Before I get any deeper, I am not here to discuss whether or not Edward Snowden should have released the classified material. That is a debate for another day and another forum.
I am going to say that Snowden violated some of the core ethical principals of the Information Technology as a whole. It wasn’t the releasing of the PRISM slides that angers me. It is the fact that a Systems Administrator should not have been aware of the presentation in the first place.
The Association of Computing Machinery (ACM), with whom I’ve been a member longer than AIIM, has a published Code of Ethics. It is long and covers all sorts of situations in which members may find themselves. Section 1.8, Honor Confidentiality, applies to Snowden:
The principle of honesty extends to issues of confidentiality of information whenever one has made an explicit promise to honor confidentiality or, implicitly, when private information not directly related to the performance of one’s duties becomes available.
The Code of Ethics
I have been in IT for my entire career. I have had clearances and access to lots of information that would have made any number of news agencies drool. Whether it is CBS, The Daily Show, or TMZ, when you have a clearance and have access to systems you can find something of interest if you look.
The key thing is, my colleagues and I didn’t look. Our jobs were to create, deliver, and maintain systems to enable our clients to do their jobs. We all knew the mission of every organization when we signed on to a position and if we weren’t okay with that mission, we didn’t sign.
One former colleague, my friend Mark, refuses to work on any defense related projects. This poses a problem in the Washington, D.C. area, but I highly respect his decision. He has ethics and sticks to them.
Systems of Trust
One of the questions I hate most during a project is when someone asks me about the Administrator access. I know that no matter how much security you place in a system, someone will always have the keys, but that is a losing argument. I usually respond by alluding to the fact that if they can’t trust their staff, then they have bigger problems.
The NSA has bigger problems.
Running a Content Management program isn’t just about People, Process, and Technology. It is also about trust. The users are entrusting their content to me to take care of it for them. It is my responsibility to keep it and protect it.
Every bit and byte should be treated equally because as the technologist, you don’t know which collection of bits is going to be important. In fact, it is my ethical responsibility to not even know what those bits say unless they are either my bits or someone shares them with me.
That trust, and my ability to sell it, has been damaged by Snowden. That is turn is going to hurt every system out there.