We tend to strive after perfection. It’s something we hear a lot of, although the language can be more subtle. We grasp after it like a drowning man grasping at straws, always looking to improve our lot. We clutch at this new thing or that new thing to make us happy, but the shiny wears off and the grass is once again greener on the other side of the fence.
I’ve been noticing that this applies in other ways too. For example, I was looking for opinions on using USB sticks as backup devices the other day. Technically, as long as the stick is large enough and chosen with some care to chose a known reliable brand, I don’t see a problem. But, obviously, I wasn’t the first person to research this. on the old forum thread I discovered, comments began regarding the cost of the solution. The questioner was then called unprofessional, simply for being on a limited budget. This made me stop and realise that there is a lot of defensiveness in the quest for perfection, not to mention an attached ego trip. My own views on professionalism can wait for another time.
For me, there is no such thing as perfection. There is only a completely subjective view of things. What is perfect for one person or situation is not guaranteed to be so for another. Regarding my example above, the USB sticks possibly were the perfect solution to the questioners problem. To someone with different needs, possibly not. The important thing is to realise this and then respect others when they go their own way.
In this post, I want to start to think a little about ethics, but specifically from the point of view of software. I started looking around at this casually, I did some searching and chatted with friends who also work in IT. I found that the idea of ethics and software tends to be seen as a matter of software licensing and software piracy. I think that this misses what I’m looking for, that the goal of my search lies elsewhere.
As a programmer, I have ethical obligations. These are mostly to users of my programs. I have to do my best to ensure that the people who use my programs can trust them. This means that the programs don’t spy on the user in anyway, after all my programs are guests on your computer system. That means that they mustn’t abuse your trust. In fact, it could be said that the program acts as an ambassador for the programmer (or software company), if it’s crooked then what conclusions might be implied about the nature of the software provider?
But what about the user? This is an equally important area and is part of what I want to begin mulling over. This really starts with the position of being an ethical customer, so firstly we have to consider the company we’re dealing with. If a software company is noted for being specifically unethical or abusive of it’s power or position, we have to ask ourselves whether we want to do business with this company. Do we really want to support them? After all, the money we hand to the company helps to reinforce their profits and position, thus potentially supporting their unethical actions. In light of the recent revelations from Edward Snowden regarding government snooping and the complicity of some large software companies, this question is very relevant.
This is probably even more alarming when applied to cloud services. After all, we have little control over the practices behind the scenes at the service provider. We still have to ask the question of how easy it is to migrate away. If the only copy of your data is with a cloud service provider then are you a customer or a hostage? Given that you may not be able to guarantee the security or privacy of your data, how much knowledge and control are you willing to share with them? That’s a very pertinent question if the service or data is business critical.
However, there is a degree of responsibility that lies with the user too. When saving data, we have to consider the format used. Should we force other people to use formats for data that might lock them into a given piece of software? For example, a proprietary word processor or database with its own file format. If somebody wants to interact with us, they are forced to buy a given piece of software, but what ethical or moral right do we have to dictate that?
There is another piece to this, I have pointed out in the past that all notions of compassion and ethics have to begin with the way you treat yourself. After all, if you don’t treat yourself well, how can you then extend compassion to your treatment of others? Ethics and compassion have to begin at home.
This seems to mandate that we only use software we can be more confident of trusting, from ethical sources. I am convinced that Free Software such as GNU/Linux is the way forward in this regard. It also means that we apply the question of vendor (or format) lock in to our own situation. Do we want to be locked into this software? Who holds our data? I feel that these are questions that we can increasingly not afford to ignore.
It’s been a little while since the furore started over the Prism system. As I write Edward Snowden is a fugitive, having given the world the slip in Moscow. The discussion over whether he should have chosen to do what he has, or whether he should have chosen another method is one for another place and another time. What I would like to do is revisit a subject I have visited before, that of privacy. Privacy is something we seem to have much less of than we used to. This is an age of social media, ad network and website tracking. Data on our habits and personal information is worth big money to the right people, this is money they seem determined to have. Many of the services we take for granted thrive on this trade, while they don’t hide the fact, in my opinion they don’t make it as plain as they could. A simple principle here is that if you didn’t pay for the service, then you are the product not the customer. When concerned about privacy, you will often find a response stating that if you nothing to hide, why worry? This fallacy casts the privacy advocate in a very negative light and does nothing at all to help the debate. Those with nothing to hide should still be very worried by the erosion of their privacy.
Firstly, everyone has things that they consider none of anyone’s business. There are financial arrangements, family matters, private health concerns. These things are rightly considered private and for a corporation to try to profit from them is the height of bad taste. If a person were facing mental health issues, mounting debt worries or dealing with a sick or dying relative, would anyone honestly consider it right for someone to profiteer from this information?
Secondly, consider the problem of fraud and identity theft. Your personal information, bank account details, online passwords and other such things are very much in demand from online criminals. Would anyone possessed of even a modicum of common sense suggest that you should store these details openly and in plain view? Of course not, they are kept private and with good reason.
Thirdly, the person asking is often considered to be a representative of the authorities. Now, why wouldn’t you hand over this information to them? Well, they’re just human, far from perfect and information gathered can be misplaced. Consider the very serious lapses of data security that have happened in recent years, like laptops and memory sticks left in taxis, etc.
Fourthly, it’s not just individuals, but companies too. How many companies would give up all their secrets? Suppose we asked a Managing Director to post the company’s customer list on their website along with invoicing details for each customer. What about research details for new products or details of sales leads? How many do you think would agree to publicise any of this?
The truth is that we all have a lot more to worry about than Big Brother. Speaking as someone who works in IT, I will now don my business hat for a minute. If you resell or scrap an old computer, do you make sure that the hard drive is properly wiped? You should, because your personal information can still be recovered by a fraudster. If a PC is sent for repair, then I can guarantee you that there are many PC techs out there who will consider it their right to a copy of your MP3 purchases. All of this should worry you. This is why things like encryption, drive wiping and other security practices should be more widespread. The concern about electronic privacy isn’t about having something to hide; it’s about basic data hygiene practices, fraud protection and peace of mind. I’d like to close the post with a few of links that I think are relevant, one of them highly topical.
Various pieces of software and plugins to help protect your online privacy.
The blog of Michael Horowitz, this is well worth a read.
The website of the security researcher Steve Gibson, this has some great tools.