Recently a friend posed an interesting problem to me, a problem that he has been struggling with for quite some time. Management, in their infinite wisdom, had assigned him the formidable task of coming up with a code of ethics that the staff must follow for all computer usage. Their actions stemmed from the abuses by employees (both technical and non-) of the various computer facilities provided by the company. These infractions ranged from simple acts such as reading another's email over their shoulder to offenses as serious as the destruction of work created by others. It was felt that if a generic policy was instituted, employees would be able to supplement their moral compasses with a document to aid them in their quest for a happy and productive co-existence with one another.
In a diversified company that includes, among others, arts, documentation and technical support departments, the problem of creating a generic document is indeed formidable. One might initially suggest that each department have their own code of ethics, but the obvious conflict arises that "Person X can do this, why can't I?" Therefore the easy solution can immediately be discarded. Obviously guidelines that are generic enough to encompass all the departments are needed, but they must be specific enough so as to prevent employees from constantly second-guessing them, or worse, just plain ignoring them.
Unlike a technical document, in which there are several known facts presented in a clear, concise fashion, a code of ethics must encompass as wide a moral base as possible without unduly expanding parameters and excluding the majority of people that the guide is aimed at. For example, one employee may see the company's fast network connection as the perfect place to surf for and view pornography during their lunch break, while it is possible that the vast majority of the office does not find this practice acceptable or even allowable in their environment. The viewer's perspective is that they are on lunch break (thus their own time), and they are not outwardly disturbing anyone, nor are they unduly disrupting the network traffic during the lull. More importantly, others shouldn't be looking at their screen anyway.
|"Writing an ethics document can be likened to writing the commandments -- it is expected that everyone follow the guidelines, but they must not be so intrusive as to cause rejection of the doctrine."|
Hopefully, this simple example brings to light at least a small part of the problem that faces someone that is handed this daunting task. Writing an ethics document can be likened to writing the commandments...it is expected that everyone follow the guidelines, but they must not be so intrusive as to cause rejection of the doctrine. Special care must be given to ensure that the code does not create deadlock, i.e. where one rule contradicts another. Also, almost above all else, the writer must make sure that the code will not cause any productivity to be lost.
The first step in writing such a document should be a good understanding of what the term ethics actually means and implies. The American Heritage Dictionary describes ethics as "The rules or standards governing the conduct of a person...." The word ethics is tied strongly to morals. Turning once again to the dictionary, we find that one of the many definitions of morals is: "Conforming to standards of what is right or just in behavior." Sound like what we're looking for? In other words, a code of ethics should outline a set of parameters in which the users of this guideline perform their actions and/or duties.
Next, lets see why we need such a code to be explicitly outlined. In my associates' case, the problem was that users simply did not seem to understand what was and was not acceptable usage of the computer resources. So the problem that we hope to solve is the lack of guidance and education in the ways of interaction (both explicitly and implicitly) between employees and their computers.
Simple topics should be handled first, with additional layers added as special cases apply. For example, the rule, "Keep your password a private affair," seems like common-sense advice, but to many first-time users the idea of a password is more of a passing annoyance than a necessary measure. As needed, this rule can be further clarified to account for systems administrators or other IT professionals. This, of course, raises further issues (think of the infamous Motorola incident where Kevin Mitnick passed himself off as a person that really needed the blueprints for the next generation cell-phone).