How to be diplomatic in refusing to write code that breaches the privacy of our users
I am a team lead in a company located in Manila, and I am currently writing an app that has a seriously questionable feature request for its Android users -- which is to secretly record its surroundings using the phone camera. When I asked the CEO why we have to write this feature, I am told that it would achieve user safety and it would give cops leverage by way of investigation in case something in the videos can be used as evidence.
Having this feature is impossible for iOS users, so that leaves Android. This, of course, could place the company under serious fire for invading users' privacy when we get found out. In fact, as far as my country's laws go, it not only illegal, it is unconstitutional. This argument fell on my CEO's deaf ears, citing the legalistic "terms of service" that users would be made to agree upon, and he pointed out in jest that I should not question his business ideas.
Developing this feature is also problematic from a development standpoint. Operating the camera from the background would put too much toll on the phone's battery. Uploading the videos would also be vampiric on the user's internet connection. Lastly, it is impossible to do on iOs.
While the entire development team agrees with my assessment and is just as uncomfortable with the feature request as I am, the product owner explains to me that while the feature is truly useless, it still has to be made so as to attract investors. And it did please the investors based on the last meeting with them.
My team has thus far insisted that Apple does not allow its developers to run the camera in the background and that we have agreed that instead of a video recording, we would instead take pictures every ten seconds. But I am a hardliner about this and I do not want us developing anything close to this feature.
As this feature is definitely "marketing-driven" as the product owner suggests, I want to know counter-arguments from an investor's standpoint so that the feature would be scrapped in its entirety.
In general, how do I become diplomatic about this matter? I believe I can still talk some sense into the CEO. I have no qualms leaving this company on account of the poor management but I love my dev team, their superior skills, and the workplace culture that we have cultivated. As much as I would want to use our value to the company as leverage against the CEO--If you insist that we do this feature, we will leave--I wish to be charitable still.
Thank you!
ethics software-development privacy philippines
|
show 22 more comments
I am a team lead in a company located in Manila, and I am currently writing an app that has a seriously questionable feature request for its Android users -- which is to secretly record its surroundings using the phone camera. When I asked the CEO why we have to write this feature, I am told that it would achieve user safety and it would give cops leverage by way of investigation in case something in the videos can be used as evidence.
Having this feature is impossible for iOS users, so that leaves Android. This, of course, could place the company under serious fire for invading users' privacy when we get found out. In fact, as far as my country's laws go, it not only illegal, it is unconstitutional. This argument fell on my CEO's deaf ears, citing the legalistic "terms of service" that users would be made to agree upon, and he pointed out in jest that I should not question his business ideas.
Developing this feature is also problematic from a development standpoint. Operating the camera from the background would put too much toll on the phone's battery. Uploading the videos would also be vampiric on the user's internet connection. Lastly, it is impossible to do on iOs.
While the entire development team agrees with my assessment and is just as uncomfortable with the feature request as I am, the product owner explains to me that while the feature is truly useless, it still has to be made so as to attract investors. And it did please the investors based on the last meeting with them.
My team has thus far insisted that Apple does not allow its developers to run the camera in the background and that we have agreed that instead of a video recording, we would instead take pictures every ten seconds. But I am a hardliner about this and I do not want us developing anything close to this feature.
As this feature is definitely "marketing-driven" as the product owner suggests, I want to know counter-arguments from an investor's standpoint so that the feature would be scrapped in its entirety.
In general, how do I become diplomatic about this matter? I believe I can still talk some sense into the CEO. I have no qualms leaving this company on account of the poor management but I love my dev team, their superior skills, and the workplace culture that we have cultivated. As much as I would want to use our value to the company as leverage against the CEO--If you insist that we do this feature, we will leave--I wish to be charitable still.
Thank you!
ethics software-development privacy philippines
92
Probably illegal in EU due to GDPR. Change companies, this one will go under when the CEO is in jail.
– Matthieu Brucher
17 hours ago
23
Is there a data protection or consumer protection agency or equivalent in your country? Could you make an anonymous complaint to them? Also, I hope your username isn't your real name.
– user1666620
16 hours ago
25
It should be taken into account that on Android's next version (Android Q) apps won't be allowed to record video or audio when not in the foreground, as can be seen here: theverge.com/2018/3/7/17091104/…
– GustavoMP
15 hours ago
27
I'm curious what the current purpose of the app is if "user safety and giving cops leverage" can fall into scope.
– Mr.Mindor
15 hours ago
8
This has striking similarities to Volkswagon's emission scandal. Yes, the CEO lost his job, but throughout, the company deflected and scapegoated the engineers who were, "just following orders". That's not really a good position to be in.
– fbueckert
13 hours ago
|
show 22 more comments
I am a team lead in a company located in Manila, and I am currently writing an app that has a seriously questionable feature request for its Android users -- which is to secretly record its surroundings using the phone camera. When I asked the CEO why we have to write this feature, I am told that it would achieve user safety and it would give cops leverage by way of investigation in case something in the videos can be used as evidence.
Having this feature is impossible for iOS users, so that leaves Android. This, of course, could place the company under serious fire for invading users' privacy when we get found out. In fact, as far as my country's laws go, it not only illegal, it is unconstitutional. This argument fell on my CEO's deaf ears, citing the legalistic "terms of service" that users would be made to agree upon, and he pointed out in jest that I should not question his business ideas.
Developing this feature is also problematic from a development standpoint. Operating the camera from the background would put too much toll on the phone's battery. Uploading the videos would also be vampiric on the user's internet connection. Lastly, it is impossible to do on iOs.
While the entire development team agrees with my assessment and is just as uncomfortable with the feature request as I am, the product owner explains to me that while the feature is truly useless, it still has to be made so as to attract investors. And it did please the investors based on the last meeting with them.
My team has thus far insisted that Apple does not allow its developers to run the camera in the background and that we have agreed that instead of a video recording, we would instead take pictures every ten seconds. But I am a hardliner about this and I do not want us developing anything close to this feature.
As this feature is definitely "marketing-driven" as the product owner suggests, I want to know counter-arguments from an investor's standpoint so that the feature would be scrapped in its entirety.
In general, how do I become diplomatic about this matter? I believe I can still talk some sense into the CEO. I have no qualms leaving this company on account of the poor management but I love my dev team, their superior skills, and the workplace culture that we have cultivated. As much as I would want to use our value to the company as leverage against the CEO--If you insist that we do this feature, we will leave--I wish to be charitable still.
Thank you!
ethics software-development privacy philippines
I am a team lead in a company located in Manila, and I am currently writing an app that has a seriously questionable feature request for its Android users -- which is to secretly record its surroundings using the phone camera. When I asked the CEO why we have to write this feature, I am told that it would achieve user safety and it would give cops leverage by way of investigation in case something in the videos can be used as evidence.
Having this feature is impossible for iOS users, so that leaves Android. This, of course, could place the company under serious fire for invading users' privacy when we get found out. In fact, as far as my country's laws go, it not only illegal, it is unconstitutional. This argument fell on my CEO's deaf ears, citing the legalistic "terms of service" that users would be made to agree upon, and he pointed out in jest that I should not question his business ideas.
Developing this feature is also problematic from a development standpoint. Operating the camera from the background would put too much toll on the phone's battery. Uploading the videos would also be vampiric on the user's internet connection. Lastly, it is impossible to do on iOs.
While the entire development team agrees with my assessment and is just as uncomfortable with the feature request as I am, the product owner explains to me that while the feature is truly useless, it still has to be made so as to attract investors. And it did please the investors based on the last meeting with them.
My team has thus far insisted that Apple does not allow its developers to run the camera in the background and that we have agreed that instead of a video recording, we would instead take pictures every ten seconds. But I am a hardliner about this and I do not want us developing anything close to this feature.
As this feature is definitely "marketing-driven" as the product owner suggests, I want to know counter-arguments from an investor's standpoint so that the feature would be scrapped in its entirety.
In general, how do I become diplomatic about this matter? I believe I can still talk some sense into the CEO. I have no qualms leaving this company on account of the poor management but I love my dev team, their superior skills, and the workplace culture that we have cultivated. As much as I would want to use our value to the company as leverage against the CEO--If you insist that we do this feature, we will leave--I wish to be charitable still.
Thank you!
ethics software-development privacy philippines
ethics software-development privacy philippines
edited 11 hours ago
David K
24.6k1685125
24.6k1685125
asked 17 hours ago
Jenny Tengson MandaniJenny Tengson Mandani
7592722
7592722
92
Probably illegal in EU due to GDPR. Change companies, this one will go under when the CEO is in jail.
– Matthieu Brucher
17 hours ago
23
Is there a data protection or consumer protection agency or equivalent in your country? Could you make an anonymous complaint to them? Also, I hope your username isn't your real name.
– user1666620
16 hours ago
25
It should be taken into account that on Android's next version (Android Q) apps won't be allowed to record video or audio when not in the foreground, as can be seen here: theverge.com/2018/3/7/17091104/…
– GustavoMP
15 hours ago
27
I'm curious what the current purpose of the app is if "user safety and giving cops leverage" can fall into scope.
– Mr.Mindor
15 hours ago
8
This has striking similarities to Volkswagon's emission scandal. Yes, the CEO lost his job, but throughout, the company deflected and scapegoated the engineers who were, "just following orders". That's not really a good position to be in.
– fbueckert
13 hours ago
|
show 22 more comments
92
Probably illegal in EU due to GDPR. Change companies, this one will go under when the CEO is in jail.
– Matthieu Brucher
17 hours ago
23
Is there a data protection or consumer protection agency or equivalent in your country? Could you make an anonymous complaint to them? Also, I hope your username isn't your real name.
– user1666620
16 hours ago
25
It should be taken into account that on Android's next version (Android Q) apps won't be allowed to record video or audio when not in the foreground, as can be seen here: theverge.com/2018/3/7/17091104/…
– GustavoMP
15 hours ago
27
I'm curious what the current purpose of the app is if "user safety and giving cops leverage" can fall into scope.
– Mr.Mindor
15 hours ago
8
This has striking similarities to Volkswagon's emission scandal. Yes, the CEO lost his job, but throughout, the company deflected and scapegoated the engineers who were, "just following orders". That's not really a good position to be in.
– fbueckert
13 hours ago
92
92
Probably illegal in EU due to GDPR. Change companies, this one will go under when the CEO is in jail.
– Matthieu Brucher
17 hours ago
Probably illegal in EU due to GDPR. Change companies, this one will go under when the CEO is in jail.
– Matthieu Brucher
17 hours ago
23
23
Is there a data protection or consumer protection agency or equivalent in your country? Could you make an anonymous complaint to them? Also, I hope your username isn't your real name.
– user1666620
16 hours ago
Is there a data protection or consumer protection agency or equivalent in your country? Could you make an anonymous complaint to them? Also, I hope your username isn't your real name.
– user1666620
16 hours ago
25
25
It should be taken into account that on Android's next version (Android Q) apps won't be allowed to record video or audio when not in the foreground, as can be seen here: theverge.com/2018/3/7/17091104/…
– GustavoMP
15 hours ago
It should be taken into account that on Android's next version (Android Q) apps won't be allowed to record video or audio when not in the foreground, as can be seen here: theverge.com/2018/3/7/17091104/…
– GustavoMP
15 hours ago
27
27
I'm curious what the current purpose of the app is if "user safety and giving cops leverage" can fall into scope.
– Mr.Mindor
15 hours ago
I'm curious what the current purpose of the app is if "user safety and giving cops leverage" can fall into scope.
– Mr.Mindor
15 hours ago
8
8
This has striking similarities to Volkswagon's emission scandal. Yes, the CEO lost his job, but throughout, the company deflected and scapegoated the engineers who were, "just following orders". That's not really a good position to be in.
– fbueckert
13 hours ago
This has striking similarities to Volkswagon's emission scandal. Yes, the CEO lost his job, but throughout, the company deflected and scapegoated the engineers who were, "just following orders". That's not really a good position to be in.
– fbueckert
13 hours ago
|
show 22 more comments
15 Answers
15
active
oldest
votes
This of course could place the company under serious fire for invading
users' privacy when we get found out. In fact, as far as my country's
laws go, it not only illegal, it is unconstitutional.
You're being asked to break the law and do things that might land you in prison or otherwise in serious trouble.
This argument fell on my CEO's deaf ears, citing the legalistic "terms
of service" that users would be made to agree upon, and he pointed out
in jest that I should not question his business ideas.
And you've already explained this to the CEO.
Your problem isn't how to explain it, your problem is how to get out before the business is shut down.
1) Document everything that is going on. You might need it for future "courtroom" reasons.
2) Get out.
If you want to try explaining it again you can talk about it being illegal and unconstitutional, but imho you're past the point where "the boss doesn't know" and into "he don't care".
64
Get out as fast as you can. If the boss is ready to break law it means he will break labour law, need to pay you or maybe he already is in violation of some laws.
– SZCZERZO KŁY
16 hours ago
31
@SZCZERZOKŁY, While I agree with the general suggestion of getting out, "If the boss is ready to break law it means he will break labour law" is overstating things. That is not an inevitable consequence. Just because someone breaks one law doesn't automatically mean they will break every law. For example, the boss may simply be indifferent towards user privacy, or genuinely think that a EULA covers his ass. It doesn't, but don't just assume that this somehow proves that he's knowingly breaking a law in a way that he happily would break any law.
– Flater
13 hours ago
18
@Zibbobz: Never attribute to malice what can be adequately explained by stupidity. I agree that it's likely that this is willful disregard, but it's still possible that you're dealing with someone who genuinely thinks he's in the clear (and is very wrong about that). Also, the sunk cost fallacy is not really relevant here. Just because I speed and get caught, doesn't mean I then contemplate killing the witnesses "because I'm breaking the law anyway". Again, it's possible that this is how the boss operates, but it is in no way a given or inevitable consequence.
– Flater
13 hours ago
5
@SZCZERZOKŁY: You cannot assume that the boss is willfully and knowingly breaking the constitution. This isn't a matter of what is legal fact (I assume that it is indeed unconstitutional), it's a matter of what the boss' perception of their decision is. The question as posed does not prove that he is genuinely aware that this violates the constitution and knowingly choosing to continue with their decision anyway.
– Flater
13 hours ago
9
@SZCZERZOKŁY: As a basic example: we are currently disagreeing on something. In the end, one of us is right and the other is not. But just because one of us is wrong, that doesn't mean that this person is intentionally lying. That intent is a very important distinction between lying and being wrong. Similarly, the boss has not been proven to be willfully breaking the law. And even then, he has not been proven to therefore willing break any law he wants. You're building assumptions on top of assumptions and portraying them as an inevitable fact.
– Flater
13 hours ago
|
show 13 more comments
Since your boss doesn't care that this is incredibly invasive, warn him that starting on Android Q, to be released later this year, Android will (finally) block apps from recording video and sound while not in the foreground. Therefore, it will be the same situation you have with iOS.
Of course it will take sometime until Android Q has a significant marketshare, but you could ask him if developing a functionality that will be rendered useless in the near future is worth the trouble.
Therefore, you don't need to be "diplomatic". You can show him hard, technical facts.
https://www.theverge.com/2018/3/7/17091104/android-p-prevents-apps-using-mic-camera-idle-background
Disclaimer: I've misread the article. Apparently background recording is already blocked on Android P, the current version, which means there should already be a larger marketshare where this kind of stuff wouldn't work.
Won't upvote, because it essentially advises corrupt boss "your idea won't work because technical reasons, but yea, could for you for thinking of it". I reckon a better solution would be a firm "hahaha, no, and I quit" (the latter bit to be added as soon as any alternative is found)
– rkeet
14 hours ago
3
IMO quitting isn't a good option because OP states that she would like to continue working in this company. That's why she wants to be diplomatic. By talking strictly from a technical standpoint there won't be any harm, either for the OP, company or the users.
– GustavoMP
14 hours ago
12
This answers the question ("how can I talk my CEO out of this?") and it doesn't take anything else off the table. +1 from me.
– Ruther Rendommeleigh
14 hours ago
3
@rkeet That's a better solution iff you don't need to eat
– Lightness Races in Orbit
13 hours ago
4
@rkeet Alternatively, "hahaha, no, and I quit" does nothing to prevent the boss and company from doing this harmful practice, while "your idea won't work for technical reasons" does. Your solution is basically just "not my problem".
– Lord Farquaad
11 hours ago
|
show 7 more comments
Since it seems that your CEO is either a bit clueless (at best) or morally bankrupt I don't think you're going to get anywhere with persuading them that this is abhorrent. Especially given they are just casually brushing off such fripperies as it being rather illegal. What you might have some success with is point out some of the myriad ways that this could easily become utterly ruinous for both them and the company.
e.g. If this "feature" captures images/video of an underage person getting changed - congratulations your company is now on the hook for producing, transmitting and storing indecent images of children! Can't see investors flocking to a company with that one on their record.
But I have to say why waste your time? At the end of the day scumbags gonna scumbag and life's too short to waste it working for or being diplomatic to scumbags. I'd honestly just recommend leaving as soon as you have something else to go to and make sure no-one you know ever installs or uses this app or anything else the company produces.
1
Yeah, maybe go to the police* AFTER you left. *the police might not be the correct authority here...
– Hobbamok
14 hours ago
27
@Hobbamok Assuming OP is interested in taking legal action, I would suggest speaking to a lawyer before they leave the company. I don't claim to know the best course myself, but a lawyer who specializes in whistle-blowing and who knows the locals laws would. By speaking to such a lawyer beforehand, OP still has all options open - speaking to them after leaving may limit the ability to build a successful case against the company. Again, this is all assuming OP has any interest in taking action at all.
– Steve-O
14 hours ago
"Can't see investors flocking to a company with that one on their record." Don't assume every "investor" in a product like this has the same respect for the law as you do.
– alephzero
13 hours ago
3
@alephzero I wouldn't suggest that nobody would be willing to invest in a company with something like that, but it's going to narrow down the list a fair bit.
– motosubatsu
13 hours ago
Wasn't this the exact plot of a 'Silicon Valley' episode? Spoiler: $21 billion in COPPA fines.
– Marc Bernier
10 hours ago
add a comment |
1) Document everything, starting now. You will likely need it.
2) Do not start building this feature. Do not prioritize it, do not write tickets for it, do not task your team with anything to do with it.
3) If management wants to chastise you over dereliction of duty, allow them to do so, and simply ignore everything they say. Document these situations as well.
4) Go as high as you can in the food chain. If your boss won't listen, go to their boss. If their boss won't listen, go to their boss. And so on. What you should explain to them is the worst-case-but-possible scenario that you could get in trouble for. Other answers suggest going the child porn route, and that's not a bad idea, but if you can think of something more dangerous then go for it. I would do something like this:
(to CEO) Hey, John [or however you want to address the CEO], I'm having an issue with this new feature we're developing. I know the purpose of the feature is [explain what product management told you], but I feel like we could get in a lot of trouble for this. For example, what happens if we're recording and we accidentally record an underage child changing their clothes? That gets us in a lot of trouble, not with the customer, but with the police directly. I don't think an EULA handles that use case, because minors can't legally give permission to record pornography of themselves. We should rethink this.
Another way you can come at this is from a user engagement perspective:
Hey John, [...]. Because this feature uses the camera constantly, it will use a lot of battery power. Since it uploads the video to our servers, it also uses a lot of user data. What do you think would happen if our users suddenly see their batteries decreasing rapidly and their data usage spiking, and then find out it's our app that did it? Would you use an app which causes a significant drain on your phone like this? Do you think our users will? What will you tell your investors if user engagement falls off a cliff due to these issues?
See what he says. If this doesn't convince him, then:
5) Make them fire you, or, better, make them force you to quit. Come into work every day and do everything they ask as normal, except do not do this project. Then they have 2 choices: Abandon the project, or fire you and bring in someone who will do the project. In the first case, you win! In the second case, if they fire you then you should contact a lawyer. Bring all the evidence you have concerning the project, the concerns you raised, who you raised them to, everything. Remember, document everything. You likely have a case (IANAL). If they force you to quit, then on top of the above legal case, you may also have a case for constructive dismissal; the tl;dr of Wikipedia is that the definition (IANAL) is when your company makes your life a living hell, but does not fire you, to the point at which you have no choice but to quit.
6) If you get wind of the project being redirected (i.e. your team is removed from it and another team is given the task instead), contact the local authorities ASAP. You likely have protection as a whistleblower. Dump everything you have to the authorities as soon as you can and in as much detail as you can.
Best answer BY FAR. Several answers say to "document everything." This answer goes into highly specific detail about what to document, and how to actually proceed, and when to go to the authorities. I hope this advice is followed.
– Wildcard
8 hours ago
add a comment |
TLDR: Openly, brazenly start collecting documents that prove you were not a decider in this matter, that you advised management against this feature for privacy reasons, and are simply following orders to retain your good job status. Ask the boss flat-out to give you a letter stating exactly that. This may sober him up.
The eavesdropping is a very big deal
Eavesdropping is a criminal charge that varies by state or nationality. Some are "1-party states", where if 1 party in the room gives permission, it's legal.
Most others are "all-party states", meaning everyone being recorded must give permission.
The user doesn't know about your company's eavesdropping, which makes this 0-party; no one in the room is aware. That makes it a crime just about everywhere. What will your criminal defense be? Language buried deep in the EULA? Juries aren't going to accept that because then you would be accusing your customers of breaking the law by not reading the EULA thoroughly enough. Juries, who don't either, will say "no sale".
The feature would send customers through legal hell
But it gets worse. Consider Curtis, your customer, and imagine he's in a civil lawsuit about something totally unrelated. The plaintiff subpoenas from you all the data you have about them. You hand over the eavesdropped content (which makes perfect sense to your boss, since he's such a help-the-police guy). Plaintiff recognizes the eavesdropping, and blows up, assuming Curtis did this.
In an all-party state: Curtis is up the creek. This smokes any chance of a settlement, and horribly prejudices the civil case: Curtis loses HARD. Then the judge refers it to the DA for criminal prosecution; Curtis must be punished. The whole time, nobody knows how this happened. All parties assume Curtis did it on purpose. Curtis assumes he accidentally turned on some feature he's unaware of.
In a 1-party state, Curtis is safe from legal peril, because he had a right to eavesdrop. But if he says he did it on purpose, he enrages the plaintiff. So he is better off saying the app did this without his permission, which will not be believed. Showing it's true will calm the plaintiff and create a "common enemy".
Both of these end in an interesting problem for you. Curtis's best bet is to prove that you do indeed eavesdrop. He already has subpoena power because of the civil suit. So he'll use it to get the same records about any of plaintiff's staff (turnabout is fair play) -- or better, the judge. Can you imagine the civil court judge looking at photos of himself naked?? The judge will have confidence he did not turn this on. He will say to the D.A. "At first I didn't believe defendant, but the company did it to me too". Curtis is out to save his bacon, not get your company, but to save his bacon he must nail you.
All this to say, getting caught is inevitable. It will be viewed by every US state as your company committing a criminal act for money, and presumably lots of other nations and provinces as well.
It will particularly enrage the EFF, ACLU and privacy organizations, especially if it's uncovered that part of your boss's motivation was to "help law enforcement".
Now, when your company gets caught, I don't know how things work in the Philippines, but it sounds like there'd be an internal scramble to blame the next guy. Your boss would obviously have an advantage there, and would try to sell it as "I had no idea OP and her developers were doing that, send them to jail not me".
Sober up your boss, by covering your tail
So your top job is to cover yourself (CYA) and your team against that possibility. What you want is a "get out of jail free card" that shows management was fully aware of the privacy issues and wanted the project built anyway, and their reasoning. Now, when your boss sees you trying to collect those CYA documents, that's going to sober them up right quick: Why do my subordinates think they need this? The boss may have indulged in fantasy when it comes to the legal implications, now he's thinking. Fair chance you will get a memo saying "drop the feature".
add a comment |
I don't disagree with the answer by Dark Matter, but I wanted to offer you an option that isn't mentioned there.
In many companies there is an ethics officer, whose job is to ensure that the company complies with ethical standards. I'm guessing your company doesn't have one, but future readers of this might try that. Also sometimes contacting the company lawyer is effective. Lawyers have an obligation to uphold the law, and if they know their client is engaging in illegal activity they are much less able to ignore it than other people.
The final option is to gather enough evidence to document what you are being asked to do, and then send it to the authorities. Or the news media. Or both.
It goes without saying that this is a nuclear option. While it is possible to do anonymously (Wikileaks?) there is a pretty good chance you will be at least suspected of being the leaker, and probably fired. Technically you are also exposing confidential information, and there is a chance that you could be pursued in the courts. In my country you would be protected by whistleblower legislation, but I don't imagine the Philippines has that.
So the consequences for you might be severe. Don't take this action unless you are prepared for them. But on the upside you would be exposing a corrupt CEO and possibly a corrupt company, which would be a serious deterrent to other companies who want to do the same thing.
1
Contacting the company lawyer might as well be a nuclear option for me; as the lawyer and the CEO are in great terms and was in fact in the meeting with the investors who were enthusiastic about the problematic feature request.
– Jenny Tengson Mandani
12 hours ago
2
I just wanted to make sure that future readers of this knew about all their options.
– DJClayworth
12 hours ago
1
FWIW, Manila is The Philippines, not Malaysia. Probably the same deal though.
– Ertai87
12 hours ago
3
For what it is worth (FWIW) according to a lawyer's presentation I attended a few years ago at a national tech conference... whistle-blower legislation in the US only protects you if you tell appropriate government authorities - there is no protection from those laws if you tell the press or anyone else.
– J. Chris Compton
11 hours ago
add a comment |
Some very powerful and unpleasant people in the past have used technology (for example old fashioned audio tapes) to record meetings secretly. They get the victim to admit to disliking another powerful figure and then use the tapes as a form of blackmail or simply to set opponents against each other, e.g. "This is what X said about you, and I've got the tape to prove it."
[Note: I will find some evidence for this online and come back to edit my answer.]
It is not impossible that someone has been searching around for a firm willing to produce this sort of software and there might be considerable bribes involved.
You didn't say what the app does. Could it be used for blackmail, or spying for industrial secrets in a certain sphere? Could it be used to predict fluctuations in the financial markets?
I would get out ASAP because if anything like this is going on, it won't be the big players who get prosecuted, it will be the ones at the bottom of the chain.
add a comment |
Slightly different approach than the other (mostly very good) answers.
This answer is an attempt for you to keep your job and not have to write the feature.
the product owner explains to me that while the feature is truly useless, it still has to be made so as to attract investors
My alternative is to approach the company lawyer directly.
You have a legal issue that could sink the whole company that he might understand.
Approach the lawyer like this: (use an innocent / concerned expression)
"Hey [lawyer], I previously had a problem with that video feature - CEO may have mentioned this. But after talking to him I told [product owner] about it he said we had to do it anyway. So I went back to try to figure out how to do it because it looks like everyone is on board with it."
You are just playing the good employee so he will listen closely to what you are saying (instead of just nod and pay half-attention to someone that doesn't want to do what the CEO and the investors want to do).
"One pretty big legal issue occurred to me that I thought I should run by you."
"Because the customer doesn't know about the video, they could be in their home unknowing filming their children while they get dressed. Even if the EULA TOS exempts us from this, if it comes out that we have taken images of naked children and stored them on our servers - wouldn't that be a PR nightmare for both the company and the investors?"
"All it would take is a Mom or Dad using another app while changing a baby... or being in a bathroom with their small child. I don't know how to detect this, so I cannot prevent our storing compromising pictures on our servers.
"That would be a big deal, right? Especially since we aren't telling the parents?"
"There are apps that track how often an infant goes to the bathroom, so it is reasonable."
Best wishes on this.
Hope you will tell us how it comes out in a few weeks.
As an aside... whistle-blower laws in the US only protect you from legal action when you tell the authorities. Tell the press, or anyone else, and you're open to be sued.
I'm not a lawyer, but this information came from a lawyer who was speaking at a conference I attended several years ago.
add a comment |
Presumably the OP has reason to suppose that this app is "intended" to be used illegally, but stepping back from the general feeling of moral outrage in this thread, there is not much evidence (if any) to support that.
I can't see anything in the OP's post which doesn't fit a use case like "this app converts your cellphone into a dashcam for use in your car". In that situation, battery usage is irrelevant since the phone would be running from the car battery. And dashcams are perfectly legal in many countries (including the UK, for example), and used as police evidence in court, just like images from any other type of security camera. In some countries, the use of dashcams is almost a necessity to support road accident insurance claims and protect oneself against insurance fraud by other people, who may well be criminals themselves.
Of course the app could be used for illegal purposes as well, but so could many other items which it is perfectly legal to buy an sell - kitchen knives, for example.
If the OP doesn't want to be involved in this software project for personal reasons, that's a perfectly reasonable position to take, but IMO there is far too little information given here to jump to the conclusion that the whole project, or the project leader, is operating outside of the law.
7
Could you provide a reasoning for the app recording "in the background", or the requirement that videos be uploaded? Neither of those make sense for a dashcam. In addition, adding this functionality to an existing app (that I assume had a purpose without it) instead of just making a new app seems rather fishy as well.
– Ruther Rendommeleigh
12 hours ago
@RutherRendommeleigh I agree that adding it to an existing app seems fishy. A good, valid use case I can think of is recording dash-cam video while simultaneously using GPS navigation in a separate app. That said, automatically uploading video to a private server, and not directly telling the user that you're recording, are both very big red flags.
– Martin Carney
10 hours ago
You'll need a different example than dash cam... OP states the new feature would "secretly record its surroundings."
– J. Chris Compton
9 hours ago
add a comment |
Ask your CEO whether he will be using the app. Or whether it is possible police or politicians will use the app.
If so, tell him it is a security risk because all the engineers in the company will be able to spy on him and on others. Maybe it works as a deterrent if he is concerned himself.
Also make him aware of the commercial risk of doing this: he might lose his entire user base if they find out. Play on his ego, surely he is too smart to take such a risk?
I'm adding this answer because you explicitly ask for a diplomatic solution. Simply quitting or paper trailing is not necessarily diplomatic.
New contributor
add a comment |
I would like to approach a resolution to this issue in a slightly different way. The question was specifically:
How to be diplomatic in refusing to write code that breaches the privacy of our users
There are two ways to approach this:
- Refuse to write the code
- Make the case that this feature will negatively impact the project vision and you feel responsibility to steadfastly object to anything that will derail the project success
They both result in the same thing -- a refusal to implement the feature -- but the latter approach roots the refusal in the general desire for the app and business success, rather than for the users privacy. User privacy is a means to application success, but vise versa is not necessarily true.
To do this I would:
- Seek to establish common ground and good intent
- Ground any justifications in risks that I deem are important for the CEO
- Be enthusiastic about the project and the company, but steadfast in the refusal to implement
i.e. "I am really sorry but I cannot continue with this as it stands."
For example:
Dear ${CEO},
I am a member of the software development team working on ${APP}. I am passionate about ${STATED_APPS_PURPOSE} and have enjoyed working on ${PREVIOUS_NON_CREEPY_THINGS}.
However, I recently learned of this new feature that will require the recording of users at all times through their camera. While I understand the benefits of this feature, including:
- ${CREEPY_BENEFIT_A}
- ${CREEPY_BENEFIT_B}
- ${INVESTORS_HAPPY_C}
I feel compelled to note that this new feature deviates significantly from ${STATED_APPS_PURPOSE}. It may be that I have misunderstood the nature of the requirements from this feature, but as the feature has been requested I see significant new project risks introduced, including:
- User backlash at discovering the unexpected behaviour of the application
- Potential violations of users privacy law ${EXAMPLE} in Manilla and within other locales
- Punitive damages associated with the aforementioned violations of law
It is my assessment that this feature has deviated enough from ${STATED_APPS_PURPOSE} that I no longer feel comfortable with the tradeoffs the application has made, and I am thus not a suitable candidate for the ongoing development of this application.
I am reaching out to you now such that I may understand more the nature of this feature to clarify whether it should be implemented as stated, or whether our project would better grow in other areas.
Kind regards,
${YOU}.
Couching a justification in moral grounds that we know and understand are different from our own is an uncomfortable process. However, while it might be easier if our friends and colleagues shared our own values we each arrived in each others company via a different path and arguing a point to a given audience will be much more successful at homogenising the practical outcomes of our values, if not their roots.
New contributor
add a comment |
If I were in this situation, I would give the CEO 2 choices, either A he could stop this highly illegal (at least in the USA) project and everything else can go on as normal or B he can accept your letter of resignation and you will be getting a lawyer and reporting his activities to the proper authorities, whom can do what they need to do as soon as he releases this piece of software. It is expected that you may have to do things that you don't want to do for your job, but once the issue crosses the line to illegal, there is no longer any grey space. Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
New contributor
Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
- did you mean that you would or would not ruin your life for your job? :p
– rkeet
7 hours ago
add a comment |
Your boss is ordering you to engage in crime. By proceeding, you will become their accomplice because you will be knowingly engaging in criminal activity.
So threaten to quit, but not because you dislike whatever but because they can't possibly pay you enough to compensate several years of your life spent in jail. (Or maybe they can? Provide this as an option -- they will surely refuse to pay such an astronomical sum but this will open their eyes on how inadequate their demands are to what they are paying you. (Note that income from illegal activity will probably be illegal, too, so more trouble for you and the company to conceal it!) The fact that they can't demand of you more than their pay is worth is something they can't argue with.)
Share the above with your co-workers and they will probably come to the same conclusion.
add a comment |
While IT is not as professionalised as many other occupations, there are still professional standards organisations which will provide advice and assistance in these situations. In your instance, you should contact the Philippine Computer Society and notify them you have been instructed to breach their Code of Ethics.
New contributor
As much as possible I want to solve this problem diplomatically with the CEO without having to insinuate any governing body or NGO that I am having this problem. I've been poring into the documents by the National Privacy Commission and so far it has been helpful.
– Jenny Tengson Mandani
1 hour ago
add a comment |
Use your wits and technical superiority to defend yourself and take a stand against the moral corruption of the CEO. Clandestinely record a video of him giving the team instructions to break the law. Edit the video to remove your PII and blur the faces and the voices of the innocent. Retain this recording as a safeguard that you can release to the police, press, and social media at a moments notice. Find another job and never tip your hand and reveal that you have this evidence to anyone unless you need to release it. If you do need to release it, do so anonymously.
New contributor
18
Not going to upvote because what you suggest is illegal and and dangerous, but I can't bring myself to downvote either because it's hilarious.
– Ruther Rendommeleigh
14 hours ago
5
Depending on the jurisdiction this can bring gigantic problems to the OP.
– GustavoMP
14 hours ago
3
When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action.
– Kierkegaardee
14 hours ago
7
Oh, the irony...
– Alexandre Aubrey
14 hours ago
5
"When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action." Aaaaaaand that's how dictatorships are born. You can't save paradise by destroying it. (Sometimes that means we lose!)
– Lightness Races in Orbit
12 hours ago
|
show 5 more comments
protected by Community♦ 4 hours ago
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
15 Answers
15
active
oldest
votes
15 Answers
15
active
oldest
votes
active
oldest
votes
active
oldest
votes
This of course could place the company under serious fire for invading
users' privacy when we get found out. In fact, as far as my country's
laws go, it not only illegal, it is unconstitutional.
You're being asked to break the law and do things that might land you in prison or otherwise in serious trouble.
This argument fell on my CEO's deaf ears, citing the legalistic "terms
of service" that users would be made to agree upon, and he pointed out
in jest that I should not question his business ideas.
And you've already explained this to the CEO.
Your problem isn't how to explain it, your problem is how to get out before the business is shut down.
1) Document everything that is going on. You might need it for future "courtroom" reasons.
2) Get out.
If you want to try explaining it again you can talk about it being illegal and unconstitutional, but imho you're past the point where "the boss doesn't know" and into "he don't care".
64
Get out as fast as you can. If the boss is ready to break law it means he will break labour law, need to pay you or maybe he already is in violation of some laws.
– SZCZERZO KŁY
16 hours ago
31
@SZCZERZOKŁY, While I agree with the general suggestion of getting out, "If the boss is ready to break law it means he will break labour law" is overstating things. That is not an inevitable consequence. Just because someone breaks one law doesn't automatically mean they will break every law. For example, the boss may simply be indifferent towards user privacy, or genuinely think that a EULA covers his ass. It doesn't, but don't just assume that this somehow proves that he's knowingly breaking a law in a way that he happily would break any law.
– Flater
13 hours ago
18
@Zibbobz: Never attribute to malice what can be adequately explained by stupidity. I agree that it's likely that this is willful disregard, but it's still possible that you're dealing with someone who genuinely thinks he's in the clear (and is very wrong about that). Also, the sunk cost fallacy is not really relevant here. Just because I speed and get caught, doesn't mean I then contemplate killing the witnesses "because I'm breaking the law anyway". Again, it's possible that this is how the boss operates, but it is in no way a given or inevitable consequence.
– Flater
13 hours ago
5
@SZCZERZOKŁY: You cannot assume that the boss is willfully and knowingly breaking the constitution. This isn't a matter of what is legal fact (I assume that it is indeed unconstitutional), it's a matter of what the boss' perception of their decision is. The question as posed does not prove that he is genuinely aware that this violates the constitution and knowingly choosing to continue with their decision anyway.
– Flater
13 hours ago
9
@SZCZERZOKŁY: As a basic example: we are currently disagreeing on something. In the end, one of us is right and the other is not. But just because one of us is wrong, that doesn't mean that this person is intentionally lying. That intent is a very important distinction between lying and being wrong. Similarly, the boss has not been proven to be willfully breaking the law. And even then, he has not been proven to therefore willing break any law he wants. You're building assumptions on top of assumptions and portraying them as an inevitable fact.
– Flater
13 hours ago
|
show 13 more comments
This of course could place the company under serious fire for invading
users' privacy when we get found out. In fact, as far as my country's
laws go, it not only illegal, it is unconstitutional.
You're being asked to break the law and do things that might land you in prison or otherwise in serious trouble.
This argument fell on my CEO's deaf ears, citing the legalistic "terms
of service" that users would be made to agree upon, and he pointed out
in jest that I should not question his business ideas.
And you've already explained this to the CEO.
Your problem isn't how to explain it, your problem is how to get out before the business is shut down.
1) Document everything that is going on. You might need it for future "courtroom" reasons.
2) Get out.
If you want to try explaining it again you can talk about it being illegal and unconstitutional, but imho you're past the point where "the boss doesn't know" and into "he don't care".
64
Get out as fast as you can. If the boss is ready to break law it means he will break labour law, need to pay you or maybe he already is in violation of some laws.
– SZCZERZO KŁY
16 hours ago
31
@SZCZERZOKŁY, While I agree with the general suggestion of getting out, "If the boss is ready to break law it means he will break labour law" is overstating things. That is not an inevitable consequence. Just because someone breaks one law doesn't automatically mean they will break every law. For example, the boss may simply be indifferent towards user privacy, or genuinely think that a EULA covers his ass. It doesn't, but don't just assume that this somehow proves that he's knowingly breaking a law in a way that he happily would break any law.
– Flater
13 hours ago
18
@Zibbobz: Never attribute to malice what can be adequately explained by stupidity. I agree that it's likely that this is willful disregard, but it's still possible that you're dealing with someone who genuinely thinks he's in the clear (and is very wrong about that). Also, the sunk cost fallacy is not really relevant here. Just because I speed and get caught, doesn't mean I then contemplate killing the witnesses "because I'm breaking the law anyway". Again, it's possible that this is how the boss operates, but it is in no way a given or inevitable consequence.
– Flater
13 hours ago
5
@SZCZERZOKŁY: You cannot assume that the boss is willfully and knowingly breaking the constitution. This isn't a matter of what is legal fact (I assume that it is indeed unconstitutional), it's a matter of what the boss' perception of their decision is. The question as posed does not prove that he is genuinely aware that this violates the constitution and knowingly choosing to continue with their decision anyway.
– Flater
13 hours ago
9
@SZCZERZOKŁY: As a basic example: we are currently disagreeing on something. In the end, one of us is right and the other is not. But just because one of us is wrong, that doesn't mean that this person is intentionally lying. That intent is a very important distinction between lying and being wrong. Similarly, the boss has not been proven to be willfully breaking the law. And even then, he has not been proven to therefore willing break any law he wants. You're building assumptions on top of assumptions and portraying them as an inevitable fact.
– Flater
13 hours ago
|
show 13 more comments
This of course could place the company under serious fire for invading
users' privacy when we get found out. In fact, as far as my country's
laws go, it not only illegal, it is unconstitutional.
You're being asked to break the law and do things that might land you in prison or otherwise in serious trouble.
This argument fell on my CEO's deaf ears, citing the legalistic "terms
of service" that users would be made to agree upon, and he pointed out
in jest that I should not question his business ideas.
And you've already explained this to the CEO.
Your problem isn't how to explain it, your problem is how to get out before the business is shut down.
1) Document everything that is going on. You might need it for future "courtroom" reasons.
2) Get out.
If you want to try explaining it again you can talk about it being illegal and unconstitutional, but imho you're past the point where "the boss doesn't know" and into "he don't care".
This of course could place the company under serious fire for invading
users' privacy when we get found out. In fact, as far as my country's
laws go, it not only illegal, it is unconstitutional.
You're being asked to break the law and do things that might land you in prison or otherwise in serious trouble.
This argument fell on my CEO's deaf ears, citing the legalistic "terms
of service" that users would be made to agree upon, and he pointed out
in jest that I should not question his business ideas.
And you've already explained this to the CEO.
Your problem isn't how to explain it, your problem is how to get out before the business is shut down.
1) Document everything that is going on. You might need it for future "courtroom" reasons.
2) Get out.
If you want to try explaining it again you can talk about it being illegal and unconstitutional, but imho you're past the point where "the boss doesn't know" and into "he don't care".
answered 16 hours ago
Dark Matter Dark Matter
5,50131224
5,50131224
64
Get out as fast as you can. If the boss is ready to break law it means he will break labour law, need to pay you or maybe he already is in violation of some laws.
– SZCZERZO KŁY
16 hours ago
31
@SZCZERZOKŁY, While I agree with the general suggestion of getting out, "If the boss is ready to break law it means he will break labour law" is overstating things. That is not an inevitable consequence. Just because someone breaks one law doesn't automatically mean they will break every law. For example, the boss may simply be indifferent towards user privacy, or genuinely think that a EULA covers his ass. It doesn't, but don't just assume that this somehow proves that he's knowingly breaking a law in a way that he happily would break any law.
– Flater
13 hours ago
18
@Zibbobz: Never attribute to malice what can be adequately explained by stupidity. I agree that it's likely that this is willful disregard, but it's still possible that you're dealing with someone who genuinely thinks he's in the clear (and is very wrong about that). Also, the sunk cost fallacy is not really relevant here. Just because I speed and get caught, doesn't mean I then contemplate killing the witnesses "because I'm breaking the law anyway". Again, it's possible that this is how the boss operates, but it is in no way a given or inevitable consequence.
– Flater
13 hours ago
5
@SZCZERZOKŁY: You cannot assume that the boss is willfully and knowingly breaking the constitution. This isn't a matter of what is legal fact (I assume that it is indeed unconstitutional), it's a matter of what the boss' perception of their decision is. The question as posed does not prove that he is genuinely aware that this violates the constitution and knowingly choosing to continue with their decision anyway.
– Flater
13 hours ago
9
@SZCZERZOKŁY: As a basic example: we are currently disagreeing on something. In the end, one of us is right and the other is not. But just because one of us is wrong, that doesn't mean that this person is intentionally lying. That intent is a very important distinction between lying and being wrong. Similarly, the boss has not been proven to be willfully breaking the law. And even then, he has not been proven to therefore willing break any law he wants. You're building assumptions on top of assumptions and portraying them as an inevitable fact.
– Flater
13 hours ago
|
show 13 more comments
64
Get out as fast as you can. If the boss is ready to break law it means he will break labour law, need to pay you or maybe he already is in violation of some laws.
– SZCZERZO KŁY
16 hours ago
31
@SZCZERZOKŁY, While I agree with the general suggestion of getting out, "If the boss is ready to break law it means he will break labour law" is overstating things. That is not an inevitable consequence. Just because someone breaks one law doesn't automatically mean they will break every law. For example, the boss may simply be indifferent towards user privacy, or genuinely think that a EULA covers his ass. It doesn't, but don't just assume that this somehow proves that he's knowingly breaking a law in a way that he happily would break any law.
– Flater
13 hours ago
18
@Zibbobz: Never attribute to malice what can be adequately explained by stupidity. I agree that it's likely that this is willful disregard, but it's still possible that you're dealing with someone who genuinely thinks he's in the clear (and is very wrong about that). Also, the sunk cost fallacy is not really relevant here. Just because I speed and get caught, doesn't mean I then contemplate killing the witnesses "because I'm breaking the law anyway". Again, it's possible that this is how the boss operates, but it is in no way a given or inevitable consequence.
– Flater
13 hours ago
5
@SZCZERZOKŁY: You cannot assume that the boss is willfully and knowingly breaking the constitution. This isn't a matter of what is legal fact (I assume that it is indeed unconstitutional), it's a matter of what the boss' perception of their decision is. The question as posed does not prove that he is genuinely aware that this violates the constitution and knowingly choosing to continue with their decision anyway.
– Flater
13 hours ago
9
@SZCZERZOKŁY: As a basic example: we are currently disagreeing on something. In the end, one of us is right and the other is not. But just because one of us is wrong, that doesn't mean that this person is intentionally lying. That intent is a very important distinction between lying and being wrong. Similarly, the boss has not been proven to be willfully breaking the law. And even then, he has not been proven to therefore willing break any law he wants. You're building assumptions on top of assumptions and portraying them as an inevitable fact.
– Flater
13 hours ago
64
64
Get out as fast as you can. If the boss is ready to break law it means he will break labour law, need to pay you or maybe he already is in violation of some laws.
– SZCZERZO KŁY
16 hours ago
Get out as fast as you can. If the boss is ready to break law it means he will break labour law, need to pay you or maybe he already is in violation of some laws.
– SZCZERZO KŁY
16 hours ago
31
31
@SZCZERZOKŁY, While I agree with the general suggestion of getting out, "If the boss is ready to break law it means he will break labour law" is overstating things. That is not an inevitable consequence. Just because someone breaks one law doesn't automatically mean they will break every law. For example, the boss may simply be indifferent towards user privacy, or genuinely think that a EULA covers his ass. It doesn't, but don't just assume that this somehow proves that he's knowingly breaking a law in a way that he happily would break any law.
– Flater
13 hours ago
@SZCZERZOKŁY, While I agree with the general suggestion of getting out, "If the boss is ready to break law it means he will break labour law" is overstating things. That is not an inevitable consequence. Just because someone breaks one law doesn't automatically mean they will break every law. For example, the boss may simply be indifferent towards user privacy, or genuinely think that a EULA covers his ass. It doesn't, but don't just assume that this somehow proves that he's knowingly breaking a law in a way that he happily would break any law.
– Flater
13 hours ago
18
18
@Zibbobz: Never attribute to malice what can be adequately explained by stupidity. I agree that it's likely that this is willful disregard, but it's still possible that you're dealing with someone who genuinely thinks he's in the clear (and is very wrong about that). Also, the sunk cost fallacy is not really relevant here. Just because I speed and get caught, doesn't mean I then contemplate killing the witnesses "because I'm breaking the law anyway". Again, it's possible that this is how the boss operates, but it is in no way a given or inevitable consequence.
– Flater
13 hours ago
@Zibbobz: Never attribute to malice what can be adequately explained by stupidity. I agree that it's likely that this is willful disregard, but it's still possible that you're dealing with someone who genuinely thinks he's in the clear (and is very wrong about that). Also, the sunk cost fallacy is not really relevant here. Just because I speed and get caught, doesn't mean I then contemplate killing the witnesses "because I'm breaking the law anyway". Again, it's possible that this is how the boss operates, but it is in no way a given or inevitable consequence.
– Flater
13 hours ago
5
5
@SZCZERZOKŁY: You cannot assume that the boss is willfully and knowingly breaking the constitution. This isn't a matter of what is legal fact (I assume that it is indeed unconstitutional), it's a matter of what the boss' perception of their decision is. The question as posed does not prove that he is genuinely aware that this violates the constitution and knowingly choosing to continue with their decision anyway.
– Flater
13 hours ago
@SZCZERZOKŁY: You cannot assume that the boss is willfully and knowingly breaking the constitution. This isn't a matter of what is legal fact (I assume that it is indeed unconstitutional), it's a matter of what the boss' perception of their decision is. The question as posed does not prove that he is genuinely aware that this violates the constitution and knowingly choosing to continue with their decision anyway.
– Flater
13 hours ago
9
9
@SZCZERZOKŁY: As a basic example: we are currently disagreeing on something. In the end, one of us is right and the other is not. But just because one of us is wrong, that doesn't mean that this person is intentionally lying. That intent is a very important distinction between lying and being wrong. Similarly, the boss has not been proven to be willfully breaking the law. And even then, he has not been proven to therefore willing break any law he wants. You're building assumptions on top of assumptions and portraying them as an inevitable fact.
– Flater
13 hours ago
@SZCZERZOKŁY: As a basic example: we are currently disagreeing on something. In the end, one of us is right and the other is not. But just because one of us is wrong, that doesn't mean that this person is intentionally lying. That intent is a very important distinction between lying and being wrong. Similarly, the boss has not been proven to be willfully breaking the law. And even then, he has not been proven to therefore willing break any law he wants. You're building assumptions on top of assumptions and portraying them as an inevitable fact.
– Flater
13 hours ago
|
show 13 more comments
Since your boss doesn't care that this is incredibly invasive, warn him that starting on Android Q, to be released later this year, Android will (finally) block apps from recording video and sound while not in the foreground. Therefore, it will be the same situation you have with iOS.
Of course it will take sometime until Android Q has a significant marketshare, but you could ask him if developing a functionality that will be rendered useless in the near future is worth the trouble.
Therefore, you don't need to be "diplomatic". You can show him hard, technical facts.
https://www.theverge.com/2018/3/7/17091104/android-p-prevents-apps-using-mic-camera-idle-background
Disclaimer: I've misread the article. Apparently background recording is already blocked on Android P, the current version, which means there should already be a larger marketshare where this kind of stuff wouldn't work.
Won't upvote, because it essentially advises corrupt boss "your idea won't work because technical reasons, but yea, could for you for thinking of it". I reckon a better solution would be a firm "hahaha, no, and I quit" (the latter bit to be added as soon as any alternative is found)
– rkeet
14 hours ago
3
IMO quitting isn't a good option because OP states that she would like to continue working in this company. That's why she wants to be diplomatic. By talking strictly from a technical standpoint there won't be any harm, either for the OP, company or the users.
– GustavoMP
14 hours ago
12
This answers the question ("how can I talk my CEO out of this?") and it doesn't take anything else off the table. +1 from me.
– Ruther Rendommeleigh
14 hours ago
3
@rkeet That's a better solution iff you don't need to eat
– Lightness Races in Orbit
13 hours ago
4
@rkeet Alternatively, "hahaha, no, and I quit" does nothing to prevent the boss and company from doing this harmful practice, while "your idea won't work for technical reasons" does. Your solution is basically just "not my problem".
– Lord Farquaad
11 hours ago
|
show 7 more comments
Since your boss doesn't care that this is incredibly invasive, warn him that starting on Android Q, to be released later this year, Android will (finally) block apps from recording video and sound while not in the foreground. Therefore, it will be the same situation you have with iOS.
Of course it will take sometime until Android Q has a significant marketshare, but you could ask him if developing a functionality that will be rendered useless in the near future is worth the trouble.
Therefore, you don't need to be "diplomatic". You can show him hard, technical facts.
https://www.theverge.com/2018/3/7/17091104/android-p-prevents-apps-using-mic-camera-idle-background
Disclaimer: I've misread the article. Apparently background recording is already blocked on Android P, the current version, which means there should already be a larger marketshare where this kind of stuff wouldn't work.
Won't upvote, because it essentially advises corrupt boss "your idea won't work because technical reasons, but yea, could for you for thinking of it". I reckon a better solution would be a firm "hahaha, no, and I quit" (the latter bit to be added as soon as any alternative is found)
– rkeet
14 hours ago
3
IMO quitting isn't a good option because OP states that she would like to continue working in this company. That's why she wants to be diplomatic. By talking strictly from a technical standpoint there won't be any harm, either for the OP, company or the users.
– GustavoMP
14 hours ago
12
This answers the question ("how can I talk my CEO out of this?") and it doesn't take anything else off the table. +1 from me.
– Ruther Rendommeleigh
14 hours ago
3
@rkeet That's a better solution iff you don't need to eat
– Lightness Races in Orbit
13 hours ago
4
@rkeet Alternatively, "hahaha, no, and I quit" does nothing to prevent the boss and company from doing this harmful practice, while "your idea won't work for technical reasons" does. Your solution is basically just "not my problem".
– Lord Farquaad
11 hours ago
|
show 7 more comments
Since your boss doesn't care that this is incredibly invasive, warn him that starting on Android Q, to be released later this year, Android will (finally) block apps from recording video and sound while not in the foreground. Therefore, it will be the same situation you have with iOS.
Of course it will take sometime until Android Q has a significant marketshare, but you could ask him if developing a functionality that will be rendered useless in the near future is worth the trouble.
Therefore, you don't need to be "diplomatic". You can show him hard, technical facts.
https://www.theverge.com/2018/3/7/17091104/android-p-prevents-apps-using-mic-camera-idle-background
Disclaimer: I've misread the article. Apparently background recording is already blocked on Android P, the current version, which means there should already be a larger marketshare where this kind of stuff wouldn't work.
Since your boss doesn't care that this is incredibly invasive, warn him that starting on Android Q, to be released later this year, Android will (finally) block apps from recording video and sound while not in the foreground. Therefore, it will be the same situation you have with iOS.
Of course it will take sometime until Android Q has a significant marketshare, but you could ask him if developing a functionality that will be rendered useless in the near future is worth the trouble.
Therefore, you don't need to be "diplomatic". You can show him hard, technical facts.
https://www.theverge.com/2018/3/7/17091104/android-p-prevents-apps-using-mic-camera-idle-background
Disclaimer: I've misread the article. Apparently background recording is already blocked on Android P, the current version, which means there should already be a larger marketshare where this kind of stuff wouldn't work.
edited 14 hours ago
answered 14 hours ago
GustavoMPGustavoMP
2,83531218
2,83531218
Won't upvote, because it essentially advises corrupt boss "your idea won't work because technical reasons, but yea, could for you for thinking of it". I reckon a better solution would be a firm "hahaha, no, and I quit" (the latter bit to be added as soon as any alternative is found)
– rkeet
14 hours ago
3
IMO quitting isn't a good option because OP states that she would like to continue working in this company. That's why she wants to be diplomatic. By talking strictly from a technical standpoint there won't be any harm, either for the OP, company or the users.
– GustavoMP
14 hours ago
12
This answers the question ("how can I talk my CEO out of this?") and it doesn't take anything else off the table. +1 from me.
– Ruther Rendommeleigh
14 hours ago
3
@rkeet That's a better solution iff you don't need to eat
– Lightness Races in Orbit
13 hours ago
4
@rkeet Alternatively, "hahaha, no, and I quit" does nothing to prevent the boss and company from doing this harmful practice, while "your idea won't work for technical reasons" does. Your solution is basically just "not my problem".
– Lord Farquaad
11 hours ago
|
show 7 more comments
Won't upvote, because it essentially advises corrupt boss "your idea won't work because technical reasons, but yea, could for you for thinking of it". I reckon a better solution would be a firm "hahaha, no, and I quit" (the latter bit to be added as soon as any alternative is found)
– rkeet
14 hours ago
3
IMO quitting isn't a good option because OP states that she would like to continue working in this company. That's why she wants to be diplomatic. By talking strictly from a technical standpoint there won't be any harm, either for the OP, company or the users.
– GustavoMP
14 hours ago
12
This answers the question ("how can I talk my CEO out of this?") and it doesn't take anything else off the table. +1 from me.
– Ruther Rendommeleigh
14 hours ago
3
@rkeet That's a better solution iff you don't need to eat
– Lightness Races in Orbit
13 hours ago
4
@rkeet Alternatively, "hahaha, no, and I quit" does nothing to prevent the boss and company from doing this harmful practice, while "your idea won't work for technical reasons" does. Your solution is basically just "not my problem".
– Lord Farquaad
11 hours ago
Won't upvote, because it essentially advises corrupt boss "your idea won't work because technical reasons, but yea, could for you for thinking of it". I reckon a better solution would be a firm "hahaha, no, and I quit" (the latter bit to be added as soon as any alternative is found)
– rkeet
14 hours ago
Won't upvote, because it essentially advises corrupt boss "your idea won't work because technical reasons, but yea, could for you for thinking of it". I reckon a better solution would be a firm "hahaha, no, and I quit" (the latter bit to be added as soon as any alternative is found)
– rkeet
14 hours ago
3
3
IMO quitting isn't a good option because OP states that she would like to continue working in this company. That's why she wants to be diplomatic. By talking strictly from a technical standpoint there won't be any harm, either for the OP, company or the users.
– GustavoMP
14 hours ago
IMO quitting isn't a good option because OP states that she would like to continue working in this company. That's why she wants to be diplomatic. By talking strictly from a technical standpoint there won't be any harm, either for the OP, company or the users.
– GustavoMP
14 hours ago
12
12
This answers the question ("how can I talk my CEO out of this?") and it doesn't take anything else off the table. +1 from me.
– Ruther Rendommeleigh
14 hours ago
This answers the question ("how can I talk my CEO out of this?") and it doesn't take anything else off the table. +1 from me.
– Ruther Rendommeleigh
14 hours ago
3
3
@rkeet That's a better solution iff you don't need to eat
– Lightness Races in Orbit
13 hours ago
@rkeet That's a better solution iff you don't need to eat
– Lightness Races in Orbit
13 hours ago
4
4
@rkeet Alternatively, "hahaha, no, and I quit" does nothing to prevent the boss and company from doing this harmful practice, while "your idea won't work for technical reasons" does. Your solution is basically just "not my problem".
– Lord Farquaad
11 hours ago
@rkeet Alternatively, "hahaha, no, and I quit" does nothing to prevent the boss and company from doing this harmful practice, while "your idea won't work for technical reasons" does. Your solution is basically just "not my problem".
– Lord Farquaad
11 hours ago
|
show 7 more comments
Since it seems that your CEO is either a bit clueless (at best) or morally bankrupt I don't think you're going to get anywhere with persuading them that this is abhorrent. Especially given they are just casually brushing off such fripperies as it being rather illegal. What you might have some success with is point out some of the myriad ways that this could easily become utterly ruinous for both them and the company.
e.g. If this "feature" captures images/video of an underage person getting changed - congratulations your company is now on the hook for producing, transmitting and storing indecent images of children! Can't see investors flocking to a company with that one on their record.
But I have to say why waste your time? At the end of the day scumbags gonna scumbag and life's too short to waste it working for or being diplomatic to scumbags. I'd honestly just recommend leaving as soon as you have something else to go to and make sure no-one you know ever installs or uses this app or anything else the company produces.
1
Yeah, maybe go to the police* AFTER you left. *the police might not be the correct authority here...
– Hobbamok
14 hours ago
27
@Hobbamok Assuming OP is interested in taking legal action, I would suggest speaking to a lawyer before they leave the company. I don't claim to know the best course myself, but a lawyer who specializes in whistle-blowing and who knows the locals laws would. By speaking to such a lawyer beforehand, OP still has all options open - speaking to them after leaving may limit the ability to build a successful case against the company. Again, this is all assuming OP has any interest in taking action at all.
– Steve-O
14 hours ago
"Can't see investors flocking to a company with that one on their record." Don't assume every "investor" in a product like this has the same respect for the law as you do.
– alephzero
13 hours ago
3
@alephzero I wouldn't suggest that nobody would be willing to invest in a company with something like that, but it's going to narrow down the list a fair bit.
– motosubatsu
13 hours ago
Wasn't this the exact plot of a 'Silicon Valley' episode? Spoiler: $21 billion in COPPA fines.
– Marc Bernier
10 hours ago
add a comment |
Since it seems that your CEO is either a bit clueless (at best) or morally bankrupt I don't think you're going to get anywhere with persuading them that this is abhorrent. Especially given they are just casually brushing off such fripperies as it being rather illegal. What you might have some success with is point out some of the myriad ways that this could easily become utterly ruinous for both them and the company.
e.g. If this "feature" captures images/video of an underage person getting changed - congratulations your company is now on the hook for producing, transmitting and storing indecent images of children! Can't see investors flocking to a company with that one on their record.
But I have to say why waste your time? At the end of the day scumbags gonna scumbag and life's too short to waste it working for or being diplomatic to scumbags. I'd honestly just recommend leaving as soon as you have something else to go to and make sure no-one you know ever installs or uses this app or anything else the company produces.
1
Yeah, maybe go to the police* AFTER you left. *the police might not be the correct authority here...
– Hobbamok
14 hours ago
27
@Hobbamok Assuming OP is interested in taking legal action, I would suggest speaking to a lawyer before they leave the company. I don't claim to know the best course myself, but a lawyer who specializes in whistle-blowing and who knows the locals laws would. By speaking to such a lawyer beforehand, OP still has all options open - speaking to them after leaving may limit the ability to build a successful case against the company. Again, this is all assuming OP has any interest in taking action at all.
– Steve-O
14 hours ago
"Can't see investors flocking to a company with that one on their record." Don't assume every "investor" in a product like this has the same respect for the law as you do.
– alephzero
13 hours ago
3
@alephzero I wouldn't suggest that nobody would be willing to invest in a company with something like that, but it's going to narrow down the list a fair bit.
– motosubatsu
13 hours ago
Wasn't this the exact plot of a 'Silicon Valley' episode? Spoiler: $21 billion in COPPA fines.
– Marc Bernier
10 hours ago
add a comment |
Since it seems that your CEO is either a bit clueless (at best) or morally bankrupt I don't think you're going to get anywhere with persuading them that this is abhorrent. Especially given they are just casually brushing off such fripperies as it being rather illegal. What you might have some success with is point out some of the myriad ways that this could easily become utterly ruinous for both them and the company.
e.g. If this "feature" captures images/video of an underage person getting changed - congratulations your company is now on the hook for producing, transmitting and storing indecent images of children! Can't see investors flocking to a company with that one on their record.
But I have to say why waste your time? At the end of the day scumbags gonna scumbag and life's too short to waste it working for or being diplomatic to scumbags. I'd honestly just recommend leaving as soon as you have something else to go to and make sure no-one you know ever installs or uses this app or anything else the company produces.
Since it seems that your CEO is either a bit clueless (at best) or morally bankrupt I don't think you're going to get anywhere with persuading them that this is abhorrent. Especially given they are just casually brushing off such fripperies as it being rather illegal. What you might have some success with is point out some of the myriad ways that this could easily become utterly ruinous for both them and the company.
e.g. If this "feature" captures images/video of an underage person getting changed - congratulations your company is now on the hook for producing, transmitting and storing indecent images of children! Can't see investors flocking to a company with that one on their record.
But I have to say why waste your time? At the end of the day scumbags gonna scumbag and life's too short to waste it working for or being diplomatic to scumbags. I'd honestly just recommend leaving as soon as you have something else to go to and make sure no-one you know ever installs or uses this app or anything else the company produces.
answered 16 hours ago
motosubatsumotosubatsu
51.5k27138206
51.5k27138206
1
Yeah, maybe go to the police* AFTER you left. *the police might not be the correct authority here...
– Hobbamok
14 hours ago
27
@Hobbamok Assuming OP is interested in taking legal action, I would suggest speaking to a lawyer before they leave the company. I don't claim to know the best course myself, but a lawyer who specializes in whistle-blowing and who knows the locals laws would. By speaking to such a lawyer beforehand, OP still has all options open - speaking to them after leaving may limit the ability to build a successful case against the company. Again, this is all assuming OP has any interest in taking action at all.
– Steve-O
14 hours ago
"Can't see investors flocking to a company with that one on their record." Don't assume every "investor" in a product like this has the same respect for the law as you do.
– alephzero
13 hours ago
3
@alephzero I wouldn't suggest that nobody would be willing to invest in a company with something like that, but it's going to narrow down the list a fair bit.
– motosubatsu
13 hours ago
Wasn't this the exact plot of a 'Silicon Valley' episode? Spoiler: $21 billion in COPPA fines.
– Marc Bernier
10 hours ago
add a comment |
1
Yeah, maybe go to the police* AFTER you left. *the police might not be the correct authority here...
– Hobbamok
14 hours ago
27
@Hobbamok Assuming OP is interested in taking legal action, I would suggest speaking to a lawyer before they leave the company. I don't claim to know the best course myself, but a lawyer who specializes in whistle-blowing and who knows the locals laws would. By speaking to such a lawyer beforehand, OP still has all options open - speaking to them after leaving may limit the ability to build a successful case against the company. Again, this is all assuming OP has any interest in taking action at all.
– Steve-O
14 hours ago
"Can't see investors flocking to a company with that one on their record." Don't assume every "investor" in a product like this has the same respect for the law as you do.
– alephzero
13 hours ago
3
@alephzero I wouldn't suggest that nobody would be willing to invest in a company with something like that, but it's going to narrow down the list a fair bit.
– motosubatsu
13 hours ago
Wasn't this the exact plot of a 'Silicon Valley' episode? Spoiler: $21 billion in COPPA fines.
– Marc Bernier
10 hours ago
1
1
Yeah, maybe go to the police* AFTER you left. *the police might not be the correct authority here...
– Hobbamok
14 hours ago
Yeah, maybe go to the police* AFTER you left. *the police might not be the correct authority here...
– Hobbamok
14 hours ago
27
27
@Hobbamok Assuming OP is interested in taking legal action, I would suggest speaking to a lawyer before they leave the company. I don't claim to know the best course myself, but a lawyer who specializes in whistle-blowing and who knows the locals laws would. By speaking to such a lawyer beforehand, OP still has all options open - speaking to them after leaving may limit the ability to build a successful case against the company. Again, this is all assuming OP has any interest in taking action at all.
– Steve-O
14 hours ago
@Hobbamok Assuming OP is interested in taking legal action, I would suggest speaking to a lawyer before they leave the company. I don't claim to know the best course myself, but a lawyer who specializes in whistle-blowing and who knows the locals laws would. By speaking to such a lawyer beforehand, OP still has all options open - speaking to them after leaving may limit the ability to build a successful case against the company. Again, this is all assuming OP has any interest in taking action at all.
– Steve-O
14 hours ago
"Can't see investors flocking to a company with that one on their record." Don't assume every "investor" in a product like this has the same respect for the law as you do.
– alephzero
13 hours ago
"Can't see investors flocking to a company with that one on their record." Don't assume every "investor" in a product like this has the same respect for the law as you do.
– alephzero
13 hours ago
3
3
@alephzero I wouldn't suggest that nobody would be willing to invest in a company with something like that, but it's going to narrow down the list a fair bit.
– motosubatsu
13 hours ago
@alephzero I wouldn't suggest that nobody would be willing to invest in a company with something like that, but it's going to narrow down the list a fair bit.
– motosubatsu
13 hours ago
Wasn't this the exact plot of a 'Silicon Valley' episode? Spoiler: $21 billion in COPPA fines.
– Marc Bernier
10 hours ago
Wasn't this the exact plot of a 'Silicon Valley' episode? Spoiler: $21 billion in COPPA fines.
– Marc Bernier
10 hours ago
add a comment |
1) Document everything, starting now. You will likely need it.
2) Do not start building this feature. Do not prioritize it, do not write tickets for it, do not task your team with anything to do with it.
3) If management wants to chastise you over dereliction of duty, allow them to do so, and simply ignore everything they say. Document these situations as well.
4) Go as high as you can in the food chain. If your boss won't listen, go to their boss. If their boss won't listen, go to their boss. And so on. What you should explain to them is the worst-case-but-possible scenario that you could get in trouble for. Other answers suggest going the child porn route, and that's not a bad idea, but if you can think of something more dangerous then go for it. I would do something like this:
(to CEO) Hey, John [or however you want to address the CEO], I'm having an issue with this new feature we're developing. I know the purpose of the feature is [explain what product management told you], but I feel like we could get in a lot of trouble for this. For example, what happens if we're recording and we accidentally record an underage child changing their clothes? That gets us in a lot of trouble, not with the customer, but with the police directly. I don't think an EULA handles that use case, because minors can't legally give permission to record pornography of themselves. We should rethink this.
Another way you can come at this is from a user engagement perspective:
Hey John, [...]. Because this feature uses the camera constantly, it will use a lot of battery power. Since it uploads the video to our servers, it also uses a lot of user data. What do you think would happen if our users suddenly see their batteries decreasing rapidly and their data usage spiking, and then find out it's our app that did it? Would you use an app which causes a significant drain on your phone like this? Do you think our users will? What will you tell your investors if user engagement falls off a cliff due to these issues?
See what he says. If this doesn't convince him, then:
5) Make them fire you, or, better, make them force you to quit. Come into work every day and do everything they ask as normal, except do not do this project. Then they have 2 choices: Abandon the project, or fire you and bring in someone who will do the project. In the first case, you win! In the second case, if they fire you then you should contact a lawyer. Bring all the evidence you have concerning the project, the concerns you raised, who you raised them to, everything. Remember, document everything. You likely have a case (IANAL). If they force you to quit, then on top of the above legal case, you may also have a case for constructive dismissal; the tl;dr of Wikipedia is that the definition (IANAL) is when your company makes your life a living hell, but does not fire you, to the point at which you have no choice but to quit.
6) If you get wind of the project being redirected (i.e. your team is removed from it and another team is given the task instead), contact the local authorities ASAP. You likely have protection as a whistleblower. Dump everything you have to the authorities as soon as you can and in as much detail as you can.
Best answer BY FAR. Several answers say to "document everything." This answer goes into highly specific detail about what to document, and how to actually proceed, and when to go to the authorities. I hope this advice is followed.
– Wildcard
8 hours ago
add a comment |
1) Document everything, starting now. You will likely need it.
2) Do not start building this feature. Do not prioritize it, do not write tickets for it, do not task your team with anything to do with it.
3) If management wants to chastise you over dereliction of duty, allow them to do so, and simply ignore everything they say. Document these situations as well.
4) Go as high as you can in the food chain. If your boss won't listen, go to their boss. If their boss won't listen, go to their boss. And so on. What you should explain to them is the worst-case-but-possible scenario that you could get in trouble for. Other answers suggest going the child porn route, and that's not a bad idea, but if you can think of something more dangerous then go for it. I would do something like this:
(to CEO) Hey, John [or however you want to address the CEO], I'm having an issue with this new feature we're developing. I know the purpose of the feature is [explain what product management told you], but I feel like we could get in a lot of trouble for this. For example, what happens if we're recording and we accidentally record an underage child changing their clothes? That gets us in a lot of trouble, not with the customer, but with the police directly. I don't think an EULA handles that use case, because minors can't legally give permission to record pornography of themselves. We should rethink this.
Another way you can come at this is from a user engagement perspective:
Hey John, [...]. Because this feature uses the camera constantly, it will use a lot of battery power. Since it uploads the video to our servers, it also uses a lot of user data. What do you think would happen if our users suddenly see their batteries decreasing rapidly and their data usage spiking, and then find out it's our app that did it? Would you use an app which causes a significant drain on your phone like this? Do you think our users will? What will you tell your investors if user engagement falls off a cliff due to these issues?
See what he says. If this doesn't convince him, then:
5) Make them fire you, or, better, make them force you to quit. Come into work every day and do everything they ask as normal, except do not do this project. Then they have 2 choices: Abandon the project, or fire you and bring in someone who will do the project. In the first case, you win! In the second case, if they fire you then you should contact a lawyer. Bring all the evidence you have concerning the project, the concerns you raised, who you raised them to, everything. Remember, document everything. You likely have a case (IANAL). If they force you to quit, then on top of the above legal case, you may also have a case for constructive dismissal; the tl;dr of Wikipedia is that the definition (IANAL) is when your company makes your life a living hell, but does not fire you, to the point at which you have no choice but to quit.
6) If you get wind of the project being redirected (i.e. your team is removed from it and another team is given the task instead), contact the local authorities ASAP. You likely have protection as a whistleblower. Dump everything you have to the authorities as soon as you can and in as much detail as you can.
Best answer BY FAR. Several answers say to "document everything." This answer goes into highly specific detail about what to document, and how to actually proceed, and when to go to the authorities. I hope this advice is followed.
– Wildcard
8 hours ago
add a comment |
1) Document everything, starting now. You will likely need it.
2) Do not start building this feature. Do not prioritize it, do not write tickets for it, do not task your team with anything to do with it.
3) If management wants to chastise you over dereliction of duty, allow them to do so, and simply ignore everything they say. Document these situations as well.
4) Go as high as you can in the food chain. If your boss won't listen, go to their boss. If their boss won't listen, go to their boss. And so on. What you should explain to them is the worst-case-but-possible scenario that you could get in trouble for. Other answers suggest going the child porn route, and that's not a bad idea, but if you can think of something more dangerous then go for it. I would do something like this:
(to CEO) Hey, John [or however you want to address the CEO], I'm having an issue with this new feature we're developing. I know the purpose of the feature is [explain what product management told you], but I feel like we could get in a lot of trouble for this. For example, what happens if we're recording and we accidentally record an underage child changing their clothes? That gets us in a lot of trouble, not with the customer, but with the police directly. I don't think an EULA handles that use case, because minors can't legally give permission to record pornography of themselves. We should rethink this.
Another way you can come at this is from a user engagement perspective:
Hey John, [...]. Because this feature uses the camera constantly, it will use a lot of battery power. Since it uploads the video to our servers, it also uses a lot of user data. What do you think would happen if our users suddenly see their batteries decreasing rapidly and their data usage spiking, and then find out it's our app that did it? Would you use an app which causes a significant drain on your phone like this? Do you think our users will? What will you tell your investors if user engagement falls off a cliff due to these issues?
See what he says. If this doesn't convince him, then:
5) Make them fire you, or, better, make them force you to quit. Come into work every day and do everything they ask as normal, except do not do this project. Then they have 2 choices: Abandon the project, or fire you and bring in someone who will do the project. In the first case, you win! In the second case, if they fire you then you should contact a lawyer. Bring all the evidence you have concerning the project, the concerns you raised, who you raised them to, everything. Remember, document everything. You likely have a case (IANAL). If they force you to quit, then on top of the above legal case, you may also have a case for constructive dismissal; the tl;dr of Wikipedia is that the definition (IANAL) is when your company makes your life a living hell, but does not fire you, to the point at which you have no choice but to quit.
6) If you get wind of the project being redirected (i.e. your team is removed from it and another team is given the task instead), contact the local authorities ASAP. You likely have protection as a whistleblower. Dump everything you have to the authorities as soon as you can and in as much detail as you can.
1) Document everything, starting now. You will likely need it.
2) Do not start building this feature. Do not prioritize it, do not write tickets for it, do not task your team with anything to do with it.
3) If management wants to chastise you over dereliction of duty, allow them to do so, and simply ignore everything they say. Document these situations as well.
4) Go as high as you can in the food chain. If your boss won't listen, go to their boss. If their boss won't listen, go to their boss. And so on. What you should explain to them is the worst-case-but-possible scenario that you could get in trouble for. Other answers suggest going the child porn route, and that's not a bad idea, but if you can think of something more dangerous then go for it. I would do something like this:
(to CEO) Hey, John [or however you want to address the CEO], I'm having an issue with this new feature we're developing. I know the purpose of the feature is [explain what product management told you], but I feel like we could get in a lot of trouble for this. For example, what happens if we're recording and we accidentally record an underage child changing their clothes? That gets us in a lot of trouble, not with the customer, but with the police directly. I don't think an EULA handles that use case, because minors can't legally give permission to record pornography of themselves. We should rethink this.
Another way you can come at this is from a user engagement perspective:
Hey John, [...]. Because this feature uses the camera constantly, it will use a lot of battery power. Since it uploads the video to our servers, it also uses a lot of user data. What do you think would happen if our users suddenly see their batteries decreasing rapidly and their data usage spiking, and then find out it's our app that did it? Would you use an app which causes a significant drain on your phone like this? Do you think our users will? What will you tell your investors if user engagement falls off a cliff due to these issues?
See what he says. If this doesn't convince him, then:
5) Make them fire you, or, better, make them force you to quit. Come into work every day and do everything they ask as normal, except do not do this project. Then they have 2 choices: Abandon the project, or fire you and bring in someone who will do the project. In the first case, you win! In the second case, if they fire you then you should contact a lawyer. Bring all the evidence you have concerning the project, the concerns you raised, who you raised them to, everything. Remember, document everything. You likely have a case (IANAL). If they force you to quit, then on top of the above legal case, you may also have a case for constructive dismissal; the tl;dr of Wikipedia is that the definition (IANAL) is when your company makes your life a living hell, but does not fire you, to the point at which you have no choice but to quit.
6) If you get wind of the project being redirected (i.e. your team is removed from it and another team is given the task instead), contact the local authorities ASAP. You likely have protection as a whistleblower. Dump everything you have to the authorities as soon as you can and in as much detail as you can.
edited 12 hours ago
answered 12 hours ago
Ertai87Ertai87
11.3k21332
11.3k21332
Best answer BY FAR. Several answers say to "document everything." This answer goes into highly specific detail about what to document, and how to actually proceed, and when to go to the authorities. I hope this advice is followed.
– Wildcard
8 hours ago
add a comment |
Best answer BY FAR. Several answers say to "document everything." This answer goes into highly specific detail about what to document, and how to actually proceed, and when to go to the authorities. I hope this advice is followed.
– Wildcard
8 hours ago
Best answer BY FAR. Several answers say to "document everything." This answer goes into highly specific detail about what to document, and how to actually proceed, and when to go to the authorities. I hope this advice is followed.
– Wildcard
8 hours ago
Best answer BY FAR. Several answers say to "document everything." This answer goes into highly specific detail about what to document, and how to actually proceed, and when to go to the authorities. I hope this advice is followed.
– Wildcard
8 hours ago
add a comment |
TLDR: Openly, brazenly start collecting documents that prove you were not a decider in this matter, that you advised management against this feature for privacy reasons, and are simply following orders to retain your good job status. Ask the boss flat-out to give you a letter stating exactly that. This may sober him up.
The eavesdropping is a very big deal
Eavesdropping is a criminal charge that varies by state or nationality. Some are "1-party states", where if 1 party in the room gives permission, it's legal.
Most others are "all-party states", meaning everyone being recorded must give permission.
The user doesn't know about your company's eavesdropping, which makes this 0-party; no one in the room is aware. That makes it a crime just about everywhere. What will your criminal defense be? Language buried deep in the EULA? Juries aren't going to accept that because then you would be accusing your customers of breaking the law by not reading the EULA thoroughly enough. Juries, who don't either, will say "no sale".
The feature would send customers through legal hell
But it gets worse. Consider Curtis, your customer, and imagine he's in a civil lawsuit about something totally unrelated. The plaintiff subpoenas from you all the data you have about them. You hand over the eavesdropped content (which makes perfect sense to your boss, since he's such a help-the-police guy). Plaintiff recognizes the eavesdropping, and blows up, assuming Curtis did this.
In an all-party state: Curtis is up the creek. This smokes any chance of a settlement, and horribly prejudices the civil case: Curtis loses HARD. Then the judge refers it to the DA for criminal prosecution; Curtis must be punished. The whole time, nobody knows how this happened. All parties assume Curtis did it on purpose. Curtis assumes he accidentally turned on some feature he's unaware of.
In a 1-party state, Curtis is safe from legal peril, because he had a right to eavesdrop. But if he says he did it on purpose, he enrages the plaintiff. So he is better off saying the app did this without his permission, which will not be believed. Showing it's true will calm the plaintiff and create a "common enemy".
Both of these end in an interesting problem for you. Curtis's best bet is to prove that you do indeed eavesdrop. He already has subpoena power because of the civil suit. So he'll use it to get the same records about any of plaintiff's staff (turnabout is fair play) -- or better, the judge. Can you imagine the civil court judge looking at photos of himself naked?? The judge will have confidence he did not turn this on. He will say to the D.A. "At first I didn't believe defendant, but the company did it to me too". Curtis is out to save his bacon, not get your company, but to save his bacon he must nail you.
All this to say, getting caught is inevitable. It will be viewed by every US state as your company committing a criminal act for money, and presumably lots of other nations and provinces as well.
It will particularly enrage the EFF, ACLU and privacy organizations, especially if it's uncovered that part of your boss's motivation was to "help law enforcement".
Now, when your company gets caught, I don't know how things work in the Philippines, but it sounds like there'd be an internal scramble to blame the next guy. Your boss would obviously have an advantage there, and would try to sell it as "I had no idea OP and her developers were doing that, send them to jail not me".
Sober up your boss, by covering your tail
So your top job is to cover yourself (CYA) and your team against that possibility. What you want is a "get out of jail free card" that shows management was fully aware of the privacy issues and wanted the project built anyway, and their reasoning. Now, when your boss sees you trying to collect those CYA documents, that's going to sober them up right quick: Why do my subordinates think they need this? The boss may have indulged in fantasy when it comes to the legal implications, now he's thinking. Fair chance you will get a memo saying "drop the feature".
add a comment |
TLDR: Openly, brazenly start collecting documents that prove you were not a decider in this matter, that you advised management against this feature for privacy reasons, and are simply following orders to retain your good job status. Ask the boss flat-out to give you a letter stating exactly that. This may sober him up.
The eavesdropping is a very big deal
Eavesdropping is a criminal charge that varies by state or nationality. Some are "1-party states", where if 1 party in the room gives permission, it's legal.
Most others are "all-party states", meaning everyone being recorded must give permission.
The user doesn't know about your company's eavesdropping, which makes this 0-party; no one in the room is aware. That makes it a crime just about everywhere. What will your criminal defense be? Language buried deep in the EULA? Juries aren't going to accept that because then you would be accusing your customers of breaking the law by not reading the EULA thoroughly enough. Juries, who don't either, will say "no sale".
The feature would send customers through legal hell
But it gets worse. Consider Curtis, your customer, and imagine he's in a civil lawsuit about something totally unrelated. The plaintiff subpoenas from you all the data you have about them. You hand over the eavesdropped content (which makes perfect sense to your boss, since he's such a help-the-police guy). Plaintiff recognizes the eavesdropping, and blows up, assuming Curtis did this.
In an all-party state: Curtis is up the creek. This smokes any chance of a settlement, and horribly prejudices the civil case: Curtis loses HARD. Then the judge refers it to the DA for criminal prosecution; Curtis must be punished. The whole time, nobody knows how this happened. All parties assume Curtis did it on purpose. Curtis assumes he accidentally turned on some feature he's unaware of.
In a 1-party state, Curtis is safe from legal peril, because he had a right to eavesdrop. But if he says he did it on purpose, he enrages the plaintiff. So he is better off saying the app did this without his permission, which will not be believed. Showing it's true will calm the plaintiff and create a "common enemy".
Both of these end in an interesting problem for you. Curtis's best bet is to prove that you do indeed eavesdrop. He already has subpoena power because of the civil suit. So he'll use it to get the same records about any of plaintiff's staff (turnabout is fair play) -- or better, the judge. Can you imagine the civil court judge looking at photos of himself naked?? The judge will have confidence he did not turn this on. He will say to the D.A. "At first I didn't believe defendant, but the company did it to me too". Curtis is out to save his bacon, not get your company, but to save his bacon he must nail you.
All this to say, getting caught is inevitable. It will be viewed by every US state as your company committing a criminal act for money, and presumably lots of other nations and provinces as well.
It will particularly enrage the EFF, ACLU and privacy organizations, especially if it's uncovered that part of your boss's motivation was to "help law enforcement".
Now, when your company gets caught, I don't know how things work in the Philippines, but it sounds like there'd be an internal scramble to blame the next guy. Your boss would obviously have an advantage there, and would try to sell it as "I had no idea OP and her developers were doing that, send them to jail not me".
Sober up your boss, by covering your tail
So your top job is to cover yourself (CYA) and your team against that possibility. What you want is a "get out of jail free card" that shows management was fully aware of the privacy issues and wanted the project built anyway, and their reasoning. Now, when your boss sees you trying to collect those CYA documents, that's going to sober them up right quick: Why do my subordinates think they need this? The boss may have indulged in fantasy when it comes to the legal implications, now he's thinking. Fair chance you will get a memo saying "drop the feature".
add a comment |
TLDR: Openly, brazenly start collecting documents that prove you were not a decider in this matter, that you advised management against this feature for privacy reasons, and are simply following orders to retain your good job status. Ask the boss flat-out to give you a letter stating exactly that. This may sober him up.
The eavesdropping is a very big deal
Eavesdropping is a criminal charge that varies by state or nationality. Some are "1-party states", where if 1 party in the room gives permission, it's legal.
Most others are "all-party states", meaning everyone being recorded must give permission.
The user doesn't know about your company's eavesdropping, which makes this 0-party; no one in the room is aware. That makes it a crime just about everywhere. What will your criminal defense be? Language buried deep in the EULA? Juries aren't going to accept that because then you would be accusing your customers of breaking the law by not reading the EULA thoroughly enough. Juries, who don't either, will say "no sale".
The feature would send customers through legal hell
But it gets worse. Consider Curtis, your customer, and imagine he's in a civil lawsuit about something totally unrelated. The plaintiff subpoenas from you all the data you have about them. You hand over the eavesdropped content (which makes perfect sense to your boss, since he's such a help-the-police guy). Plaintiff recognizes the eavesdropping, and blows up, assuming Curtis did this.
In an all-party state: Curtis is up the creek. This smokes any chance of a settlement, and horribly prejudices the civil case: Curtis loses HARD. Then the judge refers it to the DA for criminal prosecution; Curtis must be punished. The whole time, nobody knows how this happened. All parties assume Curtis did it on purpose. Curtis assumes he accidentally turned on some feature he's unaware of.
In a 1-party state, Curtis is safe from legal peril, because he had a right to eavesdrop. But if he says he did it on purpose, he enrages the plaintiff. So he is better off saying the app did this without his permission, which will not be believed. Showing it's true will calm the plaintiff and create a "common enemy".
Both of these end in an interesting problem for you. Curtis's best bet is to prove that you do indeed eavesdrop. He already has subpoena power because of the civil suit. So he'll use it to get the same records about any of plaintiff's staff (turnabout is fair play) -- or better, the judge. Can you imagine the civil court judge looking at photos of himself naked?? The judge will have confidence he did not turn this on. He will say to the D.A. "At first I didn't believe defendant, but the company did it to me too". Curtis is out to save his bacon, not get your company, but to save his bacon he must nail you.
All this to say, getting caught is inevitable. It will be viewed by every US state as your company committing a criminal act for money, and presumably lots of other nations and provinces as well.
It will particularly enrage the EFF, ACLU and privacy organizations, especially if it's uncovered that part of your boss's motivation was to "help law enforcement".
Now, when your company gets caught, I don't know how things work in the Philippines, but it sounds like there'd be an internal scramble to blame the next guy. Your boss would obviously have an advantage there, and would try to sell it as "I had no idea OP and her developers were doing that, send them to jail not me".
Sober up your boss, by covering your tail
So your top job is to cover yourself (CYA) and your team against that possibility. What you want is a "get out of jail free card" that shows management was fully aware of the privacy issues and wanted the project built anyway, and their reasoning. Now, when your boss sees you trying to collect those CYA documents, that's going to sober them up right quick: Why do my subordinates think they need this? The boss may have indulged in fantasy when it comes to the legal implications, now he's thinking. Fair chance you will get a memo saying "drop the feature".
TLDR: Openly, brazenly start collecting documents that prove you were not a decider in this matter, that you advised management against this feature for privacy reasons, and are simply following orders to retain your good job status. Ask the boss flat-out to give you a letter stating exactly that. This may sober him up.
The eavesdropping is a very big deal
Eavesdropping is a criminal charge that varies by state or nationality. Some are "1-party states", where if 1 party in the room gives permission, it's legal.
Most others are "all-party states", meaning everyone being recorded must give permission.
The user doesn't know about your company's eavesdropping, which makes this 0-party; no one in the room is aware. That makes it a crime just about everywhere. What will your criminal defense be? Language buried deep in the EULA? Juries aren't going to accept that because then you would be accusing your customers of breaking the law by not reading the EULA thoroughly enough. Juries, who don't either, will say "no sale".
The feature would send customers through legal hell
But it gets worse. Consider Curtis, your customer, and imagine he's in a civil lawsuit about something totally unrelated. The plaintiff subpoenas from you all the data you have about them. You hand over the eavesdropped content (which makes perfect sense to your boss, since he's such a help-the-police guy). Plaintiff recognizes the eavesdropping, and blows up, assuming Curtis did this.
In an all-party state: Curtis is up the creek. This smokes any chance of a settlement, and horribly prejudices the civil case: Curtis loses HARD. Then the judge refers it to the DA for criminal prosecution; Curtis must be punished. The whole time, nobody knows how this happened. All parties assume Curtis did it on purpose. Curtis assumes he accidentally turned on some feature he's unaware of.
In a 1-party state, Curtis is safe from legal peril, because he had a right to eavesdrop. But if he says he did it on purpose, he enrages the plaintiff. So he is better off saying the app did this without his permission, which will not be believed. Showing it's true will calm the plaintiff and create a "common enemy".
Both of these end in an interesting problem for you. Curtis's best bet is to prove that you do indeed eavesdrop. He already has subpoena power because of the civil suit. So he'll use it to get the same records about any of plaintiff's staff (turnabout is fair play) -- or better, the judge. Can you imagine the civil court judge looking at photos of himself naked?? The judge will have confidence he did not turn this on. He will say to the D.A. "At first I didn't believe defendant, but the company did it to me too". Curtis is out to save his bacon, not get your company, but to save his bacon he must nail you.
All this to say, getting caught is inevitable. It will be viewed by every US state as your company committing a criminal act for money, and presumably lots of other nations and provinces as well.
It will particularly enrage the EFF, ACLU and privacy organizations, especially if it's uncovered that part of your boss's motivation was to "help law enforcement".
Now, when your company gets caught, I don't know how things work in the Philippines, but it sounds like there'd be an internal scramble to blame the next guy. Your boss would obviously have an advantage there, and would try to sell it as "I had no idea OP and her developers were doing that, send them to jail not me".
Sober up your boss, by covering your tail
So your top job is to cover yourself (CYA) and your team against that possibility. What you want is a "get out of jail free card" that shows management was fully aware of the privacy issues and wanted the project built anyway, and their reasoning. Now, when your boss sees you trying to collect those CYA documents, that's going to sober them up right quick: Why do my subordinates think they need this? The boss may have indulged in fantasy when it comes to the legal implications, now he's thinking. Fair chance you will get a memo saying "drop the feature".
answered 11 hours ago
HarperHarper
4,99211023
4,99211023
add a comment |
add a comment |
I don't disagree with the answer by Dark Matter, but I wanted to offer you an option that isn't mentioned there.
In many companies there is an ethics officer, whose job is to ensure that the company complies with ethical standards. I'm guessing your company doesn't have one, but future readers of this might try that. Also sometimes contacting the company lawyer is effective. Lawyers have an obligation to uphold the law, and if they know their client is engaging in illegal activity they are much less able to ignore it than other people.
The final option is to gather enough evidence to document what you are being asked to do, and then send it to the authorities. Or the news media. Or both.
It goes without saying that this is a nuclear option. While it is possible to do anonymously (Wikileaks?) there is a pretty good chance you will be at least suspected of being the leaker, and probably fired. Technically you are also exposing confidential information, and there is a chance that you could be pursued in the courts. In my country you would be protected by whistleblower legislation, but I don't imagine the Philippines has that.
So the consequences for you might be severe. Don't take this action unless you are prepared for them. But on the upside you would be exposing a corrupt CEO and possibly a corrupt company, which would be a serious deterrent to other companies who want to do the same thing.
1
Contacting the company lawyer might as well be a nuclear option for me; as the lawyer and the CEO are in great terms and was in fact in the meeting with the investors who were enthusiastic about the problematic feature request.
– Jenny Tengson Mandani
12 hours ago
2
I just wanted to make sure that future readers of this knew about all their options.
– DJClayworth
12 hours ago
1
FWIW, Manila is The Philippines, not Malaysia. Probably the same deal though.
– Ertai87
12 hours ago
3
For what it is worth (FWIW) according to a lawyer's presentation I attended a few years ago at a national tech conference... whistle-blower legislation in the US only protects you if you tell appropriate government authorities - there is no protection from those laws if you tell the press or anyone else.
– J. Chris Compton
11 hours ago
add a comment |
I don't disagree with the answer by Dark Matter, but I wanted to offer you an option that isn't mentioned there.
In many companies there is an ethics officer, whose job is to ensure that the company complies with ethical standards. I'm guessing your company doesn't have one, but future readers of this might try that. Also sometimes contacting the company lawyer is effective. Lawyers have an obligation to uphold the law, and if they know their client is engaging in illegal activity they are much less able to ignore it than other people.
The final option is to gather enough evidence to document what you are being asked to do, and then send it to the authorities. Or the news media. Or both.
It goes without saying that this is a nuclear option. While it is possible to do anonymously (Wikileaks?) there is a pretty good chance you will be at least suspected of being the leaker, and probably fired. Technically you are also exposing confidential information, and there is a chance that you could be pursued in the courts. In my country you would be protected by whistleblower legislation, but I don't imagine the Philippines has that.
So the consequences for you might be severe. Don't take this action unless you are prepared for them. But on the upside you would be exposing a corrupt CEO and possibly a corrupt company, which would be a serious deterrent to other companies who want to do the same thing.
1
Contacting the company lawyer might as well be a nuclear option for me; as the lawyer and the CEO are in great terms and was in fact in the meeting with the investors who were enthusiastic about the problematic feature request.
– Jenny Tengson Mandani
12 hours ago
2
I just wanted to make sure that future readers of this knew about all their options.
– DJClayworth
12 hours ago
1
FWIW, Manila is The Philippines, not Malaysia. Probably the same deal though.
– Ertai87
12 hours ago
3
For what it is worth (FWIW) according to a lawyer's presentation I attended a few years ago at a national tech conference... whistle-blower legislation in the US only protects you if you tell appropriate government authorities - there is no protection from those laws if you tell the press or anyone else.
– J. Chris Compton
11 hours ago
add a comment |
I don't disagree with the answer by Dark Matter, but I wanted to offer you an option that isn't mentioned there.
In many companies there is an ethics officer, whose job is to ensure that the company complies with ethical standards. I'm guessing your company doesn't have one, but future readers of this might try that. Also sometimes contacting the company lawyer is effective. Lawyers have an obligation to uphold the law, and if they know their client is engaging in illegal activity they are much less able to ignore it than other people.
The final option is to gather enough evidence to document what you are being asked to do, and then send it to the authorities. Or the news media. Or both.
It goes without saying that this is a nuclear option. While it is possible to do anonymously (Wikileaks?) there is a pretty good chance you will be at least suspected of being the leaker, and probably fired. Technically you are also exposing confidential information, and there is a chance that you could be pursued in the courts. In my country you would be protected by whistleblower legislation, but I don't imagine the Philippines has that.
So the consequences for you might be severe. Don't take this action unless you are prepared for them. But on the upside you would be exposing a corrupt CEO and possibly a corrupt company, which would be a serious deterrent to other companies who want to do the same thing.
I don't disagree with the answer by Dark Matter, but I wanted to offer you an option that isn't mentioned there.
In many companies there is an ethics officer, whose job is to ensure that the company complies with ethical standards. I'm guessing your company doesn't have one, but future readers of this might try that. Also sometimes contacting the company lawyer is effective. Lawyers have an obligation to uphold the law, and if they know their client is engaging in illegal activity they are much less able to ignore it than other people.
The final option is to gather enough evidence to document what you are being asked to do, and then send it to the authorities. Or the news media. Or both.
It goes without saying that this is a nuclear option. While it is possible to do anonymously (Wikileaks?) there is a pretty good chance you will be at least suspected of being the leaker, and probably fired. Technically you are also exposing confidential information, and there is a chance that you could be pursued in the courts. In my country you would be protected by whistleblower legislation, but I don't imagine the Philippines has that.
So the consequences for you might be severe. Don't take this action unless you are prepared for them. But on the upside you would be exposing a corrupt CEO and possibly a corrupt company, which would be a serious deterrent to other companies who want to do the same thing.
edited 10 hours ago
Community♦
1
1
answered 12 hours ago
DJClayworthDJClayworth
44.9k1193155
44.9k1193155
1
Contacting the company lawyer might as well be a nuclear option for me; as the lawyer and the CEO are in great terms and was in fact in the meeting with the investors who were enthusiastic about the problematic feature request.
– Jenny Tengson Mandani
12 hours ago
2
I just wanted to make sure that future readers of this knew about all their options.
– DJClayworth
12 hours ago
1
FWIW, Manila is The Philippines, not Malaysia. Probably the same deal though.
– Ertai87
12 hours ago
3
For what it is worth (FWIW) according to a lawyer's presentation I attended a few years ago at a national tech conference... whistle-blower legislation in the US only protects you if you tell appropriate government authorities - there is no protection from those laws if you tell the press or anyone else.
– J. Chris Compton
11 hours ago
add a comment |
1
Contacting the company lawyer might as well be a nuclear option for me; as the lawyer and the CEO are in great terms and was in fact in the meeting with the investors who were enthusiastic about the problematic feature request.
– Jenny Tengson Mandani
12 hours ago
2
I just wanted to make sure that future readers of this knew about all their options.
– DJClayworth
12 hours ago
1
FWIW, Manila is The Philippines, not Malaysia. Probably the same deal though.
– Ertai87
12 hours ago
3
For what it is worth (FWIW) according to a lawyer's presentation I attended a few years ago at a national tech conference... whistle-blower legislation in the US only protects you if you tell appropriate government authorities - there is no protection from those laws if you tell the press or anyone else.
– J. Chris Compton
11 hours ago
1
1
Contacting the company lawyer might as well be a nuclear option for me; as the lawyer and the CEO are in great terms and was in fact in the meeting with the investors who were enthusiastic about the problematic feature request.
– Jenny Tengson Mandani
12 hours ago
Contacting the company lawyer might as well be a nuclear option for me; as the lawyer and the CEO are in great terms and was in fact in the meeting with the investors who were enthusiastic about the problematic feature request.
– Jenny Tengson Mandani
12 hours ago
2
2
I just wanted to make sure that future readers of this knew about all their options.
– DJClayworth
12 hours ago
I just wanted to make sure that future readers of this knew about all their options.
– DJClayworth
12 hours ago
1
1
FWIW, Manila is The Philippines, not Malaysia. Probably the same deal though.
– Ertai87
12 hours ago
FWIW, Manila is The Philippines, not Malaysia. Probably the same deal though.
– Ertai87
12 hours ago
3
3
For what it is worth (FWIW) according to a lawyer's presentation I attended a few years ago at a national tech conference... whistle-blower legislation in the US only protects you if you tell appropriate government authorities - there is no protection from those laws if you tell the press or anyone else.
– J. Chris Compton
11 hours ago
For what it is worth (FWIW) according to a lawyer's presentation I attended a few years ago at a national tech conference... whistle-blower legislation in the US only protects you if you tell appropriate government authorities - there is no protection from those laws if you tell the press or anyone else.
– J. Chris Compton
11 hours ago
add a comment |
Some very powerful and unpleasant people in the past have used technology (for example old fashioned audio tapes) to record meetings secretly. They get the victim to admit to disliking another powerful figure and then use the tapes as a form of blackmail or simply to set opponents against each other, e.g. "This is what X said about you, and I've got the tape to prove it."
[Note: I will find some evidence for this online and come back to edit my answer.]
It is not impossible that someone has been searching around for a firm willing to produce this sort of software and there might be considerable bribes involved.
You didn't say what the app does. Could it be used for blackmail, or spying for industrial secrets in a certain sphere? Could it be used to predict fluctuations in the financial markets?
I would get out ASAP because if anything like this is going on, it won't be the big players who get prosecuted, it will be the ones at the bottom of the chain.
add a comment |
Some very powerful and unpleasant people in the past have used technology (for example old fashioned audio tapes) to record meetings secretly. They get the victim to admit to disliking another powerful figure and then use the tapes as a form of blackmail or simply to set opponents against each other, e.g. "This is what X said about you, and I've got the tape to prove it."
[Note: I will find some evidence for this online and come back to edit my answer.]
It is not impossible that someone has been searching around for a firm willing to produce this sort of software and there might be considerable bribes involved.
You didn't say what the app does. Could it be used for blackmail, or spying for industrial secrets in a certain sphere? Could it be used to predict fluctuations in the financial markets?
I would get out ASAP because if anything like this is going on, it won't be the big players who get prosecuted, it will be the ones at the bottom of the chain.
add a comment |
Some very powerful and unpleasant people in the past have used technology (for example old fashioned audio tapes) to record meetings secretly. They get the victim to admit to disliking another powerful figure and then use the tapes as a form of blackmail or simply to set opponents against each other, e.g. "This is what X said about you, and I've got the tape to prove it."
[Note: I will find some evidence for this online and come back to edit my answer.]
It is not impossible that someone has been searching around for a firm willing to produce this sort of software and there might be considerable bribes involved.
You didn't say what the app does. Could it be used for blackmail, or spying for industrial secrets in a certain sphere? Could it be used to predict fluctuations in the financial markets?
I would get out ASAP because if anything like this is going on, it won't be the big players who get prosecuted, it will be the ones at the bottom of the chain.
Some very powerful and unpleasant people in the past have used technology (for example old fashioned audio tapes) to record meetings secretly. They get the victim to admit to disliking another powerful figure and then use the tapes as a form of blackmail or simply to set opponents against each other, e.g. "This is what X said about you, and I've got the tape to prove it."
[Note: I will find some evidence for this online and come back to edit my answer.]
It is not impossible that someone has been searching around for a firm willing to produce this sort of software and there might be considerable bribes involved.
You didn't say what the app does. Could it be used for blackmail, or spying for industrial secrets in a certain sphere? Could it be used to predict fluctuations in the financial markets?
I would get out ASAP because if anything like this is going on, it won't be the big players who get prosecuted, it will be the ones at the bottom of the chain.
answered 13 hours ago
chasly from UKchasly from UK
425211
425211
add a comment |
add a comment |
Slightly different approach than the other (mostly very good) answers.
This answer is an attempt for you to keep your job and not have to write the feature.
the product owner explains to me that while the feature is truly useless, it still has to be made so as to attract investors
My alternative is to approach the company lawyer directly.
You have a legal issue that could sink the whole company that he might understand.
Approach the lawyer like this: (use an innocent / concerned expression)
"Hey [lawyer], I previously had a problem with that video feature - CEO may have mentioned this. But after talking to him I told [product owner] about it he said we had to do it anyway. So I went back to try to figure out how to do it because it looks like everyone is on board with it."
You are just playing the good employee so he will listen closely to what you are saying (instead of just nod and pay half-attention to someone that doesn't want to do what the CEO and the investors want to do).
"One pretty big legal issue occurred to me that I thought I should run by you."
"Because the customer doesn't know about the video, they could be in their home unknowing filming their children while they get dressed. Even if the EULA TOS exempts us from this, if it comes out that we have taken images of naked children and stored them on our servers - wouldn't that be a PR nightmare for both the company and the investors?"
"All it would take is a Mom or Dad using another app while changing a baby... or being in a bathroom with their small child. I don't know how to detect this, so I cannot prevent our storing compromising pictures on our servers.
"That would be a big deal, right? Especially since we aren't telling the parents?"
"There are apps that track how often an infant goes to the bathroom, so it is reasonable."
Best wishes on this.
Hope you will tell us how it comes out in a few weeks.
As an aside... whistle-blower laws in the US only protect you from legal action when you tell the authorities. Tell the press, or anyone else, and you're open to be sued.
I'm not a lawyer, but this information came from a lawyer who was speaking at a conference I attended several years ago.
add a comment |
Slightly different approach than the other (mostly very good) answers.
This answer is an attempt for you to keep your job and not have to write the feature.
the product owner explains to me that while the feature is truly useless, it still has to be made so as to attract investors
My alternative is to approach the company lawyer directly.
You have a legal issue that could sink the whole company that he might understand.
Approach the lawyer like this: (use an innocent / concerned expression)
"Hey [lawyer], I previously had a problem with that video feature - CEO may have mentioned this. But after talking to him I told [product owner] about it he said we had to do it anyway. So I went back to try to figure out how to do it because it looks like everyone is on board with it."
You are just playing the good employee so he will listen closely to what you are saying (instead of just nod and pay half-attention to someone that doesn't want to do what the CEO and the investors want to do).
"One pretty big legal issue occurred to me that I thought I should run by you."
"Because the customer doesn't know about the video, they could be in their home unknowing filming their children while they get dressed. Even if the EULA TOS exempts us from this, if it comes out that we have taken images of naked children and stored them on our servers - wouldn't that be a PR nightmare for both the company and the investors?"
"All it would take is a Mom or Dad using another app while changing a baby... or being in a bathroom with their small child. I don't know how to detect this, so I cannot prevent our storing compromising pictures on our servers.
"That would be a big deal, right? Especially since we aren't telling the parents?"
"There are apps that track how often an infant goes to the bathroom, so it is reasonable."
Best wishes on this.
Hope you will tell us how it comes out in a few weeks.
As an aside... whistle-blower laws in the US only protect you from legal action when you tell the authorities. Tell the press, or anyone else, and you're open to be sued.
I'm not a lawyer, but this information came from a lawyer who was speaking at a conference I attended several years ago.
add a comment |
Slightly different approach than the other (mostly very good) answers.
This answer is an attempt for you to keep your job and not have to write the feature.
the product owner explains to me that while the feature is truly useless, it still has to be made so as to attract investors
My alternative is to approach the company lawyer directly.
You have a legal issue that could sink the whole company that he might understand.
Approach the lawyer like this: (use an innocent / concerned expression)
"Hey [lawyer], I previously had a problem with that video feature - CEO may have mentioned this. But after talking to him I told [product owner] about it he said we had to do it anyway. So I went back to try to figure out how to do it because it looks like everyone is on board with it."
You are just playing the good employee so he will listen closely to what you are saying (instead of just nod and pay half-attention to someone that doesn't want to do what the CEO and the investors want to do).
"One pretty big legal issue occurred to me that I thought I should run by you."
"Because the customer doesn't know about the video, they could be in their home unknowing filming their children while they get dressed. Even if the EULA TOS exempts us from this, if it comes out that we have taken images of naked children and stored them on our servers - wouldn't that be a PR nightmare for both the company and the investors?"
"All it would take is a Mom or Dad using another app while changing a baby... or being in a bathroom with their small child. I don't know how to detect this, so I cannot prevent our storing compromising pictures on our servers.
"That would be a big deal, right? Especially since we aren't telling the parents?"
"There are apps that track how often an infant goes to the bathroom, so it is reasonable."
Best wishes on this.
Hope you will tell us how it comes out in a few weeks.
As an aside... whistle-blower laws in the US only protect you from legal action when you tell the authorities. Tell the press, or anyone else, and you're open to be sued.
I'm not a lawyer, but this information came from a lawyer who was speaking at a conference I attended several years ago.
Slightly different approach than the other (mostly very good) answers.
This answer is an attempt for you to keep your job and not have to write the feature.
the product owner explains to me that while the feature is truly useless, it still has to be made so as to attract investors
My alternative is to approach the company lawyer directly.
You have a legal issue that could sink the whole company that he might understand.
Approach the lawyer like this: (use an innocent / concerned expression)
"Hey [lawyer], I previously had a problem with that video feature - CEO may have mentioned this. But after talking to him I told [product owner] about it he said we had to do it anyway. So I went back to try to figure out how to do it because it looks like everyone is on board with it."
You are just playing the good employee so he will listen closely to what you are saying (instead of just nod and pay half-attention to someone that doesn't want to do what the CEO and the investors want to do).
"One pretty big legal issue occurred to me that I thought I should run by you."
"Because the customer doesn't know about the video, they could be in their home unknowing filming their children while they get dressed. Even if the EULA TOS exempts us from this, if it comes out that we have taken images of naked children and stored them on our servers - wouldn't that be a PR nightmare for both the company and the investors?"
"All it would take is a Mom or Dad using another app while changing a baby... or being in a bathroom with their small child. I don't know how to detect this, so I cannot prevent our storing compromising pictures on our servers.
"That would be a big deal, right? Especially since we aren't telling the parents?"
"There are apps that track how often an infant goes to the bathroom, so it is reasonable."
Best wishes on this.
Hope you will tell us how it comes out in a few weeks.
As an aside... whistle-blower laws in the US only protect you from legal action when you tell the authorities. Tell the press, or anyone else, and you're open to be sued.
I'm not a lawyer, but this information came from a lawyer who was speaking at a conference I attended several years ago.
answered 11 hours ago
J. Chris ComptonJ. Chris Compton
5,4121233
5,4121233
add a comment |
add a comment |
Presumably the OP has reason to suppose that this app is "intended" to be used illegally, but stepping back from the general feeling of moral outrage in this thread, there is not much evidence (if any) to support that.
I can't see anything in the OP's post which doesn't fit a use case like "this app converts your cellphone into a dashcam for use in your car". In that situation, battery usage is irrelevant since the phone would be running from the car battery. And dashcams are perfectly legal in many countries (including the UK, for example), and used as police evidence in court, just like images from any other type of security camera. In some countries, the use of dashcams is almost a necessity to support road accident insurance claims and protect oneself against insurance fraud by other people, who may well be criminals themselves.
Of course the app could be used for illegal purposes as well, but so could many other items which it is perfectly legal to buy an sell - kitchen knives, for example.
If the OP doesn't want to be involved in this software project for personal reasons, that's a perfectly reasonable position to take, but IMO there is far too little information given here to jump to the conclusion that the whole project, or the project leader, is operating outside of the law.
7
Could you provide a reasoning for the app recording "in the background", or the requirement that videos be uploaded? Neither of those make sense for a dashcam. In addition, adding this functionality to an existing app (that I assume had a purpose without it) instead of just making a new app seems rather fishy as well.
– Ruther Rendommeleigh
12 hours ago
@RutherRendommeleigh I agree that adding it to an existing app seems fishy. A good, valid use case I can think of is recording dash-cam video while simultaneously using GPS navigation in a separate app. That said, automatically uploading video to a private server, and not directly telling the user that you're recording, are both very big red flags.
– Martin Carney
10 hours ago
You'll need a different example than dash cam... OP states the new feature would "secretly record its surroundings."
– J. Chris Compton
9 hours ago
add a comment |
Presumably the OP has reason to suppose that this app is "intended" to be used illegally, but stepping back from the general feeling of moral outrage in this thread, there is not much evidence (if any) to support that.
I can't see anything in the OP's post which doesn't fit a use case like "this app converts your cellphone into a dashcam for use in your car". In that situation, battery usage is irrelevant since the phone would be running from the car battery. And dashcams are perfectly legal in many countries (including the UK, for example), and used as police evidence in court, just like images from any other type of security camera. In some countries, the use of dashcams is almost a necessity to support road accident insurance claims and protect oneself against insurance fraud by other people, who may well be criminals themselves.
Of course the app could be used for illegal purposes as well, but so could many other items which it is perfectly legal to buy an sell - kitchen knives, for example.
If the OP doesn't want to be involved in this software project for personal reasons, that's a perfectly reasonable position to take, but IMO there is far too little information given here to jump to the conclusion that the whole project, or the project leader, is operating outside of the law.
7
Could you provide a reasoning for the app recording "in the background", or the requirement that videos be uploaded? Neither of those make sense for a dashcam. In addition, adding this functionality to an existing app (that I assume had a purpose without it) instead of just making a new app seems rather fishy as well.
– Ruther Rendommeleigh
12 hours ago
@RutherRendommeleigh I agree that adding it to an existing app seems fishy. A good, valid use case I can think of is recording dash-cam video while simultaneously using GPS navigation in a separate app. That said, automatically uploading video to a private server, and not directly telling the user that you're recording, are both very big red flags.
– Martin Carney
10 hours ago
You'll need a different example than dash cam... OP states the new feature would "secretly record its surroundings."
– J. Chris Compton
9 hours ago
add a comment |
Presumably the OP has reason to suppose that this app is "intended" to be used illegally, but stepping back from the general feeling of moral outrage in this thread, there is not much evidence (if any) to support that.
I can't see anything in the OP's post which doesn't fit a use case like "this app converts your cellphone into a dashcam for use in your car". In that situation, battery usage is irrelevant since the phone would be running from the car battery. And dashcams are perfectly legal in many countries (including the UK, for example), and used as police evidence in court, just like images from any other type of security camera. In some countries, the use of dashcams is almost a necessity to support road accident insurance claims and protect oneself against insurance fraud by other people, who may well be criminals themselves.
Of course the app could be used for illegal purposes as well, but so could many other items which it is perfectly legal to buy an sell - kitchen knives, for example.
If the OP doesn't want to be involved in this software project for personal reasons, that's a perfectly reasonable position to take, but IMO there is far too little information given here to jump to the conclusion that the whole project, or the project leader, is operating outside of the law.
Presumably the OP has reason to suppose that this app is "intended" to be used illegally, but stepping back from the general feeling of moral outrage in this thread, there is not much evidence (if any) to support that.
I can't see anything in the OP's post which doesn't fit a use case like "this app converts your cellphone into a dashcam for use in your car". In that situation, battery usage is irrelevant since the phone would be running from the car battery. And dashcams are perfectly legal in many countries (including the UK, for example), and used as police evidence in court, just like images from any other type of security camera. In some countries, the use of dashcams is almost a necessity to support road accident insurance claims and protect oneself against insurance fraud by other people, who may well be criminals themselves.
Of course the app could be used for illegal purposes as well, but so could many other items which it is perfectly legal to buy an sell - kitchen knives, for example.
If the OP doesn't want to be involved in this software project for personal reasons, that's a perfectly reasonable position to take, but IMO there is far too little information given here to jump to the conclusion that the whole project, or the project leader, is operating outside of the law.
answered 12 hours ago
alephzeroalephzero
3,0661817
3,0661817
7
Could you provide a reasoning for the app recording "in the background", or the requirement that videos be uploaded? Neither of those make sense for a dashcam. In addition, adding this functionality to an existing app (that I assume had a purpose without it) instead of just making a new app seems rather fishy as well.
– Ruther Rendommeleigh
12 hours ago
@RutherRendommeleigh I agree that adding it to an existing app seems fishy. A good, valid use case I can think of is recording dash-cam video while simultaneously using GPS navigation in a separate app. That said, automatically uploading video to a private server, and not directly telling the user that you're recording, are both very big red flags.
– Martin Carney
10 hours ago
You'll need a different example than dash cam... OP states the new feature would "secretly record its surroundings."
– J. Chris Compton
9 hours ago
add a comment |
7
Could you provide a reasoning for the app recording "in the background", or the requirement that videos be uploaded? Neither of those make sense for a dashcam. In addition, adding this functionality to an existing app (that I assume had a purpose without it) instead of just making a new app seems rather fishy as well.
– Ruther Rendommeleigh
12 hours ago
@RutherRendommeleigh I agree that adding it to an existing app seems fishy. A good, valid use case I can think of is recording dash-cam video while simultaneously using GPS navigation in a separate app. That said, automatically uploading video to a private server, and not directly telling the user that you're recording, are both very big red flags.
– Martin Carney
10 hours ago
You'll need a different example than dash cam... OP states the new feature would "secretly record its surroundings."
– J. Chris Compton
9 hours ago
7
7
Could you provide a reasoning for the app recording "in the background", or the requirement that videos be uploaded? Neither of those make sense for a dashcam. In addition, adding this functionality to an existing app (that I assume had a purpose without it) instead of just making a new app seems rather fishy as well.
– Ruther Rendommeleigh
12 hours ago
Could you provide a reasoning for the app recording "in the background", or the requirement that videos be uploaded? Neither of those make sense for a dashcam. In addition, adding this functionality to an existing app (that I assume had a purpose without it) instead of just making a new app seems rather fishy as well.
– Ruther Rendommeleigh
12 hours ago
@RutherRendommeleigh I agree that adding it to an existing app seems fishy. A good, valid use case I can think of is recording dash-cam video while simultaneously using GPS navigation in a separate app. That said, automatically uploading video to a private server, and not directly telling the user that you're recording, are both very big red flags.
– Martin Carney
10 hours ago
@RutherRendommeleigh I agree that adding it to an existing app seems fishy. A good, valid use case I can think of is recording dash-cam video while simultaneously using GPS navigation in a separate app. That said, automatically uploading video to a private server, and not directly telling the user that you're recording, are both very big red flags.
– Martin Carney
10 hours ago
You'll need a different example than dash cam... OP states the new feature would "secretly record its surroundings."
– J. Chris Compton
9 hours ago
You'll need a different example than dash cam... OP states the new feature would "secretly record its surroundings."
– J. Chris Compton
9 hours ago
add a comment |
Ask your CEO whether he will be using the app. Or whether it is possible police or politicians will use the app.
If so, tell him it is a security risk because all the engineers in the company will be able to spy on him and on others. Maybe it works as a deterrent if he is concerned himself.
Also make him aware of the commercial risk of doing this: he might lose his entire user base if they find out. Play on his ego, surely he is too smart to take such a risk?
I'm adding this answer because you explicitly ask for a diplomatic solution. Simply quitting or paper trailing is not necessarily diplomatic.
New contributor
add a comment |
Ask your CEO whether he will be using the app. Or whether it is possible police or politicians will use the app.
If so, tell him it is a security risk because all the engineers in the company will be able to spy on him and on others. Maybe it works as a deterrent if he is concerned himself.
Also make him aware of the commercial risk of doing this: he might lose his entire user base if they find out. Play on his ego, surely he is too smart to take such a risk?
I'm adding this answer because you explicitly ask for a diplomatic solution. Simply quitting or paper trailing is not necessarily diplomatic.
New contributor
add a comment |
Ask your CEO whether he will be using the app. Or whether it is possible police or politicians will use the app.
If so, tell him it is a security risk because all the engineers in the company will be able to spy on him and on others. Maybe it works as a deterrent if he is concerned himself.
Also make him aware of the commercial risk of doing this: he might lose his entire user base if they find out. Play on his ego, surely he is too smart to take such a risk?
I'm adding this answer because you explicitly ask for a diplomatic solution. Simply quitting or paper trailing is not necessarily diplomatic.
New contributor
Ask your CEO whether he will be using the app. Or whether it is possible police or politicians will use the app.
If so, tell him it is a security risk because all the engineers in the company will be able to spy on him and on others. Maybe it works as a deterrent if he is concerned himself.
Also make him aware of the commercial risk of doing this: he might lose his entire user base if they find out. Play on his ego, surely he is too smart to take such a risk?
I'm adding this answer because you explicitly ask for a diplomatic solution. Simply quitting or paper trailing is not necessarily diplomatic.
New contributor
edited 9 hours ago
New contributor
answered 9 hours ago
don.joeydon.joey
1114
1114
New contributor
New contributor
add a comment |
add a comment |
I would like to approach a resolution to this issue in a slightly different way. The question was specifically:
How to be diplomatic in refusing to write code that breaches the privacy of our users
There are two ways to approach this:
- Refuse to write the code
- Make the case that this feature will negatively impact the project vision and you feel responsibility to steadfastly object to anything that will derail the project success
They both result in the same thing -- a refusal to implement the feature -- but the latter approach roots the refusal in the general desire for the app and business success, rather than for the users privacy. User privacy is a means to application success, but vise versa is not necessarily true.
To do this I would:
- Seek to establish common ground and good intent
- Ground any justifications in risks that I deem are important for the CEO
- Be enthusiastic about the project and the company, but steadfast in the refusal to implement
i.e. "I am really sorry but I cannot continue with this as it stands."
For example:
Dear ${CEO},
I am a member of the software development team working on ${APP}. I am passionate about ${STATED_APPS_PURPOSE} and have enjoyed working on ${PREVIOUS_NON_CREEPY_THINGS}.
However, I recently learned of this new feature that will require the recording of users at all times through their camera. While I understand the benefits of this feature, including:
- ${CREEPY_BENEFIT_A}
- ${CREEPY_BENEFIT_B}
- ${INVESTORS_HAPPY_C}
I feel compelled to note that this new feature deviates significantly from ${STATED_APPS_PURPOSE}. It may be that I have misunderstood the nature of the requirements from this feature, but as the feature has been requested I see significant new project risks introduced, including:
- User backlash at discovering the unexpected behaviour of the application
- Potential violations of users privacy law ${EXAMPLE} in Manilla and within other locales
- Punitive damages associated with the aforementioned violations of law
It is my assessment that this feature has deviated enough from ${STATED_APPS_PURPOSE} that I no longer feel comfortable with the tradeoffs the application has made, and I am thus not a suitable candidate for the ongoing development of this application.
I am reaching out to you now such that I may understand more the nature of this feature to clarify whether it should be implemented as stated, or whether our project would better grow in other areas.
Kind regards,
${YOU}.
Couching a justification in moral grounds that we know and understand are different from our own is an uncomfortable process. However, while it might be easier if our friends and colleagues shared our own values we each arrived in each others company via a different path and arguing a point to a given audience will be much more successful at homogenising the practical outcomes of our values, if not their roots.
New contributor
add a comment |
I would like to approach a resolution to this issue in a slightly different way. The question was specifically:
How to be diplomatic in refusing to write code that breaches the privacy of our users
There are two ways to approach this:
- Refuse to write the code
- Make the case that this feature will negatively impact the project vision and you feel responsibility to steadfastly object to anything that will derail the project success
They both result in the same thing -- a refusal to implement the feature -- but the latter approach roots the refusal in the general desire for the app and business success, rather than for the users privacy. User privacy is a means to application success, but vise versa is not necessarily true.
To do this I would:
- Seek to establish common ground and good intent
- Ground any justifications in risks that I deem are important for the CEO
- Be enthusiastic about the project and the company, but steadfast in the refusal to implement
i.e. "I am really sorry but I cannot continue with this as it stands."
For example:
Dear ${CEO},
I am a member of the software development team working on ${APP}. I am passionate about ${STATED_APPS_PURPOSE} and have enjoyed working on ${PREVIOUS_NON_CREEPY_THINGS}.
However, I recently learned of this new feature that will require the recording of users at all times through their camera. While I understand the benefits of this feature, including:
- ${CREEPY_BENEFIT_A}
- ${CREEPY_BENEFIT_B}
- ${INVESTORS_HAPPY_C}
I feel compelled to note that this new feature deviates significantly from ${STATED_APPS_PURPOSE}. It may be that I have misunderstood the nature of the requirements from this feature, but as the feature has been requested I see significant new project risks introduced, including:
- User backlash at discovering the unexpected behaviour of the application
- Potential violations of users privacy law ${EXAMPLE} in Manilla and within other locales
- Punitive damages associated with the aforementioned violations of law
It is my assessment that this feature has deviated enough from ${STATED_APPS_PURPOSE} that I no longer feel comfortable with the tradeoffs the application has made, and I am thus not a suitable candidate for the ongoing development of this application.
I am reaching out to you now such that I may understand more the nature of this feature to clarify whether it should be implemented as stated, or whether our project would better grow in other areas.
Kind regards,
${YOU}.
Couching a justification in moral grounds that we know and understand are different from our own is an uncomfortable process. However, while it might be easier if our friends and colleagues shared our own values we each arrived in each others company via a different path and arguing a point to a given audience will be much more successful at homogenising the practical outcomes of our values, if not their roots.
New contributor
add a comment |
I would like to approach a resolution to this issue in a slightly different way. The question was specifically:
How to be diplomatic in refusing to write code that breaches the privacy of our users
There are two ways to approach this:
- Refuse to write the code
- Make the case that this feature will negatively impact the project vision and you feel responsibility to steadfastly object to anything that will derail the project success
They both result in the same thing -- a refusal to implement the feature -- but the latter approach roots the refusal in the general desire for the app and business success, rather than for the users privacy. User privacy is a means to application success, but vise versa is not necessarily true.
To do this I would:
- Seek to establish common ground and good intent
- Ground any justifications in risks that I deem are important for the CEO
- Be enthusiastic about the project and the company, but steadfast in the refusal to implement
i.e. "I am really sorry but I cannot continue with this as it stands."
For example:
Dear ${CEO},
I am a member of the software development team working on ${APP}. I am passionate about ${STATED_APPS_PURPOSE} and have enjoyed working on ${PREVIOUS_NON_CREEPY_THINGS}.
However, I recently learned of this new feature that will require the recording of users at all times through their camera. While I understand the benefits of this feature, including:
- ${CREEPY_BENEFIT_A}
- ${CREEPY_BENEFIT_B}
- ${INVESTORS_HAPPY_C}
I feel compelled to note that this new feature deviates significantly from ${STATED_APPS_PURPOSE}. It may be that I have misunderstood the nature of the requirements from this feature, but as the feature has been requested I see significant new project risks introduced, including:
- User backlash at discovering the unexpected behaviour of the application
- Potential violations of users privacy law ${EXAMPLE} in Manilla and within other locales
- Punitive damages associated with the aforementioned violations of law
It is my assessment that this feature has deviated enough from ${STATED_APPS_PURPOSE} that I no longer feel comfortable with the tradeoffs the application has made, and I am thus not a suitable candidate for the ongoing development of this application.
I am reaching out to you now such that I may understand more the nature of this feature to clarify whether it should be implemented as stated, or whether our project would better grow in other areas.
Kind regards,
${YOU}.
Couching a justification in moral grounds that we know and understand are different from our own is an uncomfortable process. However, while it might be easier if our friends and colleagues shared our own values we each arrived in each others company via a different path and arguing a point to a given audience will be much more successful at homogenising the practical outcomes of our values, if not their roots.
New contributor
I would like to approach a resolution to this issue in a slightly different way. The question was specifically:
How to be diplomatic in refusing to write code that breaches the privacy of our users
There are two ways to approach this:
- Refuse to write the code
- Make the case that this feature will negatively impact the project vision and you feel responsibility to steadfastly object to anything that will derail the project success
They both result in the same thing -- a refusal to implement the feature -- but the latter approach roots the refusal in the general desire for the app and business success, rather than for the users privacy. User privacy is a means to application success, but vise versa is not necessarily true.
To do this I would:
- Seek to establish common ground and good intent
- Ground any justifications in risks that I deem are important for the CEO
- Be enthusiastic about the project and the company, but steadfast in the refusal to implement
i.e. "I am really sorry but I cannot continue with this as it stands."
For example:
Dear ${CEO},
I am a member of the software development team working on ${APP}. I am passionate about ${STATED_APPS_PURPOSE} and have enjoyed working on ${PREVIOUS_NON_CREEPY_THINGS}.
However, I recently learned of this new feature that will require the recording of users at all times through their camera. While I understand the benefits of this feature, including:
- ${CREEPY_BENEFIT_A}
- ${CREEPY_BENEFIT_B}
- ${INVESTORS_HAPPY_C}
I feel compelled to note that this new feature deviates significantly from ${STATED_APPS_PURPOSE}. It may be that I have misunderstood the nature of the requirements from this feature, but as the feature has been requested I see significant new project risks introduced, including:
- User backlash at discovering the unexpected behaviour of the application
- Potential violations of users privacy law ${EXAMPLE} in Manilla and within other locales
- Punitive damages associated with the aforementioned violations of law
It is my assessment that this feature has deviated enough from ${STATED_APPS_PURPOSE} that I no longer feel comfortable with the tradeoffs the application has made, and I am thus not a suitable candidate for the ongoing development of this application.
I am reaching out to you now such that I may understand more the nature of this feature to clarify whether it should be implemented as stated, or whether our project would better grow in other areas.
Kind regards,
${YOU}.
Couching a justification in moral grounds that we know and understand are different from our own is an uncomfortable process. However, while it might be easier if our friends and colleagues shared our own values we each arrived in each others company via a different path and arguing a point to a given audience will be much more successful at homogenising the practical outcomes of our values, if not their roots.
New contributor
New contributor
answered 4 hours ago
Andrew HowdenAndrew Howden
112
112
New contributor
New contributor
add a comment |
add a comment |
If I were in this situation, I would give the CEO 2 choices, either A he could stop this highly illegal (at least in the USA) project and everything else can go on as normal or B he can accept your letter of resignation and you will be getting a lawyer and reporting his activities to the proper authorities, whom can do what they need to do as soon as he releases this piece of software. It is expected that you may have to do things that you don't want to do for your job, but once the issue crosses the line to illegal, there is no longer any grey space. Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
New contributor
Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
- did you mean that you would or would not ruin your life for your job? :p
– rkeet
7 hours ago
add a comment |
If I were in this situation, I would give the CEO 2 choices, either A he could stop this highly illegal (at least in the USA) project and everything else can go on as normal or B he can accept your letter of resignation and you will be getting a lawyer and reporting his activities to the proper authorities, whom can do what they need to do as soon as he releases this piece of software. It is expected that you may have to do things that you don't want to do for your job, but once the issue crosses the line to illegal, there is no longer any grey space. Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
New contributor
Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
- did you mean that you would or would not ruin your life for your job? :p
– rkeet
7 hours ago
add a comment |
If I were in this situation, I would give the CEO 2 choices, either A he could stop this highly illegal (at least in the USA) project and everything else can go on as normal or B he can accept your letter of resignation and you will be getting a lawyer and reporting his activities to the proper authorities, whom can do what they need to do as soon as he releases this piece of software. It is expected that you may have to do things that you don't want to do for your job, but once the issue crosses the line to illegal, there is no longer any grey space. Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
New contributor
If I were in this situation, I would give the CEO 2 choices, either A he could stop this highly illegal (at least in the USA) project and everything else can go on as normal or B he can accept your letter of resignation and you will be getting a lawyer and reporting his activities to the proper authorities, whom can do what they need to do as soon as he releases this piece of software. It is expected that you may have to do things that you don't want to do for your job, but once the issue crosses the line to illegal, there is no longer any grey space. Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
New contributor
New contributor
answered 11 hours ago
dmoore1181dmoore1181
1012
1012
New contributor
New contributor
Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
- did you mean that you would or would not ruin your life for your job? :p
– rkeet
7 hours ago
add a comment |
Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
- did you mean that you would or would not ruin your life for your job? :p
– rkeet
7 hours ago
Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
- did you mean that you would or would not ruin your life for your job? :p– rkeet
7 hours ago
Personally my job is definitely worth ruining my life over by spending years in prison or in court battles.
- did you mean that you would or would not ruin your life for your job? :p– rkeet
7 hours ago
add a comment |
Your boss is ordering you to engage in crime. By proceeding, you will become their accomplice because you will be knowingly engaging in criminal activity.
So threaten to quit, but not because you dislike whatever but because they can't possibly pay you enough to compensate several years of your life spent in jail. (Or maybe they can? Provide this as an option -- they will surely refuse to pay such an astronomical sum but this will open their eyes on how inadequate their demands are to what they are paying you. (Note that income from illegal activity will probably be illegal, too, so more trouble for you and the company to conceal it!) The fact that they can't demand of you more than their pay is worth is something they can't argue with.)
Share the above with your co-workers and they will probably come to the same conclusion.
add a comment |
Your boss is ordering you to engage in crime. By proceeding, you will become their accomplice because you will be knowingly engaging in criminal activity.
So threaten to quit, but not because you dislike whatever but because they can't possibly pay you enough to compensate several years of your life spent in jail. (Or maybe they can? Provide this as an option -- they will surely refuse to pay such an astronomical sum but this will open their eyes on how inadequate their demands are to what they are paying you. (Note that income from illegal activity will probably be illegal, too, so more trouble for you and the company to conceal it!) The fact that they can't demand of you more than their pay is worth is something they can't argue with.)
Share the above with your co-workers and they will probably come to the same conclusion.
add a comment |
Your boss is ordering you to engage in crime. By proceeding, you will become their accomplice because you will be knowingly engaging in criminal activity.
So threaten to quit, but not because you dislike whatever but because they can't possibly pay you enough to compensate several years of your life spent in jail. (Or maybe they can? Provide this as an option -- they will surely refuse to pay such an astronomical sum but this will open their eyes on how inadequate their demands are to what they are paying you. (Note that income from illegal activity will probably be illegal, too, so more trouble for you and the company to conceal it!) The fact that they can't demand of you more than their pay is worth is something they can't argue with.)
Share the above with your co-workers and they will probably come to the same conclusion.
Your boss is ordering you to engage in crime. By proceeding, you will become their accomplice because you will be knowingly engaging in criminal activity.
So threaten to quit, but not because you dislike whatever but because they can't possibly pay you enough to compensate several years of your life spent in jail. (Or maybe they can? Provide this as an option -- they will surely refuse to pay such an astronomical sum but this will open their eyes on how inadequate their demands are to what they are paying you. (Note that income from illegal activity will probably be illegal, too, so more trouble for you and the company to conceal it!) The fact that they can't demand of you more than their pay is worth is something they can't argue with.)
Share the above with your co-workers and they will probably come to the same conclusion.
edited 9 hours ago
answered 9 hours ago
ivan_pozdeevivan_pozdeev
26619
26619
add a comment |
add a comment |
While IT is not as professionalised as many other occupations, there are still professional standards organisations which will provide advice and assistance in these situations. In your instance, you should contact the Philippine Computer Society and notify them you have been instructed to breach their Code of Ethics.
New contributor
As much as possible I want to solve this problem diplomatically with the CEO without having to insinuate any governing body or NGO that I am having this problem. I've been poring into the documents by the National Privacy Commission and so far it has been helpful.
– Jenny Tengson Mandani
1 hour ago
add a comment |
While IT is not as professionalised as many other occupations, there are still professional standards organisations which will provide advice and assistance in these situations. In your instance, you should contact the Philippine Computer Society and notify them you have been instructed to breach their Code of Ethics.
New contributor
As much as possible I want to solve this problem diplomatically with the CEO without having to insinuate any governing body or NGO that I am having this problem. I've been poring into the documents by the National Privacy Commission and so far it has been helpful.
– Jenny Tengson Mandani
1 hour ago
add a comment |
While IT is not as professionalised as many other occupations, there are still professional standards organisations which will provide advice and assistance in these situations. In your instance, you should contact the Philippine Computer Society and notify them you have been instructed to breach their Code of Ethics.
New contributor
While IT is not as professionalised as many other occupations, there are still professional standards organisations which will provide advice and assistance in these situations. In your instance, you should contact the Philippine Computer Society and notify them you have been instructed to breach their Code of Ethics.
New contributor
New contributor
answered 1 hour ago
Bardi HarborowBardi Harborow
1306
1306
New contributor
New contributor
As much as possible I want to solve this problem diplomatically with the CEO without having to insinuate any governing body or NGO that I am having this problem. I've been poring into the documents by the National Privacy Commission and so far it has been helpful.
– Jenny Tengson Mandani
1 hour ago
add a comment |
As much as possible I want to solve this problem diplomatically with the CEO without having to insinuate any governing body or NGO that I am having this problem. I've been poring into the documents by the National Privacy Commission and so far it has been helpful.
– Jenny Tengson Mandani
1 hour ago
As much as possible I want to solve this problem diplomatically with the CEO without having to insinuate any governing body or NGO that I am having this problem. I've been poring into the documents by the National Privacy Commission and so far it has been helpful.
– Jenny Tengson Mandani
1 hour ago
As much as possible I want to solve this problem diplomatically with the CEO without having to insinuate any governing body or NGO that I am having this problem. I've been poring into the documents by the National Privacy Commission and so far it has been helpful.
– Jenny Tengson Mandani
1 hour ago
add a comment |
Use your wits and technical superiority to defend yourself and take a stand against the moral corruption of the CEO. Clandestinely record a video of him giving the team instructions to break the law. Edit the video to remove your PII and blur the faces and the voices of the innocent. Retain this recording as a safeguard that you can release to the police, press, and social media at a moments notice. Find another job and never tip your hand and reveal that you have this evidence to anyone unless you need to release it. If you do need to release it, do so anonymously.
New contributor
18
Not going to upvote because what you suggest is illegal and and dangerous, but I can't bring myself to downvote either because it's hilarious.
– Ruther Rendommeleigh
14 hours ago
5
Depending on the jurisdiction this can bring gigantic problems to the OP.
– GustavoMP
14 hours ago
3
When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action.
– Kierkegaardee
14 hours ago
7
Oh, the irony...
– Alexandre Aubrey
14 hours ago
5
"When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action." Aaaaaaand that's how dictatorships are born. You can't save paradise by destroying it. (Sometimes that means we lose!)
– Lightness Races in Orbit
12 hours ago
|
show 5 more comments
Use your wits and technical superiority to defend yourself and take a stand against the moral corruption of the CEO. Clandestinely record a video of him giving the team instructions to break the law. Edit the video to remove your PII and blur the faces and the voices of the innocent. Retain this recording as a safeguard that you can release to the police, press, and social media at a moments notice. Find another job and never tip your hand and reveal that you have this evidence to anyone unless you need to release it. If you do need to release it, do so anonymously.
New contributor
18
Not going to upvote because what you suggest is illegal and and dangerous, but I can't bring myself to downvote either because it's hilarious.
– Ruther Rendommeleigh
14 hours ago
5
Depending on the jurisdiction this can bring gigantic problems to the OP.
– GustavoMP
14 hours ago
3
When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action.
– Kierkegaardee
14 hours ago
7
Oh, the irony...
– Alexandre Aubrey
14 hours ago
5
"When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action." Aaaaaaand that's how dictatorships are born. You can't save paradise by destroying it. (Sometimes that means we lose!)
– Lightness Races in Orbit
12 hours ago
|
show 5 more comments
Use your wits and technical superiority to defend yourself and take a stand against the moral corruption of the CEO. Clandestinely record a video of him giving the team instructions to break the law. Edit the video to remove your PII and blur the faces and the voices of the innocent. Retain this recording as a safeguard that you can release to the police, press, and social media at a moments notice. Find another job and never tip your hand and reveal that you have this evidence to anyone unless you need to release it. If you do need to release it, do so anonymously.
New contributor
Use your wits and technical superiority to defend yourself and take a stand against the moral corruption of the CEO. Clandestinely record a video of him giving the team instructions to break the law. Edit the video to remove your PII and blur the faces and the voices of the innocent. Retain this recording as a safeguard that you can release to the police, press, and social media at a moments notice. Find another job and never tip your hand and reveal that you have this evidence to anyone unless you need to release it. If you do need to release it, do so anonymously.
New contributor
New contributor
answered 14 hours ago
KierkegaardeeKierkegaardee
452
452
New contributor
New contributor
18
Not going to upvote because what you suggest is illegal and and dangerous, but I can't bring myself to downvote either because it's hilarious.
– Ruther Rendommeleigh
14 hours ago
5
Depending on the jurisdiction this can bring gigantic problems to the OP.
– GustavoMP
14 hours ago
3
When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action.
– Kierkegaardee
14 hours ago
7
Oh, the irony...
– Alexandre Aubrey
14 hours ago
5
"When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action." Aaaaaaand that's how dictatorships are born. You can't save paradise by destroying it. (Sometimes that means we lose!)
– Lightness Races in Orbit
12 hours ago
|
show 5 more comments
18
Not going to upvote because what you suggest is illegal and and dangerous, but I can't bring myself to downvote either because it's hilarious.
– Ruther Rendommeleigh
14 hours ago
5
Depending on the jurisdiction this can bring gigantic problems to the OP.
– GustavoMP
14 hours ago
3
When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action.
– Kierkegaardee
14 hours ago
7
Oh, the irony...
– Alexandre Aubrey
14 hours ago
5
"When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action." Aaaaaaand that's how dictatorships are born. You can't save paradise by destroying it. (Sometimes that means we lose!)
– Lightness Races in Orbit
12 hours ago
18
18
Not going to upvote because what you suggest is illegal and and dangerous, but I can't bring myself to downvote either because it's hilarious.
– Ruther Rendommeleigh
14 hours ago
Not going to upvote because what you suggest is illegal and and dangerous, but I can't bring myself to downvote either because it's hilarious.
– Ruther Rendommeleigh
14 hours ago
5
5
Depending on the jurisdiction this can bring gigantic problems to the OP.
– GustavoMP
14 hours ago
Depending on the jurisdiction this can bring gigantic problems to the OP.
– GustavoMP
14 hours ago
3
3
When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action.
– Kierkegaardee
14 hours ago
When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action.
– Kierkegaardee
14 hours ago
7
7
Oh, the irony...
– Alexandre Aubrey
14 hours ago
Oh, the irony...
– Alexandre Aubrey
14 hours ago
5
5
"When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action." Aaaaaaand that's how dictatorships are born. You can't save paradise by destroying it. (Sometimes that means we lose!)
– Lightness Races in Orbit
12 hours ago
"When facing an adversary that seeks to destroy the fabric of society, it is necessary to take extreme action." Aaaaaaand that's how dictatorships are born. You can't save paradise by destroying it. (Sometimes that means we lose!)
– Lightness Races in Orbit
12 hours ago
|
show 5 more comments
protected by Community♦ 4 hours ago
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
92
Probably illegal in EU due to GDPR. Change companies, this one will go under when the CEO is in jail.
– Matthieu Brucher
17 hours ago
23
Is there a data protection or consumer protection agency or equivalent in your country? Could you make an anonymous complaint to them? Also, I hope your username isn't your real name.
– user1666620
16 hours ago
25
It should be taken into account that on Android's next version (Android Q) apps won't be allowed to record video or audio when not in the foreground, as can be seen here: theverge.com/2018/3/7/17091104/…
– GustavoMP
15 hours ago
27
I'm curious what the current purpose of the app is if "user safety and giving cops leverage" can fall into scope.
– Mr.Mindor
15 hours ago
8
This has striking similarities to Volkswagon's emission scandal. Yes, the CEO lost his job, but throughout, the company deflected and scapegoated the engineers who were, "just following orders". That's not really a good position to be in.
– fbueckert
13 hours ago