Just because you can, it doesn’t mean you should

Not a day goes by, it seems, without some new civil liberties issue being raised about the security of our data. Hacking of credit card numbers is a global industry. Theft of copyrighted media is a worldwide pandemic. Scammers destroy the lives of the unwitting through callous email appeals and devious phishing attacks. And the latest blemish on all our reputations the posting of private photographs as a form of revenge.

Recently I got into a bit of a flame war (more a skirmish frankly) about the responsibility of businesses to meet their civic obligations. Their obligations to the welfare of employees, the protection of the public and the need to remain within the law. What got me into trouble was my insistence that those obligations come before the rights of the shareholders and the excuse they use for all executive decisions “increasing shareholder value.”

So this set me thinking about the responsibility of those of us in technology. What are our obligations to employees, the public and the law?

None of us in mainstream IT would willfully or maliciously design our business systems in such a way that they worked to the detriment of the users, customers or the organization that they serve (the dark side of our industry excepted of course – indeed the foregoing is their sole mission). But we do, all too often, take a position of what we can get a away with, what workarounds are acceptable, what features we’ll make hard to find and use and what errors we can live with.

I know it is easy to pile on Facebook for their mysterious changing of privacy setting defaults and the arcane places they hide them in their interface. Microsoft too is an easy target for its inexplicably frequent blue-screens-of-death. Even the once virtuous Apple is lately in receipt of vigorous criticism for the bewildering changes they are now making to the beloved iPhone interface.

But what about us? How do we fare in the systems we build?

How often have we built a technology solution expeditiously to fit the architecture rather than to improve the flow of work for the user? How infuriating is it that the customer facing website has two different and disconnected sub-sites for banking and brokerage? Why do we send out emails to our patients with a noreply@ email address and no phone number or real email address for someone who might have critical questions about their health care? Why does our computer-based telephone menu system ask questions that, when we do get through to an operator, the human asks all over again? We do all of these FOR OUR OWN CONVENIENCE, to make our software easier to develop, not for it to be easier to use.

Just, as I hope, capitalists are beginning to realize, cheapest is not best. Failing to invest in the infrastructure of your West Virginia chemical processing plant and poisoning the most essential natural resource we have, our water, for several hundred thousand people is criminal neglect. So, is failing to optimize customers’ and users’ time at the computer also neglectful. If you knew you could have built the system better and chose not to are you guilty of wasting that other most precious natural resource, our time?

We will say, in our defense, that the funds available to build the software were limited and we did the best we could with the resources we had. Limited by whom? Limited by corporate executives who arbitrarily assign funds that financing our projects in order to meet some profit target. Because bigger profits are better than big profits.

Banks could solve the credit card fraud problem but the cost of solving it is many times more than the losses incurred. What is not in their calculus is the stress and anxiety a stolen credit card has on the individual cardholder nor the disruption and effort needed by the cardholder to replace it and rebuild their life. Factor those costs in and the sums are very different.

In a time where chief executive salaries are 650x those of the average employee, when just 85 people have more wealth than half of the world’s 7 billion population, when millionaire presidential candidates pay less than 14% in taxes something is very wrong.

Wealth is good, profit is good, as Robert Townsend, CEO of Avis said, “If you’re not in business for fun or profit what the hell are you doing there?” But, contrary to the Gordon Gecko myth, greed is not good.

What is the answer? Perhaps we need to put warnings on our software explaining that we could do better but we didn’t because we ran out of time/money/resources and, by the way, here is our annual statement of profits and executive bonuses. Maybe the website should have a way to see ALL the personal information is held about us (menu item number one perhaps) and what is our most pessimistic assessment of the risk of that information being compromised. Perhaps our bank should tell us the rate at which cards are stolen and the rate at which they are eliminating the chance of fraud: a league table of the banks with the worst track record for fraudulent usage of our money would be a more useful list of bank abilities for most people in the country.

There needs to be a cultural shift. Profit needs to be a factor in every business decision but it should never be the only one. If we can’t achieve that shift we will see more poverty on our streets and adverts in every email, phone call and website.