In my last column, i asked readers to send me the ethical dilemmas with which they have to grapple in their roles as corporate IT managers: be it a gap between corporate policy and practice or ticklish situations regarding data privacy, software piracy or security.
This week, were looking at a dilemma that affects IT consultants: Namely, consultants sometimes end up bridging the relationship between clients and various third parties. One reader asks: What should a consultant do when he smells a rat in one of those relationships?
Q. A client of mine asked me to help him get his customer database to a third-party service provider. However, Im hesitant, since the terms of the service providers contract (regarding privacy, use of data and so forth) seem to be more than a distant cousin to what its Web site says. In addition, the contract essentially states that my client will hold the service provider harmless from any third-party suits resulting from the use of the service. I worry that the service provider could resell my clients data (perhaps even to competitors) and my client will end up with lost, irate or litigious customers.
A. As IT professionals, we must treat data as the asset it is and be fully aware of whats being done with it. This is especially true when the data contains individualized information about the people (that is, our customers) who entrusted it to us.
Of course, you could just do the coding you were hired to do and take comfort in knowing that you didnt do anything wrong. But just "doing your job" could be a disservice to your client and harm your relationship with that client.
The right thing to do, especially if youre interested in a long-term relationship, would be to express your concerns—loud and clear. Share your knowledge about how sensitive the issue of data privacy is. Your client may not think of his customer data as anything more than just another computer file. You can help him to understand that any plans to get value from this data may backfire if his customers are upset by how it is used. Your client may go ahead with his plans, change his plans, negotiate better contract terms or ask his customers for permission to share the data.
If it seems your client doesnt treat his customers data responsibly, you may want to pass on the assignment. After all, if his customers cant trust him, why should you?