Archive for the ‘privacy’ Category
Facebook users should keep complaining, complaining bitterly, complaining in every possible forum.
Oddly, for all the controversy over Facebook implementing yet another round of changes to its layout and user experience, that controversy has almost been drowned out by arguments over whether it’s appropriate for users to complain about Facebook. Yes, the burning debate among users is over whether there should be a burning debate among users.
Much of the force of the “stop complaining!” camp is rooted in the claim that, hey, after all, it’s a free service and no one’s forcing you to use it anyway. But contrary to what you might have heard, Facebook isn’t optional, and it isn’t free. Let me explain.
First, let’s talk price. Lots of people have already pointed out that while Facebook doesn’t charge users for an account, that doesn’t mean it’s free. The service is supported by advertising, just like TV shows have been since the days of early soap operas. So you are “paying” to use Facebook — you’re paying with your eyeballs. You’re paying with attention, however fleeting, to those ads along the side of the page. And — the more worrying fact — you’re paying with your privacy, as Facebook uses what seems to be increasingly-ornate ways to gather information about you, your preferences, and your web-surfing habits. As the saying goes, there’s no such thing as a free lunch. Facebook isn’t an exception.
Think of it this way: Facebook is like a gas-station bathroom. It might be “free”, but that doesn’t mean that quality doesn’t matter. In both cases, the “free” service being offered is there as an inducement. In the gas station’s case, it’s an inducement to stop there for gas (and increasingly for snacks, magazines, etc.). In Facebook’s case, being able to post stuff for “free” for your friends to see is an inducement to look at those ads, and to share your web-surfing habits with that advertising agency. So they have reason to want you to be satisfied, and you have every right to demand excellence in return for your attention.
Second, is Facebook optional? Whether a product is optional or not matters, ethically, because when a product is truly optional, customers can simply exit the relationship, either buying the product from someone else or not buying it at all. Given the option to exit, the dispute between producer and consumer evaporates as the two simply agree to disagree and go their separate ways. (The classic source on this is Albert O. Hirschman’s book, Exit, Voice, and Loyalty.) But Facebook isn’t optional. Ok, I know. Strictly speaking yes it’s optional. But then, so is email, or having a telephone, or having a car. Optional but, for many of us, functionally essential. In this regard, Facebook is a victim of its own success. It has no real competition, and the service is one that many of us cannot simply walk away from. In essence, Facebook has gained a virtual monopoly on what has become part of our social infrastructure. Complaining about Facebook is no sillier than complaining about the state of your local roads or the consistency of your supply of electricity.
So if you don’t like Facebook’s new layout, or if you don’t like Facebook’s approach to privacy, do not hesitate to complain. You’re well within your rights. And if Facebook listens, you might just help make the on-line world a better place.
The intersection of social media with social unrest is a massive topic these days. Twitter has been credited with playing an important role in coordinating the pro-democracy protests in Egypt, and Facebook played a role in helping police track down culprits after the Vancouver hockey riots.
But the mostly-unstated truth behind these “technologies of the people” is that they are corporate technologies, ones developed, fostered, and controlled by companies. That means power for those companies. And, as the saying goes, with great power comes great responsibility.
Fast-forward to early August 2011. London is burning, and the riots have spread to a couple other major UK cities. The British government has called in a few thousand extra cops. And again, social media is playing a role. But this time the focus is specifically on Research in Motion’s (RIM’s) BlackBerry, and its use as a social networking tool. There have been all kinds of reports that the BlackBerry’s “BBM” messaging has been the tool of choice for coordination among London’s rioters. RIM is probably asking itself right now whether it’s really true that ‘there’s no such thing as bad publicity.’
Distancing itself from its role in the “BlackBerry Riots,” RIM issued (via Twitter) the following:
We feel for those impacted by the riots in London. We have engaged with the authorities to assist in any way we can.
The “in any way we can” part is intriguing. So, what can, and what should, RIM do? One thing they can do is to help authorities identify those inciting violence by breaking through the security of the BBM messages. But as reported here, “RIM refused to say exactly how much information it would be sharing with police.” The other, much more dramatic, thing that RIM could do would be to temporarily shut down all or part of its network. Whether that would be at all useful is open to question. It would certainly make a lot of people angry, including millions of people who are not involved in the riots, or who are relying on their BlackBerries to keep in touch with loved ones during this crisis. But I point out this option just to illustrate the breadth of options open to RIM.
The question is complicated by questions of precedence. Tech companies have come under fire for assisting governments in, for example, China, to crack down on dissidents. Of course, the UK government isn’t anything like China’s repressive regime. But at least some people are pointing to underlying social unrest, unemployment etc., in the UK as part of the reason — if not justification — for the riots. And besides, even if it’s clear that the UK riots are unjustifiable and that the UK government is a decent one, companies like RIM are global companies, engaged in a whole spectrum of social and political settings, ones that will stubbornly refuse to be categorized. Should a tech company help a repressive regime stifle peaceful protest? No. Should a tech company help a good and just government fight crime? Yes. But with regard to governments, as with regard to social unrest, there’s much more grey in the world than black and white.
As someone once said, ‘let he among you who has a free hand cast the first stone.’
Canadian Business recently reported that the head of Houston’s public transit agency has been suspended (for a week) for using the agency’s internet connection to look at porn.
This sort of conflict is likely to become increasingly common, since the only thing more ubiquitous in office settings than boredom are high-quality internet connections. And I suspect that under-prepared employers are likely to continue overreact, for no particularly good reason.
It seems to me that the point here should not be about porn; the point should be whether personal web-surfing at the office is allowed at all. There’s all kinds of deviant, transgressive, and socially controversial stuff on the web. Porn, per se, is far from the worst. So surfing the web for non-business purposes should either be allowed, or not. Either could well be a reasonable policy. A company can reasonably forbid use of company internet for personal purposes, just as most forbid use of corporate stationary or corporate premises by employees who are moonlighting. On the other hand, a company might reasonably allow a certain amount of personal usage as akin to making the occasional personal call on a company phone. But if employees are not allowed to use company internet for personal (including entertainment) purposes, that should be a clearly-stated policy.
There are of course a couple of circumstances in which an employer would have a legitimate interest in limiting the kind of stuff employees access online. One is size. If the employee is downloading large porn files (say, entire movies), that kind of thing could have an impact on the firm’s bandwidth usage, something that could cost money or just slow down internet access for employees engaged in legitimate work. Of course, the same would go for employees downloading the latest episode of Breaking Bad on iTunes. The second circumstance would be if there is a chance that the download would be visible and reflect badly on the company. If for some reason the fact that you’re surfing porn at work is liable to come to the attention of people outside the company, then, reactions to porn being as variable as they are, you should avoid drawing potentially unwanted attention to your company that way.
But in general, at least, the fact that it’s porn you’re looking at on your break, behind a closed office door, shouldn’t much matter to your employer.
None of this is to say, of course, that surfing porn at work is a good idea. It’s generally pretty dumb, especially if there’s any chance at all that co-workers are going to see and be offended. After all, we’re talking about the office, not your own living room. And so while employers have reason to allow their employees a certain amount of latitude, employees have reason to exercise a certain amount of discretion.
The post-Stanley Cup riots in Vancouver last week have generated a minor landslide of commentary. Much of it has focused on just who the malefactors were. In an age of social media, this has amounted to more than mere speculation: the identities of quite a few of the trouble-makers have come to light. Those who participated in the riots have thus brought very public shame upon themselves and their city. But what about the shame brought upon their employers?
Over at the “Double Hearsay” law blog, the question is asked from a legal point of view: Can employers fire Vancouver rioters? The short version of the legal analysis there is this. Any employer can fire an employee “without cause” as long as they give proper notice. In order to fire without giving a couple weeks’ notice, an employer has to have “cause:”
Generally speaking, an employee can be fired for his private conduct if that conduct is “wholly incompatible” with the proper discharge of his employment duties, or if it would tend to prejudice the employer….
The latter possibility is the relevant one here. If an employee participates in a riot and is widely known a) to have participated in shameful behaviour and b) to be your employee, then the employee has effectively done something “prejudicial” (i.e., likely to negatively effect your business).
OK, so that’s the legal side. Labour law draws a reasonably clear line around what you as an employer can do, and what the court will support your having done. But that still leaves open the question, should you even attempt to fire an employee who you know to have participated in a riot, say like the recent one in Vancouver or last year’s at the G20 in Toronto?
Here are a few quick considerations:
1) The legal issue of an employee behaving in a way that is “prejudicial” to the employer is also of course a very reasonable ethical consideration. A riot like the one in Vancouver is accompanied by significant public outrage, and guilt by association is a very real problem. In many industries, a business lives or dies by its reputation. As Warren Buffett has said, “Lose money for the firm, and I will be understanding. Lose a shred of reputation for the firm, and I will be ruthless.”
2) By participating — even somewhat passively, let’s say — in a riot, an employee reveals quite a lot about his own character and judgment. Do you really want someone with that little judgment working for you? Your company, no matter how laid back its corporate culture, has some sort of authority structure. It’s fair to ask just how suitable an employee is to work within any authority structure when they’ve publicly egged on another human being in burning cop cars or assaulting firefighters.
3) Even from an ethical point of view, the legal notion of “due process” is relevant. So if you’re considering firing someone for taking part in a riot, you can’t in all fairness do so based on mere hearsay, or without giving him a chance to defend himself. The right process is at least as important as the right outcome.
4) Finally, it is worth considering whether there are alternatives to firing. Maybe being laid off for a few weeks is sufficient. Or perhaps the employee can demonstrate his contrition by doing volunteer work. But it should be remembered that the solution has to fit the reason for firing in the first place. If your worry is that participation in a riot demonstrates a fundamental lack of judgment, then volunteer work isn’t going to erase that worry.
As a lawyer friend of mine put it, “rioting seems to strike at the core of social order.” And social order is at the core of business. It’s not unreasonable to think that participation in a riot is a disqualification for employment — but such a conclusion still has to be implemented prudently and fairly.
Thanks to Dan Michaluk for tweeting this story and bringing it to my attention.
A Board of Directors is responsible for overseeing the management and direction of a company, and that task includes monitoring the full range of risks to which a company might be subject. But what if the company’s CEO is one of those risks? What should a board do when a CEO’s off-the-job behaviour raises concerns? The IMF’s Dominique Strauss-Kahn is a case in point. Long before his recent arrest, Strauss-Kahn’s behaviour towards women raised eyebrows. Should it also have spurred the IMF’s Board to act?
See this story, by Janet McFarland, in the Globe and Mail: When and how to confront a wayward leader
Most corporate directors find it hard enough to confront a respected CEO about work-related poor performance, but it is even harder to tip-toe into the minefield of rumours about problems in an executive’s personal life.
McFarland quotes me in her story, but let me give a slightly fuller version of my comments here.
To start, it’s worth making a distinction. There are personal vices that are strictly personal (including most of what goes on between consenting adults behind closed doors.) And there are personal vices that are very likely to impinge upon the workplace or on performance at work. A tendency to engage in sexual harassment is an obvious example, as is heavy drug use.) But, when you’re a CEO of a name-brand organization, that distinction tends to break down. High profile means that personal vices can turn public very quickly, and affect the organization.
Also, bad behaviour on the part of those in the public eye can easily lead to blackmail, which can result in misuse of position and other kinds of bad decision-making. This is another example of why great power brings great responsibility.
On the other hand, there are lines boards should be hesitant to cross, on principled grounds. A CEO’s sexual orientation, for example, should be off-limits. This is obviously less of an issue in 2011 than it would have been in 1951, but even today a gay CEO might be seen as a risk factor (especially for an organization with a conservative customer base) but boards should take a principled stand against taking an interest in their CEO’s sexuality. The board has fiduciary duties to protect the company, but even fiduciary duties have their limits.
The last point I want to make here is that, when faced with a CEO’s bad behaviour, a Board faces more than a yes-or-no question. The ethical question here is not just a matter of whether to confront the CEO, but how to do it. A Board in such a situation needs to formulate a plan — a method of proceeding, including answers to questions like:
- Will the Chair of the Board approach the CEO solo, or should an ad hoc committee do it?
- Should they raise the issue explicitly, or obliquely?
- Should they give the CEO an ultimatum, or ask his or her suggestions for how things might improve?
- Given various anticipated responses by the CEO, how will the Board/Chair plan to react in turn?
How much privacy does a CEO deserve? Is his or her health a private matter, or a matter that should be open to the scrutiny of the public (and, in particular, of the investing public)?
See, for example, this piece by Miguel Helft, at the NYT: Jobs Takes Sick Leave at Apple Again, Stirring Questions
Steven P. Jobs, the visionary co-founder and chief executive of Apple, is taking a medical leave of absence, a year and a half after his return following a liver transplant. The leave raises questions about both his long-term prognosis and the leadership of the world’s most valuable technology company….
So, should Jobs tell all, letting shareholders and potential shareholders (and other stakeholders?) just what’s up with his health, so that everyone can adjust their decision-making accordingly? Some say a CEO has as might right to privacy as anyone else. Others say a CEO’s obligation to be transparency overrides that.
As Slate’s Annie Lowrey tells us:
While publicly traded corporations need to disclose events and changes that might “materially” affect the company, the Securities and Exchange Commission does not specifically require disclosures about CEO health. That vagueness in the law means that Apple has remained within the letter of the law with its disclosures….
I don’t have a strong view on this, but here are some thoughts:
1) Information is good; it’s what lets markets operate more rather than less efficiently. But a big part of what matters most is equal access to information, and so far there’s no worry about that here, as far as I can see. (It may be that some are worried that top insiders will trade Apple’s stock based on their insider knowledge. Doing so would probably be illegal, and hence very dangerous.)
2) Health is a spectrum. There are people in the pink of health, and people on death’s doorstep, and everything in between. All CEOs are somewhere on that spectrum, and there’s simply no clear line beyond which a CEO’s health becomes a worry. So if Steve Jobs needs to disclose his diagnosis, the same likely goes for all CEOs (and other senior executives?) Note also that medical prognosis is as much art as science. So even if, say, Jobs were to reveal that his doctors were giving him a year to live — well, frankly, that could mean he’d be dead in a month or in 5 years. We have good evidence that doctors just aren’t good at making those estimates.
3) The basic, crucial info — that Jobs has ongoing health problems, likely quite serious ones — is already out there. As a former SEC chair Arthur Levitt says,
Jobs going on medical leave sends a message to the market,” Levitt continues. “An intelligent investor should know the risks of Jobs having a relapse. For the board to opine on what the extent of the illness is right now I don’t think is really necessary.”
In the end, I guess I’m most worried about the slippery slope, here. There are lots of things investors could want to know, and lots of things they could argue they need to know. But that doesn’t mean we want to push on down that road.
What kinds of political obligations do corporations have? In particular, do they have obligations, like governments do, not to interfere with things like people’s ability to express themselves?
See this short blog entry by Leander Kahney, at Cult of Mac: Apple Pulled Wikileaks App Because It “Violated Dev Guidelines”
Apple has joined the shameful list of companies that have denied support for Wikileaks.
Apple confirmed that it removed a Wikileaks App from the online App Store, as reported earlier, and did so because it “violated our developer guidelines.”
“Apps must comply with all local laws and may not put an individual or group in harm’s way,” Apple spokeswoman Trudy Muller told the New York Times.
However, exactly how or why the app doesn’t comply with the law — or puts individuals or groups in harm’s way, Muler didn’t explain. She also didn’t discuss the First Amendment or the freedom of the press….
(I’ve already blogged on the more general question of whether companies are justified in ceasing to do business with WikiLeaks. See: Should Companies Judge the Ethics of Those With Whom they Do Business?)
But what’s particularly interesting in the bit quoted above is that Kahney mentions the First Amendment, implying that Apple ought to support WikiLeaks because it has a First-Amendment obligation to do so.
On the face of it, from a legal point of view, that’s surely false. The First Amendment says:
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances
Now, on the face of it, that’s a restriction on what the US Congress may do; it implies nothing at all about what private organizations (including corporations like Apple) may or may not do. (If there are experts on US Constitutional Law out there, please feel free to correct me!) But it may well be that the precepts enunciated in the US Constitution and Bill of Rights (or in other nations’ constitutional documents) should be thought of as having not just legal force, but also moral force, and that that moral force should be thought of as extending to all kinds of institutions, not just government. If that’s the case, then you could argue that, even though corporations are not legally bound by such principles, they ought ethically to be guided by them.
The whole issue of whether corporations have specifically political obligations to citizens (and not just more general ethical obligations to consumers) is a difficult one. Are we gaining something, or losing something, by thinking of corporations that way? Does thinking about corporations as playing a quasi-governmental role illuminate their moral obligations, or obscure them? In this regard, if you’re academically inclined it’s worth taking a look at this masterful article by my friend Pierre-Yves Néron: “Business and the Polis: What Does it Mean to See Corporations as Political Actors?”
I have a short piece on privacy in the Fall/Winter 2010 newsletter of the Canadian Centre for Ethics & Corporate Policy.
In the intro to the article, I delve into just what privacy is, why it is that we value it in the first place:
Privacy, at its most basic, is about having a sphere of personal control from which others can be excluded at will. It refers not just to information, though that is certainly a key component of privacy. Privacy is also about freedom of action, action that is not hindered by the prying eyes of neighbours, governments, or corporations. The more such freedom we have, the more privacy we have….
In the second half, I discuss why it is that companies should think carefully about privacy. I note that it’s not just a question of protecting customers’ private information, though that is certainly important. It’s also worth considering that companies themselves tend to value privacy, and they ought to keep that in mind:
…when a company asserts its own privacy rights, it is in at least some cases thereby protecting the privacy of its clients, along with the rights of its shareholders. But the key point here is that when companies think about the value of privacy, they would do well to consider how much privacy also matters to them.
The newsletter also includes a commentary on privacy from Ontario’s Privacy Commissioner, a piece on privacy concerns in the hiring process, by lawyer Avner Levin, and an article on privacy law more generally by lawyer Christine Lonsdale. You can download the entire newsletter here: Management Ethics Newsletter.
A divorce is a very private thing, except of course when it isn’t. And an employee’s (or executive’s) private struggles are, well, private — except when various kinds of business analysts start taking notice of those struggles.
Case in point: the bitter lawsuit over the terms of the difficult divorce of Elon Musk, one of the co-founders of PayPal and current CEO of Tesla Motors. For an outline of why the divorce resulted in a lawsuit, see this blog entry, by Jeanette Bicknell: Challenge to Confidentiality in Mediation? Basically, Musk’s ex-wife, Justine, is challenging the terms of the divorce settlement, and it looks likely to be a long, drawn out court battle.
The whole thing is a sad event for the former couple (and their 5 children) but it is also presenting problems for at least one of Mr. Musk’s companies, Tesla. See this piece from auto-industry website FutureCars: Could Elon Musk’s Divorce Affect Tesla’s IPO?
Sources are saying that the upcoming Tesla Initial Public Offering will be for between $1 and $1.5 billion or $10-$12/share, but all of this could be in jeopardy because of CEO Elon Musk’s pending divorce.
So the problem here is more than just the worry that an ugly personal battle is. And it’s not just the worry that Musk’s personal issues are a distraction from his management duties, though that has been suggested. No, according to the FutureCars story, Musk’s bitter divorce could have very serious implications for Tesla Motors, particularly if the court decides that Mr. Musk has to give some of his stock portfolio to his ex-wife:
If [Musk] did lose a large shareholding, that would default Tesla’s recent Department of Energy loan and could cause the S-1 filing for IPO to go in the round file….
So, the question for discussion: do investors in Tesla have the right to tell Mr. Musk to get on with it and settle the lawsuit with his ex-wife? Are investors (or employees, for that matter) essentially stakeholders in the Musk vs Musk court battle? Or is that an entirely personal matter, and none of investors’ business?
p.s., for those of you worried more about Mr. Musk’s emotional state than the financial well-being of his companies, fear not: he just recently celebrated his marriage to Hollywood starlet Talulah Riley.
The U.S. Supreme Court is once again diving into the waters of corporate personhood.
See this story, by Adam Liptak, for the NYT: Supreme Court Takes Cases on Rights of Corporations.
The Supreme Court added 14 cases to its docket on Tuesday, including three concerning the rights of corporations in unusual settings….
The story notes that two of the cases have to do with the use of the ‘state secrete privilege’ — the legal mechanism that allows the government not to submit evidence that would jeopardize national security. Both are cases to which both a corporation and the federal government are parties, and there is question about whether the state secret privilege can be used in ways that either hurt, or benefit, the corporation.
The other case is about privacy:
The privacy case, Federal Communications Commission v. AT&T Inc., No. 09-1279, will consider whether a provision of the Freedom of Information Act concerning “personal privacy” applies to corporations.
AT&T seeks to block the release of documents it provided to the F.C.C., which conducted an investigation into claims of overcharges by the company in a program to provide equipment and services to schools. The documents were sought under the freedom of information law by a trade association representing some of AT&T’s competitors.
AT&T relied on an exemption to the law for law enforcement records that could “constitute an unwarranted invasion of personal privacy.”
Yes, you read that right. In a previous ruling:
The United States Court of Appeals for the Third Circuit, in Philadelphia, ruled for the company, relying in part on a definition of “person” in the law that included corporations.
“Corporations, like human beings, face public embarrassment, harassment and stigma” because of their involvement in law enforcement investigations, Judge Michael A. Chagares wrote for a unanimous three-judge panel.
I’ve blogged before about why it is (sometimes) essential to think of corporations as persons, at least for legal purposes. But (as I’ve also argued) personhood is a complex notion, and deciding to think about corporations as persons doesn’t immediately imply attributing to them every characteristic of human persons.
Now, I don’t know precisely what Judge Chagares (quoted above) meant when he refers to the possibility of corporations facing “embarrassment, harassment and stigma.” But what he ought to have meant, I think, is that corporations (created by humans for human purposes) can suffer attacks on their reputation that can have a serious negative impact on the legitimate interests of their human creators. Roughly: if you (let’s say) unfairly impugn the behaviour or intentions of a corporation (or a non-profit for that matter) you wrongly harm the interests of the people who rely on it. What Judge Chagares needn’t have meant is that corporations possess the kind of dignity, or intrinsic worth, that we attribute to human persons, and that is the basis not just of the instrumental rights of legal personhood, but of human rights.