and the customers when interfacing online. Spam messaging interrupts and blocks the services of Internet Service Providers (ISPs) (Trcek, 2005). Aside from the connection charges that spam generates, spam messages might contain embedded invisible pixel images or bugs that allow spammers to obtain personal information. This is critical particularly because of information database protection and security of companies.
HP recognizes that spamming is really uncontrollable because of the inherent unethical ways of advertising and marketing as an opposed to healthy, friendly competition which should be the case. HP created a Spam team that will independently address the issue. It involved educating employees regarding the consequences of spam messaging to their employment and to the health of the company. Spams not only destroy the business but also the reputation of HP. In particular, the team educates each employee on how to filter personal email messages and to report the issues once detected. In this way, other employees would be made aware of the existence of spams (Berthold et al, 2003). HP believes in behavior modeling wherein majority of what an individual learns is gained through an observation of others. One will imitate other people’s actions when they lead to desirable outcomes for those involved (Sims 2002).
Finally, the last is information warfare that pertains to the use and management of information in order to gain competitive advantage over rivals. Specific threats to information warfare include confidentiality and privacy violations and inference problems that may lead to insider violations and identity theft. In the web, all informations about anyone can be obtained and collected (Kumar et al). In addition, there are cyber tools that could exacerbate the situation such as data mining tools and other analysis tools that can make all kinds of unauthorized associations about individuals. Further, the process of posting queries and deducing unauthorized information from the legitimate responses are known as inferences to which the solutions are perceived to be the constraint processing and the use of conceptual structures (Kumar et al).
In order that HP could leverage the knowledge of its workforces, HP eliminates risks specifically via the eradication of data communication vulnerabilities, loss of control of business processes, loss of control over network perimeters, increased network complexity, clashing security policies and procedures and gaps in personnel security. HP also acknowledges information warfare in the workplace as an opportunity to address future ethical issues that will confront the company. HP resorted in trainings which provide greater emphasis in the integration of ethics in technical training, background information and core competencies such as learning skills, communication and collaboration, creative thinking and problem solving, global leadership and career-self management.
Group members exhibit different types of norms that conform to several, complicating behaviors within organizations. Norms, either pivotal – fundamental to accomplishing organizational objectives or peripheral – unnecessary to organizational objectives, are generally enforced to individual members though the decision to conform relies to them. In broader sense, HP involves it employees in effective socialization processes which could lead to achieving workforce flexibility. Socialization processes develop formal understanding of behavioural norms towards a harmonious working relationship (Brown and Harvey, 2005). In this way, HP could take advantage of the diversity of the workplace by means of cultivating a multi-personality workforce. Sims (2002) relates that personality may be defined as set of traits, characteristics and predispositions or stable pattern of behaviour, thoughts and emotions. In either way, personality means ways which any person differs from other person and it is very important when it comes to organizational behaviour.
All workforce ethical issues at HP boils to only one theme: it is important to consider the personalities and attitudes of employees which in turn will shape behaviours inside the organization as well as the perceptions of HP itself regarding how and why employee engage in unethical practices. We cannot bend the fact that HP, like other software companies, is profit-oriented. What I can argue is that unethical practices could be addressed through the implementation of ethical controls within the workplace. The ethical issues relating to the utilization of technology in the workplace presented here are problem-oriented. Nevertheless, it is evident that HP provides solutions to these problems through transforming employee behaviours basically by means of education.
Bayles, A. W., Brindley, E., Foster, J. C., Hurley, C. and Long, J. (2005). InfoSec career hacking: Sell Your Skillz, Not Your Soul. Syngress.
Berthold, M., Lenz, H. J., Bradley, E. and Borgelt, C. (2003). Advances in Intelligent Data Analysis. Springer.
Baskin, B., Piccard, P., Piltzecker, T. and Bradley, T. (2006). Combating Spyware in the Enterprise: Discover, Detect and Eradicate the Internet’s Greatest Threat. Syngress.
Brown, D. R. & Harvey, D. (2005). An Experiential Approach to Organization Development. (7th Ed.). Prentice Hall. pp. 1-18.
Gratton, L., Hailey, V. H., Stiles, P. and Truss, C. (1999). Strategic Human Resource Management: Corporate Rhetoric and Human Reality. Oxford: Oxford University Press.
Kumar, V., Srivastava, J., Lazarevic, A. and Inc NetLibrary. (2005). Managing Cyber Threats: Issues, Approaches and Challenges. Springer.
Needle, D. (2004). Business in Context: An Introduction to Business and its Environment. Cengage Learning EMEA.
Shinder, D. (2005). Ethical Issues for IT Security Professionals. TechGenix Ltd.
Sims, R. (2002). Organizational Success through Effective Human Resources Management. Quorum Books, Westport, CT.
Sims, R. (2002). Managing Organizational Behavior. Westport CT: Quorum Books.
Stamatellos, G. (2007). Computer Ethics: A Global Perspective. Jones & Bartlett Publishers.
Trcek, D. (2005). Managing Informations Systems Security and Privacy. Birkhauser.