Wow. I got a lot of responses for the database and ethics questions and discussion posts. A lot of people asked me to expound more on those questions and what they meant. More importantly, what were the answers? Does having information inherently justify it’s use?  Who owns the data? “Mr. Grillo, what portions of the business are just common employee knowledge vs. trade secrets”?  I can’t answer all of these. I don’t know you, your data or your business as well as you do. Though I would certainly be willing to consult onsite and take your money.  In reality, these are hard data questions that have no easy answers. They are ultimately found by yourself. Though I am happy to advise.


So here is an essay I wrote in one class on the subject. I hope my dear readers find it enlightening.



John Grillo





Last term, I took CIS-244 at PCC, which is a class focusing on the Software Development Life Cycle and business needs. It is formally called “Systems Analysis.” In this class, there were discussion questions involving security breaches and more importantly, was there any ethical concerns or considerations involving the implementation and use of this data. I mention them because I feel they answer this essay nearly perfectly. The two questions in the professor’s prompt and the corresponding answers to them were as follows.


  1. Are there ethical issues to consider when planning a database? For example, should sensitive personal data (such as medical information) be stored in the same DBMS that manages employee salary and benefits data? Why or why not?


Are there ethical issues when planning a database? No, of course not. Only legal ones. And of course, there should be special care taken for toxic assets like social security numbers. I, however, do not subscribe to this worldview.

As technology advances, there are about five major issues that concern people as they deal with my fellow technologists: Privacy, Ownership, Control, Accuracy, and Security. And there are typically more questions than answers. Thankfully my many talks with Janaka Jayawardena of PSU’s Computer Action Team, and Dr. Warren Harrison of Portland State University on occasion have given me some insight. In essence, they come down to 10 questions about five issues.


#1: PRIVACY: Does information’s availability justify its use?

#2: PRIVACY: How much effort and expense should managers incur in considering questions of data access and privacy?

#3: OWNERSHIP: What can employers expect from employees with regard to nondisclosure when going to work for another firm?

#4: OWNERSHIP: What part of an information asset belongs to an

organization and what is simply part of an employee’s general knowledge?

#5: CONTROL: Do employees know the degree to which behavior is monitored?

#6: CONTROL: Does data gathered violate employee privacy rights?

#7: ACCURACY: Is accuracy an explicit part of someone’s responsibility?

#8: ACCURACY: Have the implications of potential error been anticipated?

#9: SECURITY: Have systems been reviewed for the most likely sources of security breach?

#10: SECURITY: What’s the liability exposure of managers and the organization?


In regards to the prompt above, the short answer is it can, but that doesn’t mean that it should. The ease of access and security of the database is more important. Since SQL databases are great for building relationships for say, employees, their pay rates and benefits, this would make sense to have is somewhat accessible, but not easily accessible. As long as it is secure, then there shouldn’t be a problem. So I can see how keeping these things permanently separated could be in the best interest of those involved.

I have redacted my answers to the ten questions above as they will not be the same as your answers, for your data, in your organization.

However, I feel I should mention a particular PSU professor. Ellen Lippman teaches about the Account of Aushwitz Trial.

“One of the things I’ve created is a case that I present a financial statement to the students. And I ask them to analyze this financial statement. And to them it looks great. And I say OK, you know, how are the assumptions? Do the assumptions look good?”

Lippman says they’re horrified when they discover that it’s a statement from a Nazi work camp.

“They begin to realize that they’re not just presenters of information. They have to think about how that information is being used.”


  1. Information technology has advanced dramatically in recent years. At the same time, enormous changes in the business world have occurred as companies reflect global competition and more pressure for quality, speed, and customer service. Did the new technology inspire the business changes, or was it the other way around? Respond in at least 250 words.


I think that the new technology is driving the business climate to a slightly greater expense, simply because of the emphasis on “Big Data” that seems to be going about. People want to sell new electronic devices and accessories, sure, but looking at the many sources of data, we see how many of the ethical problems could lead to profit if ethics and morals are tossed aside. Many companies would pay big money to be able to precisely target their demographics and banks would love to be able to know how trustworthy and reliable a potential debtor. I believe that even 10 years ago, big credit card companies assembled a profile of the most credit-worthy person in Canada, what bar made someone more trustworthy (or rather, what bar more trustworthy people were more likely to go to) and what bar in Canada made people the least trustworthy (in terms of paying off their credit card bills and loans; I am unable to find the exact article at this time).

Whether or not it may be ethical to use such data is one thing, but does that mean that anyone should as a matter of accuracy, as per the above? Such data describes how things are, but not how things change. Moreover, acting upon such data in the manner one would assume would be want to do, it would make change impossible. Enter our current job market, which is such that if someone has a poor credit rating because they lost their job and thus fell behind on their bills and damaged their credit rating will now have said damaged credit rating used against them to keep them from obtaining a living-wage job, thus being unable to ever crawl out from a downward spiral.

Such people would be completely locked into their current station in life…which means the loss of millions of potential customers and profits. It’s the difference between long-term investments a la Warren Buffet or short-term rapid trades, like most modern wall street firms. Enhancements vs. exploitation and in comparison, enhancement and nurturing is the better goal. Though not everyone agrees with my position.

In this article (linked again in the Sources section), it details how the credit card industry was transformed by “math wizzes” who took the data specifically to goad people into taking on more debt than they could handle. It was straightforward: People who didn’t pay off their debts were more likely to generate money, so cards were issued to as many as possible. The article details how emotions were tested and sorted and studied statistically to see if immigrants were more likely to pay off their bills, etc. and noted that 2002 was a breakthrough year when one company decided to sort and analyze all data in just one year. They “discovered that the brands we buy are the windows into our souls — or at least into our willingness to make good on our debts.”

Richard Stallman wrote about the digital handcuffs that people would soon experience. I believe that such knowledge is riff for exploitation rather than enhancement. And in advertising and negotiation, it’s a well-known axiom that the secret to dealing with people is knowing what they want. It’s much easier if you can manufacture that want, which is made easy if one has every bit of data on an available subject or group of subjects. And with knowledge comes the power to subvert, seduce and corrupt.

So there is a hunger for data that is easily made accessible, gathered and transformed via technology that quite simply didn’t exist before. And in the USA, credit cards’ use decidedly more primitive security technologies than their counterparts in the rest of the world. In fact, it’s a decade behind!

In the 30’s and 40’s, there was census data, sure, but the only way to gather it all was by hand. And it still took nearly 70 years before the information was released to the public. New technology made the business changes possible.






  10. Richard Stallman, “Free Software, Free Society,” 2nd edition.