Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: What is the most unethical thing you've done as a programmer?
432 points by 88e282102ae2e5b on Aug 5, 2018 | hide | past | favorite | 494 comments
There was an article a while back about how cell service providers were selling extremely granular location data, and some of the programmers working on those systems immediately showed up on HN to comment on their moral dilemma. I suspect it's not an isolated case.

I created software that was used by call center agents to bid on “bathroom” break time slots and kept track of who was on break and actively punished those who didn’t follow the rules. It rewarded those that had higher performance and who took less breaks with higher priority. If an agent didn’t come back from their break a security guard would automatically be dispatched to find them. For the same company I also made software that reduced the same call agents to numbers and effectively automated the layoff/termination process. It would contact security with orders to have people escorted out, and had a sinister double verification process that would check to verify the agent was actually fired, or else the responsible security guard would be punished via the same point system. Everything was done via e-mail and would come from “System” and at the time used fancy HTML e-mail templates that looked official. I would frequently hear people talk about how they received a “System e-mail” with a chill in their voice, not knowing I was the one responsible. People who I ate lunch with sometimes didn’t even really know. Embedded in each e-mail was a count-down timer to create a sense of urgency to do whatever was being asked before a “punishment” was applied.

After an agent had been terminated, their punishment points would decay over time until such a time they reached zero (or another configurable threshold depending on how desperate the company was for warm bodies), at which time they would be sent an e-mail to their personal e-mail (which was collected during the application process), inviting them to “re-apply”. Being an early telephony company we also would send them a robo-call with the “good news”. This process was known as a “life-cycle” and it was common in certain labor markets for employees to have many such lifecycles. Another way employees could stave off automated termination was to work for unpaid overtime, which offered to reduce their point values per unit of overtime worked. Everything was tracked to second granularity thanks to deep integration with phone switches and the adoption of the open source Asterisk CTI.

This orwellian automation terrorized the poor employees who worked there for years, long after I left, before it was finally shut down by court order. I had designed it as a plug-in architecture and when it was shut down there were many additional features, orders, and punishment_types.

hmmmm, you and I need to have a little talk...

Edit: Since I am getting downvoted, I will just add context -> https://idiallo.com/blog/when-a-machine-fired-me

I was on the other end of a similar system.

So your the one behind that story! Thanks for taking the time to write it I have always loved that story.

I thought parent post was a clever reference to your post. On the other hand, somebody has to make these systems of course.

I read your post the other day and would definitely link it here if you hadn't done it already. The other side of the story xD

I have to ask, why did you choose to take the contract? Financial pressures? Or did you not feel that such a system is morally reprehensible?

Personally while I'm opposed to programmer certification, systems like these certainly make me wish such a thing existed.

I was just starting out in my career and was more pre-occupied with the task at hand to have enough mental headspace to contemplate the full picture of what was happening. The system itself was designed by traditional software means: trial and error, trying to see what worked and didn’t, usually trying to maximize some KPI at the company. There was also the thought that punishment and reward should be applied fairly and be “data driven”; take the bias and human factor out of decisions and implement performance management in a predicable, deterministic and transparent way.

The problems arose when people realized that the same controls and abilities to instill this equity and “fairness” provided the platform to enable wide scale exploitation in the other direction. Want more profit? Change a variable that was a single number whose action would cause great stress for many people, but would produce a desired result. The goals and metrics would always start out resonable but eventually would cross a certain point, and once they did, there was no going back to the way things were.

Draw your own conclusions to the similarities in this system to our modern day technical web triumphs.

It's really depressing how capitalism has taken automation and data and bastardized it into a toxic weapon.

Personally, as both a writer and a programmer, I often consider implementing the systems that I’ve written dystopian fiction about. Not to create a dystopia, but for the same reason I write: to point one out, such that people can get incensed, laws can be made, etc.

To put this another way: the most efficient way we could have possibly found to get the use of nuclear arms in war globally banned, was to have someone use one. The Cold War would have been far riskier if the world hadn’t seen Hiroshima and Nagasaki—it would have been a stand-off to the use of weapons we would have as-yet had no understanding of the consequences of using. It probably would have ended with the use of hundreds of bombs, rather than just two.

It’s sort of the moral equivalent of a “work to rule” strike: the best way to get through the lesson that something is bad, is to stop pushing back against it and just let it happen for once.

You’re actually suggesting being a sociopath is a good thing because it’ll make all the bad ideas eventually die by us trying them. This is simply not true, we have to make bad ideas die by reason and logic, before we do too much harm.

I suppose doubling down of fossil fuels and burning of rainforest is great, we’ll just have to adapt quicker to the super extreme weather. But we can adapt with more aircon! Yay!

Maybe we are just monkeys who can’t actually learn from things that we haven’t experienced but then we’ll be replaced by nature any day now. I’d rather learn things the easy way, if at all possible.

This is an extremely uncharitable reading. Infosec is a field rife with kneejerk dismissals until people actually see the exploitation in action. How long has the (ethical) tech community been warning people about the NSA and Faceboot, until Snowden and Cambridge Analytica actually happened?

Infosec is totally different because it’s exposing problems people have already created in a standard way. This is using technology for maliciousness in the first place. Try telling to those people who were abused by that system they were just collateral damage in a bigger plan.

> You’re actually suggesting being a sociopath is a good thing because it’ll make all the bad ideas eventually die by us trying them.

Being a sociopath could be considered as a person's life choice, but it's not something to be considered bad. It's merely a medical condition.

I think there's merit to his argument. People really are very stupid, especially in groups. Maybe you're smart enough to realize that burning rainforests and doubling down on fossil fuels is a stupid strategy, but there is no shortage of people in the US, who actually have an education no less (unlike many people in developing nations where the rainforests are being burned), who really think we can't hurt the environment and laws to protect the environment are wrong. In fact, there's probably a bunch of them right here on this site; they usually call themselves "libertarians", and will scream about "private property rights" in regards to this issue.

It'd be nice if humanity was smart enough and empathetic enough to avoid the horrible mistakes we've made, but we're really not.

A bit of a take on Cunningham's Law. Implementing the wrong answer as a means of others reaching the right one.

More of like an empty self-serviing justification for great evil against your fellow humans, if such you can still be considered.

Ironically this is sort of why I supported the 'Bernie or Bust' movement, I felt in order for us to get a social democratic leader, we needed Trump to ruin things and push us more towards a dystopia. I'm in utah anyhow, so red state doesn't matter, but as a principle it still mattered to me.

Not trying to hijack and turn things political here, but it was just an observation. Sometimes you need some chaos to bring about change for the good...sometimes the thing we fear most is what we NEED to happen in order for those in power to pivot and change their ways.

Ironically, there's currently a post on HN frontpage about malevolent personality traits: https://news.ycombinator.com/item?id=17685733

I would file this under 3. Moral Disengagement - A generalized cognitive orientation to the world that differentiates individuals' thinking in a way that powerfully affects unethical behavior.

There will always be someone who can find a moral reason that such systems need to exist. Engineers build weapons, after all.

But see, I can understand weapons building. The motivation is protective towards one's society, and that is the intended result, even if that might not be the actual case.

Whereas the intention of building an oppressive system such as the one described above is, what, selfishness? Laziness? Programmers, because of the high-demand nature of our role, do not tend to be subject to the usual financial pressures that other communities are. I'm not sure what would motivate someone to build such a system as opposed to walking and finding a better job offer.

>But see, I can understand weapons building. The motivation is protective towards one's society, and that is the intended result, even if that might not be the actual case.

Not really.

If you work for Raytheon, you are supporting a company that sells arms to the following countries: https://www.raytheon.com/ourcompany/global

Northrop Grumman have a list of their worldwide presence here: https://www.northropgrumman.com/AboutUs/OurGlobalPresence/Pa...

If you work for a defense contractor, you are not 'protecting your society' - that's not even the intent. The intent is to make money by selling tools designed to kill other human beings.

Not saying this was likely, but one potential reason could be a kind of selfless penny-pinching.

Say you have a call center run as a co-op. You’ve got workers and HR people. Both the workers and HR people are shareholders. If you can eliminate the HR people, then the workers can each have a larger proportionate share for the same work. Automating HR eliminates the HR people.

Automating a job is one thing. Some people may consider it unethical. But it is going to happen. But writing coffee to terrorize people is something else.

Is Uber so different?

> But see, I can understand weapons building.

This is my point.

Eventually someone will come in and say the system in the OP was necessary for the company to stay afloat, pay its employees or retain value for its retired shareholders.

There is a difference between defending your nation and defending your country. But in this particular case, some of the things described are actually illegal. While building a weapon is not necessarily illegal. Ignoring the ethical implications.

There is not really all that much difference. Weapons are used to terrorise and murder people. What this person wrote will give some humans stress but it will never cause physical harm.

That you think one is justified and the other is not has very little to do with their relative harm, which is by no means a solved problem or a given. It has to do with your view of it, and those views will differ between different people.

It enables cooperation. Human nature is such that it's hard to keep working hard when others slack, you feel taken advantage of and a fool. This way, you know everyone's doing their part.

It creates jobs. A lot of people don't have the self-control to keep from taking longer and longer breaks, either costing the company money or getting fired. Some jobs pay more to hire people that do have this self-control, but there are only so many of those people. This creates a business model that works when supplied only with the lazier employees who are left.

Another system like this is the timeclock. It's a tyrant and getting out of bed on time every morning is the hardest thing I've ever had to do, but there's just no way to run a factory without it.

I’ve always looked at these systems as “if someone else built this, it would be worse.” Doesn’t the same moral conundrum exist anytime you build a system that dehumanizes people for profit. Ad networks? Drug trials?

Ad networks - people can just disconnect or look away if they like.

Drug trials have benefit to society.

I would argue that creating a system to fire people in an automated fashion when they take too many bathroom breaks like this is morally worse than both of those systems you mentioned.

There will also always be someone else to do the work if you don't. Some people just like to eat.

Just because someone is willing to, say, torture a rat, I should be the one to do it? That's a non-sequitur.

I feel this is akin to strawman logic.

However using that as an example, there are people who work as vermin exterminators, or people who work in labs that have to euthanise lab mice. They probably don't enjoy it, but when there's a need for something you'll find someone to do it.

It's not a straw-man, because it's using your literal point. I can't get any closer to your argument than that.

> However using that as an example, there are people who work as vermin exterminators, or people who work in labs that have to euthanise lab mice. They probably don't enjoy it, but when there's a need for something you'll find someone to do it.

Yes, but that does not serve as a reason why I should be the one to do it (instead of them), that only postulates that there are other people out there to do it, which is an irrelevant point.

Woah. That's just scary. Also: didn't know about the whole "life-cycle" thing before, is such re-use and re-termination of workers common in this industry?

I often say that telemarketing should be considered a less honourable occupation than prostitution (in the latter case, you have two people voluntarily exchanging value; in the former case, you have one person trying to scam the other). Now I'm beginning to suspect it also has worse working conditions.

Since you mentioned it in this thread, you clearly are aware that such a system is morally "challenged". How did you rationalize it to yourself? Was it something that started innocuous and evolved to become worse, or were you aware of how insidious it was from the start?

There's a decent (fictional) short story about systems like this: http://marshallbrain.com/manna1.htm

This isn't fiction anymore. Amazon uses systems essentially identical to this to manage their warehouse "pickers". Their performance is continuously tracked and they're retained or terminated based on those performance metrics.

That looks pale in comparison to the Chinese employee tracking app Dingding. And it's becoming crazy popular.

Your employer's mistake was working in the call center business, they should've sold your system instead.

This totally sounds like 'Manna' the book by the creator of HowStuffWorks.

Isn't some of this illegal? Wishing OT for free sounds illegal. Some of the other items may also be illegal... Perhaps that is why it was shut down

Unpaid overtime is standard in nearly all salaried industries, unless you are getting paid by the the hour in the first place

So basically it was inevitable that everyone who was hired would be fired by your robot?

First i thought that this is scary but I've had many friends who told me that they they play games all day at their office and once boss called them in their cabin and they expected to be laid off but were given a small raise instead.

"I take lots of cigarette and bathroom breaks to fix my makeup/hair and Snapchat my friends. I can't see myself working hard. I am not a sheep". Those are the exact words.

This is a scene from a government organization in Romania.

Now, i am in the US and I've not witnessed it here but here i am in executive role so i hangout with different people.

I asked them why not do your job properly? They answered, if they are going to do their job then they'll most likely receive a promotion, raise and more responsibilities come with it. For them more money = more problem.

They told me that for them money does not matter and all they want is experiencing different cultures, traveling etc... and work has no place in it.

This is something I had never heard before!

They somehow managed to rationalize not performing their jobs.

I can relate. I work in the US by the way.

I don't slack off, but I feel like there's a position as a Software Engineer past which I wouldn't want to be promoted. I see folks in the higher levels and the stuff they have to deal with has zero appeal to me. My salary and bonus at my current level are already more than enough to sustain my lifestyle and save plenty for retirement - I don't need more.

A lot of people are attracted to the idea of "getting more responsibility", and they like the prestige/visibility that comes with a fancy (e.g. "Principal" or "Staff") title. Me, I just want to put in my hours solving problems and go home do something else.

Not sure why you're acting like that's a bad thing. The idea we should live to work 40+ hour weeks isn't a good thing.

This is a I believe a common sentiment in post-communist countries, esp. for anyone working for the state/city/municipality. It's normal for people to take a one or two hour break to go shop for groceries, or even leave at noon if they don't feel like working longer. There is even a common saying in ex-yu countries: “They can never pay me so little that I can't do even less work.” (sorry for the bad translation).

This is honestly the most horrifying post in this thread.

Why would you consider such a system unethical? As a customer constantly annoyed by laziness and incompetence of the low-level support employees, I can only thank you for working on such system.

Not a programmer at the time, but a system administrator. I won't mention the company. This was 2011-2012 -ish.

We hosted dedicated servers and most of the time, they were mostly Plesk or cPanel servers run by people selling email and or web hosting to hundreds of clients from a single server.

This one time a client joins the network, buys a server from us, and migrates from Rackspace. We wondered why he'd move from Rackspace given they were better than us, and it turns he was kicked off of their network because he basically submitted tens of support tickets daily asking for all kinds of optimisations, improvements, and silly stuff not covered by the support contract. Rackspace had decided he wasn't worth it and booted him.

We ended up with him and boy was he a pain in the backside. Anyway...

Long story short, he cost us more in engineering time than he paid us and this irritated the owner of our business. The owner had my team leader find someone on his team willing to do the following: dump the guy's Plesk database containing all of his customers and make a copy of it on our network. I took on the task and was told it was simply a backup. I was young and didn't really think things through. I feel bad about it now because...

The customer was booted from the network a month later and all of his customers were offered free email and or web hosting for the year, including migrating them over to our network... the owner absolutely annihilated the guy. He contacted all his customers and simply wiped him out.

That same owner is now a highly respected business man and an MBE.

You might be able to do some digging and find out who this company and owner is, if you look hard enough.

UKFast is a UK-based web host whose CEO has received an MBE.

Probably not that many other web host CEOs with an award from the Queen.


> UKFast - your future is our business.

Turns out it's meant seriously.


.....isn't HostGator by chance is it? Sounds like the kind of stuff they would have pulled back in their days

Was gonna say, it sounded like HostGator.

One of the HostGator former admins actually doxxed one of my old accounts on reddit by typing my full name in response to some random comment. When I asked him how he knew it, it's because my reddit username was the same as my domain name at the time, and he remembered looking through my server. Whenever the admins would get bored, they'd just dig through peoples' servers and see what they had. He remembered mine because I had a lot of sheet music on it.

They get people like this because they put their admins through the puppy mill process. Basically hire anyone not braindead, train them to do basic shit, and then pay them peanuts. The company men eventually get a high position in the hierarchy for a negligible pay bump and then help keep the new ones in line.

Such a shitty company, but I don't host anything sensitive there and it's been reliable for the last 10 years so I haven't migrated anything yet.

No. They're UK based.

Hostgator was started in a dorm room in FL and their HQ is now in Houston, TX. Interesting story would be curious which hosting company. Daft move.

Fascinating story! I'm curious why this isn't massive lawsuit material, I know in the US it would be. I thought the UK was similarly litigious?

Sounds like something people over at bluehost or EIG would do...lol..

what is an MBE?

"Order of the British Empire" - it's awarded by the Queen her self, directly.

That sounds like Hostgator.

No. They're UK based.

So my dad told me this story once,

He was working on a large, industrial construction project and they were nearing the end of it, so a QA engineer was scheduled to do a walk-through, and before that happened a higher-up purposefully damaged finished work, dented a pipe with wrench, unscrewed a bolt, etc... That way when the QA engineer did his checks, he'd find these obvious, easily fixable defects and mark them, whereas if he had found no problems, he would end up digging deeper, since he'll feel like he has to find something, and then he might potentially uncover some major, catastrophic problem that'd be impossible to fix and still hit the customer's deadline.

Theoretically everyone's happier at the end of it... QA because they did their job and found stuff wrong, the client cause the project was finished on time, and all that for an afternoon of extra work.

I worked for a company with an extensive QA process and on occasion I found myself being less then thorough before handing the code off. I knew there were bugs, but just left them in there, because they had bug quotas they had to meet, and we had a tight deadline, etc... At least that's what you tell yourself to justify the behavior.

Sometimes I wonder just how much of this kind of greasing-the-wheels goes on in other industries...

I used to do this defensively when submitting 8-bit games for publication back in the 80s.

The non-gamers at the publishing company seemed to feel they had to get back to you with a handful of changes. If your game was really polished, the changes would be pointless or even harmful things. I quickly learned to leave in a few obvious things that were trivial fixes, e.g. blocky bitmaps, misspellings, jarring colors.

Instead of coming back with:

> we really like the game, but couldn't the snake be an F-15 fighter, and couldn't the scrolling be vertical instead of horizontal?

...it would be more like:

> Change that color, fix that icon, correct that spelling

See also the story of the duck and the queen on game battle chess https://en.m.wikipedia.org/wiki/Battle_Chess

The source of that is from a codinghorror post [0]

[0]: https://blog.codinghorror.com/new-programming-jargon/

Came here to say this! I've told this parable of the duck before, but I did not know the origin of the story... "get that duck out of there please otherwise looks OK"

similarly, in the context of nightmarish optimisation death marches to fit inside a memory budget -- see "the programming anti-hero"


It happens all over the place. I haven't done it to QA but I've certainly done it to project managers, similar to this story: https://rachelbythebay.com/w/2013/06/05/duck/

I did this in our University laboratory for OHS, we called it window shopping. By giving the inspector a few easily visible, but not dangerous issues out in the open, he was satisfied we were up to scratch safety wise but could also tick all his little boxes. An out of date MSDS for chemicals we no longer had, a not tested and tagged electrical cable used prominently, a drink bottle left next to the lab computer by a student.

I've done this, leave an obvious trivial bug for the QA to find otherwise they'll keep digging until they find something pointless and hard to fix, which is not a problem in the first place. they have to find something to justify their jobs.

I wonder if there's a name for doing this?

That's a team-wide failure to understand business value.

This is much scarier for a construction project than the game programming anecdotes that follow.

Not me personally, but the company I started my career with (was an intern there for a few months).

ERM software. When a new client comes onboard, install the product and database, but make sure not to make any optimizations, not even the basic indexes in the DB. Depending on the usage, the DB will get slower and slower in a few months. Then send a "consultant" who will simply run a script and add indexes etc and test a bit (no more than an afternoon worth of effort) and charge a high fee for it.

We had a project once for conversion (not getting into details). My team found a tool online. Boss bought it, finished the entire project in one day. Boss bills for month (which was the original estimate), puts the team to work on another project for the next 29 days, gets paid for that too. The only decent thing in this story is that we didn't know before the quote, that such a tool was available. Some would say this is smart way to do business, it felt shitty for me though.

For the second part, I dont think about it as you sold a month of work. You just agreed with a customer that this task is worth X amount of money. If you managed to do it in one hour, that's just good business.

In this case you got lucky; other times you'll underestimate the amount of effort required. In the end it'll even out.

I still think they could have charged for less than the full month. The goodwill and trust that would have engendered would probably have been more than worth it in the long run.

Absolutely not. The client will either take you as shady or incompetent for being that much wrong in your estimate.

That's not ethical if it's a time&materials statement work agreement (because it's an estimate; if the actual work takes 10% over you bill that).

If it was a fixed-bid, then yeah it's completely fine. Though usually I'd say there should be a bit more time spent delivering some additional (canned) documentation and the like.

That would require that you eat up the cost if something takes more time. Most of the time the customer will pay for the additional time or at least part of it.

We had a 'missing indexes' consultant do a big job for us. The database quickly got really slow. Needlessly to say we do not hire them any more and do not recommend them to anyone else. The index problem I fixed in five minutes plus eight hours waiting time.

i wouldn't sweat it, a lot of economic activity is just information arbitrage.

Sounds like a dream job or a nice side gig if you just want a job. Login, run script, log out, bill for thousands, then go back to doing your own thing.

Intentionally withholding stuff without offering an upfront option is shady though.

I remember this guy that automated his own job while working on distance... In the end he had a full time job automated into a couple of hours a month. https://workplace.stackexchange.com/questions/93696/is-it-un...

Where do you draw the line? My grandma was once contacted by a scammer who offered to "optimize" her laptop, and she ended up paying roughly the same as the price of a new laptop.

Yeah, that's in fact a good test for whether your work might be unethical - if you're relying on information arbitrage, you're screwing someone over.

Car mechanics do this all the time, so what if an experienced mechanic can do a task in 1/10 the time, they always charge for the book time.

We have a mechanic now that constantly surprises us by billing us something like 2-5x times less than we expected. Turns out, he's good, and he bills us for actual time spent and parts cost. Like last time, I expected to pay ~$270, ended up paying $65 - $32.5 for parts, $32.5 for work time.

This guy only takes work from existing customers and people referred by them, because it's widely known in the local community that he's good, and has way more people wanting his services that he can handle. He could rise his prices, but it turns out, he's a decent human being.

I hope he has all the money he needs to live happy and safe. Because else I'd feel like the ethical thing for him would be to charge more.

I think so. I kind of wish he increased his prices a bit, because he deserves it; I like him not because he's cheap, but because he's honest.

Mechanical work is straightforward though, and book time can be a bit liberal but is otherwise fair.

Are you a mechanic? It's only straightforward when everything goes according to the book, which is a welcome surprise, but certainly not the norm.

An IT person who used to do be an engineer on a merchant ship told me that in IT finding the problem takes time but the fix is quick. But in physical mechanical work finding the problem is usually easy but the fix takes time. Sounds cute at least!

I've had a couple of customers that double bill their own clients, I never stuck around long once I realised what they were doing.

Are they by any chance working with AX Dynamics?

I worked on a penny-bidding site. These guys "auctioned" items like PlayStation, tvs, cars to the user who placed the final bid on an item after 60 seconds of no further bids. Each bid would increase the final price by 1 pence/cent, but each bid would cost 50 pence/cents. You could "win" a $20,000 car for $500.37 and the house would have taken 50,037*50 cents. It might be okay if that was it -- but I was asked to code some "house bidders" who would outbid players until a certain threshold was met. I left that job shortly afterwards.

A few years back I was house hunting with my wife. We found a lovely house that was a short sale, and put in a bid.

Holy crap, that process was all kinds of frustrating and drawn out.

About 3 months after we placed the offer, the bank put the house up for auction on another site, to try and drum up more offered. On the auction day, I checked in routinely no one was bidding. All was looking great. About three hours before closing, a bid came in that was lower than our offer. OK, still good. Then another about an hour later. Still good. Then the "final hour" of the auction happened and it slowly but surely started ticking upwards, bids started trickling in and the price started climbing higher and higher. About 20 minutes before the end it got past our offer and my heart sank. As the end time drew near it started getting bumped out by further offers.

I told my wife we'd been outbid, after a stressful day, following on from months of stress and frustration.

Next day, our realtor reaches out to the selling realtor who reported that the bank told her no one else had actually bid on the house.


Good on you guys for not increasing your bid!

I think it's more often referred to as a Dollar auction[0] - an example where a series of rational decisions leads to irrational behaviour.

[0] https://en.wikipedia.org/wiki/Dollar_auction

The dollar auction is usually run as an experiment in game theory classes and works a little differently from the penny auction sites. In the latter, all of your bids at any point are a sunk cost.

And I'm a brit. I did the math in cents for greater universality. Maybe a mistake after referring to a penny.

I saw an ad for something like that a while ago, but realized that you couldn't sell an ipad for $0.56 if you weren't getting the full retail plus a margin from somewhere. Thankfully I never got into it.

You missed out. You could’ve rigged it so you could easily win yourself.

I'd fully expect the business to fire him for unethical or immoral behavior...

Well, he's leaving anyway. He may as well get some free stuff out of it.

Sounds like Beezid. Worse than payday lenders IMO.

I worked on a system like that but it was run by a charity so whilst unethical at least somebody wasn't profiting from it.

I wonder what the percent of that unethical charity's income was spent on its stated mission? Many charities are just fronts for marketing companies with super high salaries and almost none of the money goes to what the donors would expect.

Ditto, in my case the site was like this, wasn't itself a non-profit organization, but said proceeds from it would go to the specified NPOs... but that never actually happened as far as I know.

If it's unethical, it's unethical. Does it really matter if a company is profiting off of it or not?

Is that even legal?

Penny bidding, yes. Shill bidding, no.

How was this not regulated?

I suspect you're not going to get many personal stories here because it would be self-incriminating. But I have a couple from some people I know in tech.

1. I know the guy who, pre-Snowden, actually designed many of the pieces of network gear needed for the dragnet. His perspective was basically: Yes it's wrong, but what do I know? I just design electronic circuits.

2. Same guy also mentioned how at another company he worked at they used DNS tricks to exfiltrate data out of their enterprise clients. Nothing crazy, mostly just analytics to aid in things like product design. They got caught though. First Intel went out, then a couple hours later 4 other big tech companies (including Apple and Microsoft). Then a huge swath of devices stopped reporting. They got acquired shortly afterwards for a large, but sub-billion dollar amount.

3. I know a couple people that crack into devices and sell the 0days to the highest bidder. I consider this practice for anything cyber-physical (self-driving cars, etc) to be so unreasonably unethical that it should be against international law. It's one thing to sell these things to an allied government, it's quite another to have them on the open market.

>It's one thing to sell these things to an allied government, it's quite another to have them on the open market.

Honest question...why?

The result/intent seems the same whether done by a state or nonstate actor. In fact a state actor seems more likely to use it because of a greater feeling of moral justification.

Because terrorists target civilians on purpose.

1) Those are incredibly arbitrary labels and you either know that or should know that

2) The US drone program regularly targets first aid personnel and rescuers.[0]

[0] https://www.thebureauinvestigates.com/stories/2012-02-04/cia...

What does nr. 2 have to do with anything? The fact that the US kills civilians doesn't make this more ethical.

Because the original implication was that state actors don't target civilians.

> 1. I know the guy who, pre-Snowden, actually designed many of the pieces of network gear needed for the dragnet. His perspective was basically: Yes it's wrong, but what do I know? I just design electronic circuits.

In case anyone wonders, this is why so many engineering schools are increasing their focus on teaching ethics.

Was the second company Meraki?

EDIT: I don't expect to receive an answer to this (and that's fine), but I'll give more color to my guess. Meraki had a side venture in internet connectivity-enabled location analytics which was more profitable than its actual router sales. This is one of the reasons why its acquisition price was so high. It has since contributed to a location analytics service within Cisco.

No, sorry.

I am not sure I understand the distinction you make between a government and the higher bidder? How can you be reasonably sure that your findings will not be used wrongfully by X gov official?

You can't, but if the NSA or CIA wanted to kill a bunch of people they could. Whereas ISIS and company can't. Not knowing who is buying your 0day is dangerous to public safety.

The highest bidder is likely to be a government agency.

Nice job, we know it's you.

You forgot to add “confiding for a friend”

> Yes it's wrong, but what do I know? I just design electronic circuits.

This outlook, along with "well if I don't do it someone else will anyway", is why tech workers are quickly becoming the new bankers in the view of the public.

Yeah, some hackers wear white hats, others wear black hats, and then there are those who wear paper bags over their heads.

> This outlook, along with "well if I don't do it someone else will anyway", is why tech workers are quickly becoming the new bankers in the view of the public.

Which really annoys me, because while moral indifference of some tech workers is wrong, there are still the business guys actually giving the immoral orders. Those are conveniently forgotten in the new narrative.

At what level of technical skill/background does a business guy become a tech guy?

People are people and this "oh the business guys are the bad ones, not poor little programmer making $200k/yr implementing business guy's idea" mindset is odd.

It's not about the skills/background, but decisionmaking capacity. The blame for executing an order is separate from the blame for issuing one. If a tech worker is both the decisionmaker and the implementer then they get to be blamed for both, of course.

Was fed up with Quake Live not providing any matchmaking, so I tried to make my own. Of course they didn't have any API, so I needed to scrape their website to get the match results. I sent a lot of requests.

So when they blogged about their web site becoming occasionally very slow, I sheepishly emailed them, and asked if this might be due to my scripts. I assumed that of course they'd have some sort of IP based limiter in place in case I got to greedy. Well, they didn't. They requested that I send them my scripts, which I happily did. They also banned my account, which I thought was quite petty.

They might have unbanned me a couple weeks after that, but I quickly lost interest in Quake Live.

This is about as far from unethical as you can get...

Well, the title asked for "most unethical", so, yea. It was against the terms of service...

Let he who has never scraped throw the first stone

Uhhh, just because it's against the terms of service doesn't mean it's unethical.

That's some low key ethical bragging you have there


There was an ongoing prank in my high school (late 70's) to insert John Holmes' name whenever/wherever possible. For example, one trick was to ask someone in the front office to add to the end-of-day announcements "{popular girl}, John Holmes won't be able to give you a ride today". Eventually the front office caught on, and it got riskier and more difficult to do.

I was asked to write an Applesoft BASIC program to help the front office collate and remove duplicates from attendance lists taken first and second period. At some point, I added some obfuscated code that would add John's name in when the total number of names was over some threshold.

Believe me, I'm very very ashamed of myself...

I didn't know who John Holmes was. Don't google it at work guys.

FYI for the morbidly curious, he's apparently an adult film actor.

Did you get busted?

Worked for a company that was contracted by DOW to make an app promoting some extremely toxic agrochemicals, such as Forefront. They talked about this being so poisonious that if animals eat grass sprayed with it, then crops grown with their manure will be unsuitable for human consumption. Was also asked to fake ("round up") the calculations of how much money you'd save if by those chemicals.

Read up a bit about DOW and the Bopal disaster and started to feel horrible about my work.

Tried to gently bring concerns up with the management, and was laid off immediately.

I feel really bad about doing that work, but trying to make up for it by not eating animal products anymore.

Why not channel your feelings and talk to a journalist, NGO or regulator willing to act in the public interest?

Good idea. I don't really know anything that isn't already out there, but still happy to talk to any journalists/NGOs/regulators about it.

I have been going on about this to a journalist friend of mine who's works at a public broadcaster, but it didn't really go anywhere. Well, at least I'm airing this on HN now.

It's made me wary of wild-camping on grassy areas around farms, knowing what some farmers might be spraying there.

This is the app: http://uk.dowagro.com/grassland-weed-app-now-available/

About the killer compost it creates: https://www.sustainablemarketfarming.com/tag/tomatoes-with-d...

People have been known to disappear for less.

Have they really? It is the sort of thing you see a lot in fiction but not on reality.

At the very least you'd end up being sued for defamation or whatnot by DOW for the next century or two. DOW is not a company you want to tango with.

Its fully possible to tip a journalist or regulator these fays with a level of anonymity these days.

And what if they can tell from the information leaked who leaked it? This person's life will be destroyed by armies of lawyers. Just so some journalist can report on something that'll be out of the news in a few weeks and change precisely nothing.


That is always a risk when someone does something in the public interest. But doing stuff for the betterment of others at risk of your own lifestyle is a noble endeavour that many have undertaken despite these reasons.

My point is that others are not bettered by this action, because the action of leaking to a journalist no longer improves anything. Just as it hasn't the last few times this happened. It is arguably a good idea to sacrifice something for everyone's benefit, but it is always a bad idea to sacrifice if nobody benefits.

I can fully imagine not wanting to run the risk regardless however.

You sound like a good dude, that's why they laid you off because they knew you'd call them on all other shady stuff they'd do in the future as well...

I hope karma does happen in the end but I fear it doesn't.

How does not eating animal products help with your guilty conscience in this situation?

Animal husbandry has a large negative impact on the environment. After this DOW Grassland app I felt I needed to take a look at the environmental destruction I'm contributing to.

Except the alternative - ie, relying on annuals for food production - destroys top soil and relies on fossil-based fertilizers. It's the epitome of nonsusteinability and environment destruction.

Perennials combined with animals can be made into a much more self-sustainable cycle.

Be careful with numbers, they can be useful but fail to show the full picture at the same time.

Back when I was eating meat, I was probably still aware that it was harmful, but in a kind of cynical denial about it.

I've heard that one about "the annual crops" before, and it's simply not true that it's "the" alternative. It's claimed in this one study that's echoed in loads of articles[0][1][2][3] that assumes that vegans don't eat perennials, which is kind of ignoring the existence of apples, apricots, asparagus, artichoke, avocados, broccoli, currants, basil, blue- and blackberry, chives, fennel, garlic, ginger, grapes, kale, kiwis, leek, mint, onions, oregano, pears, persimmons, pineapples, plums, pomegranates, potato, rasp- and strawberries, radish, rhubarb, rosemary, sage, thyme, tomatoes for a start.

This view about animal husbandry being harmless for the environment has been disproven[4][5][6], and is on the line with global warming denialism.

[0]: http://qz.com/749443/being-vegan-isnt-as-environmentally-fri...

[1]: http://www.pbs.org/wgbh/nova/next/earth/going-vegan-isnt-act...

[2]: http://www.foxnews.com/health/2016/08/11/new-study-reveals-v...

[3]: https://quietkinetic.wordpress.com/2017/03/09/global-veganis...

[4]: https://www.theguardian.com/environment/2008/sep/07/food.foo...

[5]: http://www.cowspiracy.com/facts/

[6]: https://www.theguardian.com/environment/2014/dec/03/eating-l...

It's not a question of being harmless but sustainable. Everything you do will harm or imbalance the environment somehow, the question is how much the environment can recover or if it can at all.

There are a ton of lines I could go to discuss your points, from "meat is not equal to beef" to "could one live healthily only on the things you listed?" (hint: no).

I see tons of articles with statements of journalists but no real evidence, if you want to discuss with references I suggest going to better sources. Actually, I suggest checking your references as well - this was written on [4]:

"[a major report into the environmental impact of meat eating claimed] eating some meat was good for the planet because some habitats benefited from grazing."

So yeah, even your references "disproving" what I'm saying are actually are actually agreeing with me to a certain extent.

Last, but not least, it's not about who eats what but about sustainable systems - either the system works as a cycle or it will eventually run off. You need to look at the bigger picture.

It may help with their conscience but it has no positive impact whatsoever.

Like the Roundup pun

I've done a lot of work involving scraping, data analysis and reversing private API access from mobile applications. A lot of this work is legally defensible (if you do it correctly) and not particularly unethical. After doing a bunch of this type of work I started to accrue subject matter expertise in the area that led other companies to come to me with more questionable projects in mind. I turned down many of these, but two projects stand out to me as unethical or borderline. In fact, this was the reason I eventually stopped working with these companies.

The first project was for a large, (now) well-known fintech company. They needed to develop login integrations with consumer banks to acquire customer account information for verification purposes. But many such banks didn't particularly want to grant them any special API access. More importantly, these banks typically forbid scraping and made it explicitly difficult by implementing JavaScript-based computational measures required on the client in order to successfully login. I helped this company develop methodologies for bypassing the anti-scraping measures on several banking websites. However, I stopped working on this because 1) I felt uncomfortable with the cavalier way they were ignoring banks' refusals, then using the reversed integrations and onboarded customers as a bargaining chip for more formal partnerships, and 2) performing huge amounts of analytics on customer data acquired as part of the account verification process.

The second project was for a tech startup working on insurance and credit analytics. This company is one of several that popped up in recent years to use machine learning and social data in order to develop a more "complete" credit score (in their eyes). They had an impressive team of machine learning researchers but their data acquisition team was comparatively mediocre. So I worked with them to improve their acquisition methodologies for a variety of social media websites. I stopped working with them for three reasons: 1) fundamentally, I lost faith that their product was actually generating a meaningful signal over traditional means, 2) I was worried that the data they were collecting might introduce spurious correlations or illegal biases, and 3) if any team was going to do this correctly, I didn't think this particular team was the qualified one to do it.

I'm guessing the first company is Plaid. I'm in the ACH payments space so we're a potential customer of Plaid and I vaguely remember a presentation or something where they (Dwolla + Plaid) promise merchants the ability to grab 12 months worth of transaction history from a user's bank account. Could be wrong about that. I do know for sure I made a mental note to myself to never use Plaid as a consumer.

Well, since you already guessed it: yes, it was Plaid.

I would have no issues working on this. Doesn't seem very unethical. (For people who know the space, it's pretty obvious that you're talking about Plaid :))

Well I subscribe to moral relativism, so I don't have an issue with you not finding it to be unethical. But personally, it bothered me that so much user data would be mined from their financial statements.

I know B2C companies like Mint do this as well, and I don't have an issue with user data being used for market research. But it seemed underhanded since most customers aren't aware of it. If you use Mint you can read their T&C and understand your data is mined. But Plaid is not sold to users, it's sold to companies. So end users of a completely different company which simply uses Plaid for account verification would be implicitly volunteering their data.

The other thing that bothered me is that companies which have valid reasons for not wanting to develop API integrations for Plaid would be strong armed into doing so once Plaid had acquired a critical mass of their users using the methods I helped them develop.

Thank you for sharing. This is why I never sign up for any fintech services. The amount of data I hand over is never worth the "benefits" they provide.

Most of those sorts of companies (both B2C and B2B) ultimately end up selling the user transaction data (or some derivative analytics thereof) to hedge funds. It's used (for example) to forecast the revenue of B2C companies in advance of equity earnings announcements.

NB: I don't have an issue with user data being mined for things like market research if it's a situation where the product is free and users can be easily made aware of it. But I find it dishonest if the company mining that data is doing so without direct user consent, or in a "backdoored" manner using their status as a downstream client's "affiliate" for T&C purposes.

> A lot of this work is legally defensible (if you do it correctly)

Could you expand on the correctness aspect? I'm currently working in this space for what I believe to be good reasons (to improve the accessibility of a particular service for visually impaired users). But I'm eager not to abuse my position and knowledge.

To be clear, I'm talking about scraping. I think the sibling commenter is talking about developing competing products via reverse engineering ("clean room implementation"). I am also not a lawyer, so I can only tell you the guidance I received from one for the projects I worked on.

Technically speaking you can scrape data in a legally defensible way if you do not need to accept any terms of service explicitly prohibiting scraping in the course of grabbing the data. The distinction is that browsewrap T&C have plausible deniability, but clickwrap T&C do not. And if you receive a cease and desist order, you abide by it with a mea culpa. This also means you don't scrape so loudly as to be noticed, which has the happy side effect of probably not disrupting the target's service.

But again: The grey areas of ethics are a separate question from legality. Please engage a lawyer for your specific work.

Depends on the jurisdiction. For instance Europe allows reverse engineering for inter compatibility. Terms of services carry little value here (none for this clause that's already covered by a specific law).

However, it would be interesting in the case of bank services. Accessing the account from the customer probably let you initiate a variety of actions like money transfers or loans, it's sensible to argue for limited and controlled inter interoperability.

Also, customers are not allowed to share their credentials and he is in breach of his contract. The account should be considered compromised and be locked.

Depends on jurisdiction OP operates in, but clean room reverse engineering is one technique, i.e. OP reverse engineers a piece of software, documents how it works at a high level, and hands off the documentation to legal counsel who reviews it for IP infringement etc. The doc is then handed off to a completely different team/engineer who implements the API contract documented by OP.

What's wrong with allowing customers to fetch their own data from their bank? I hold the opposite point of view, that banks withholding information from their customers is unethical.

Sounds like you would be a valuable member of any company, especially a startup. I’d love to hear your thoughts on more ethical ideas for analyzing difficult to obtain data. Feel free to ping me directly.

> hear your thoughts on more ethical ideas for analyzing difficult to obtain data.

See, this data is not difficult to obtain if you're operating in an ethical manner.

You can't do ethical analysis of data obtained in an unethical fashion. Fruit of the poisoned tree and all that. I guess it worked for radiologists after nazi germany however...

I don't necessarily agree that the first project was unethical, the banks were saying no because they wanted to develop a product of their own to compete with the company that hired you, not because they had any moral standing to prevent the customer from running analytics on their own data. The company you did the work for is immensely helpful to the consumer, and banks refusing to let consumers interact with their own data is, IMO, more of the moral violation than forcibly scraping that data out.

Even worse, the banks preventing users from straightforwardly accessing their own data is exactly what is pushing users right into the arms of these "fintech" surveillance companies.

The technology (OFX direct connect) and software (Quicken, now Moneydance) for users to privately track their finances has been around for quite some time. But the protocol appears to be getting deprecated in favor of this "web download" rigmarole as banks attempt to decommodify.

I had thought about futzing with Plaid for my own monitoring purposes, figuring since they were B2B they wouldn't be directly surveilling (leaving that up to customers instead). Apparently I was wrong. Surveillance capitalism, indeed!

Throwing in a guess for the second company, was it Zest Finance?

I know this isn't the point of the thread, but I couldn't help myself. I will ask for forgiveness (as I am sure we have all done in both technical and ethical matters)

First project sounds like Coinbase.

I was thinking the first is Mint

After Jared Kushner originally bought the New York Observer, I was hired to lead the tech team, which I did for a year and a half in house then for three more as a vendor. He asked me, out of band, to blackhole articles critical of his commercial real estate colleagues and I complied.

You should've used a throwaway.

I appreciate the sentiment, but I've been open about this on Twitter and to a team that wrote a profile of him in the wake of the election. That a newspaper publisher would participate in an administration that labels the press the enemy of the people is a total betrayal of the journalists and other media professionals who worked hard for him for years.

For posterity, Buzzfeed News reported this: https://www.buzzfeednews.com/article/stevenperlberg/jared-ku...

CNN just put this on their front page. Did they ask you for comment?


They did not.

Not questioning your story a bit, I'm sure it's true. But shouldn't we all be a little concerned that CNN is posting a story as fact without verification or even talking to the person making the claims? The article even implies heavily that they've talked to you.

That scares me.

The number of people who led that team for a year and a half as an employee and three years after as a vendor is probably sufficient to identify them regardless of the account used.


The way you handled this does not speak well of your character. You should have: 1. Preserved the articles in a safe place. 2. Resigned. 3. Given the articles to another publication and state what happened. What I see here is that you were concerned first about your own finances. That is what makes you look bad. Ethics first, finances second.

Giving the articles to another publication would constitute unethical behavior as well though, considering he didn’t own the content and could not claim any authorship over it, though perhaps alerting authors or editorial staff could have spurred that result. And obviously a question about the most unethical thing a person in this field has done isn’t going to be something that speaks well of their character. I don’t think it speaks well of a person’s character to judge someone for the single most unethical thing they’ve done in their career.

> The way you handled this does not speak well of your character

Given the question asked at the head of the thread, any response for which that was not true would have to be viewed as a kind of humblebrag.

I made software 15 years ago to automatically buy concert and sports tickets from Ticketmaster and other websites. At the moment tickets went on sale we used hundreds of computers to buy up the good tickets.

I'm sorry your daughter didn't get Nsync tickets.

There was a Freakanomics episode about this. http://freakonomics.com/podcast/live-event-ticket-market-scr...

That's just arbitrage, right? If you're able to sell them at higher prices, the venue should've done it themselves.

I mean, without scraping, it basically comes down to whether or not you care enough about the event to be online refreshing the page at exactly 10 AM or whatever. with scraping it becomes about whether you have more money. some artists prefer the audience be more of the former and less of the latter

Wasn’t there a big case about that?

I once got pulled into an arbitration hearing to explain how certain code functions operated. While not necessarily unethical it was a moral moment because I knew the inquiry came with the loaded intent to twist whatever explanation I gave into the worst possible extreme.

Sure enough that's exactly what happened and a really hard working and honest developer lost their job so an executive could save face.

Left that company a month later but I still feel horrible

Without giving away more details than you feel comfortable with, could you share more about what the developer was fired for and how it made that executive safe face?

It was a feature set that was supposed to provide additional reporting views and expose data to customers when queried. Turns out one exec had some very embarrassing transactions that emerged from this and he wanted that info suppressed and the person who leaked it fired.

The feature worked as designed, and this exec was the one who pushed for it to go to market despite all warnings that a review of the depth of exposed data was needed first. Nothing was ever leaked, as I mentioned it worked exactly as we were instructed to build by the product managers and our engineering lead.

The outcome is the outcome scoped for.

Fwiw many engineers left after that moment. We were already at odds with leadership and when they showed their colors in that incident it resulted in nearly the entire engineering department bailing.

This never made it publicly, it was an internal product demo to the whole company leading up to launch. To my knowledge no customers or media outlet caught wind of the transactions or the internal coup that resulted.

Are we talking personal transactions on behalf of the exec that happened to be in scope because they were also a user of the software/in the data set? Or are we talking about business transactions by this exec that were professionally embarrassing?


This is not something you should put on the Internet if your bio (including picture) is online on LinkedIn.

This is were a throwaway account would be appropriate

I built my computer graphics final project in Haskell so that the TA wouldn't be able to run it and grade it. Then for our presentation, I babbled on and on about the math and went over time so we wouldn't have to give a really crappy demo.

Reminds me of

    int main(int args, char ** argv)
        static int foo[640*1024];
        return 0;
This compiled into a valid MS-DOS .exe, but spit out "Out of memory" and exited when attempted to run. Was quite handy for getting an extra day to work on lab assignments back at school.

You got an extra day for an out of memory exception? I wish I was that lucky

It was a bit more nuanced.

These were basically home assignments that we would demo at a lab for a grade. The lab machines had several "resident" programs running on them (some legit, like basic AV, and some installed by lab admins for their own questionable purposes), so the amount of available RAM varied wildly, sometime dipping as low as 300KB. The TAs knew that, but didn't care enough to do anything about it.

So when an assignment that you did on your own machine failed with "oom" at the lab, it was plausible that it was due to all the junk taking up too much space on the lab boxes. The assignments themselves were math-heavy physics modelling tasks, so you they did actually need a lot of memory.

All that said, I think only once someone used this "trick" to get an extension and it was because his truly needed few more hours to hammer its sim into converging.

Yeah, not successfully compiling and running was an automatic fail in my school.

If it didn't cleanly compile and run on linux, it was a autofail. I found a discrepancy in MPICH2 the hard way: it would correctly implement my leader election on my mac, and on my little raspberry pi, but not on a Solaris linux!

Lost 5% of my grade to that bug.

Once, I implemented an interpreter/compiler for a toy-language in Opal (a functional language developed and maintained by my prof). A compiler for Opal was only available for Linux. I had zero experience with Linux and no intention to gain any. So I wrote my code without compliling/testing. Suprisingly, I got a good grade with a remark that the grade would have been even better without syntax errors :D

I looked at that code wondering how on earth it could run out of memory. Surely 640*1024 couldn't OOM a machine, even an old one...

Then I re-read is as 640k and went "Oooh"

Wouldn't have worked back when I was TA ...

First, I'd have been able to run it (or grade it even without running it). And yes. I've seen a lot of crappy Haskell code. I've written a good amount of that myself when I was learning Haskell back then.

Second, assuming I didn't know Haskell, I'd have stopped your babbling in the presentation at some point and asked you to run it.

Third, any student that does unusual things is either very good or very cheeky, so those students deserve special attention. So 10 minutes at your and my convenience to run the demo in my office would always have been an option.

(But then, teaching at my university probably was quite different from teaching at your university).

I'm not sure how you think this comment makes you come off, but it's certainly not good.

What does crappy Haskell code loook like?

The most common thing I can think of is putting everything in IO/ST, also known as "C++ in Haskell".

I think I work with you.

During the Ashley Madison incident, a partner and I put up what was either the first or one of the first online tools for checking to see if a particular email address or phone number had been exposed.

I'm still not sure whether or not that was net good/bad. I'm sure that the tool has caused some real familial stress. We could fall back on the "well if not us someone else would have" but that's a cop-out.

Our site was checkashleymadison.com. Later on we got rid of the domain. We had a ton of interest from advertisers, but we thought it best not to try and make money off of the exposition of others. Overall we took in something like 1.2mm uniques over 24 hours. It was a pretty crazy day, and my first time speaking with the media. Looking back, I'm glad that I didn't say anything too dumb.

Originally we intended to stay anonymous, but I forgot to tell a The Hill reporter of that wish and my name was published. After that I spoke on the record to whatever journalists were still interested.

At a previous employer we used the data referenced in the question. We bought the "anonymised" telecom data from one of the big providers in the USA. We would then analyse that data to figure out where the phone spent 6-8 hours during the night to determine where the phone owner lived. Then we'd pull the USA consensus data(free!) so the system would know what demographic the user probably belongs to. We got a surprising amount of data from the consensus, we had things like ethnicity, income, age.

Then we'd loaded all this in google maps and let users of the app figure out what demographics frequent particular locations on the map. For example a use-case of this would be a coffee company figuring out where to open a new coffee shop.


Is there anything even remotely unethical about this?

Compiling publicly available data with purchased/proprietary data is basically the foundation of competitive/market research, isn't it?

In my opinion the sale of phone location data is already unethical on it’s own.

The location data was pretty accurate too in suburban areas. And the provider in question was not very good at anonymising it either. On multiple occasions we could track individuals over a longer period of time. Which would shut down the entire project until it was fixed.

So the company did the right thing whenever the data was compromised. Probably because they were publicly traded and had a good name. I doubt scrappy startups would do the same.

Whether something is the catercorner of a business model has no bearing on if it is ethical or not.

Market research is not unethical unless you think capitalism is unethical at its roots. And if you do I'm curious why you're spending time on a venture capital forum.

And catercorner means diagonal to, not sure what word you're trying to use here.

I am not saying market research is unethical (also not not saying that). I was just pointing out what looks like a total non-sequitur.

It was supposed to be "cornerstone" not "catercorner" but I guess autocorrect?

(I didn't go through with this, but considered) While I was a student I worked for a small shop that sold online services. I was something between an intern and a junior developer/security guy.

The boss (non technical) privately asked me one day to do some research about automating some data entry processes, basically reading from excel files, some databases, formatting and putting it all in another database.

I found out later that if that script is made it would lay off a number of people doing data-entry. I didn't go through with it for many reasons.

There is nothing unethical about this. In fact I applaud your boss. If you can automate something instead of pay people to do it, you should do it.

Some of the reasons that stopped me:

- He asked me privately during a lunch, without telling the people that do the actual work about it.

- I only knew that he intended to fire these people later when started putting the spec of the project.

- He asked me (someone very junior/intern) instead one of his more confirmed devs, which means he didn't want the company to know yet.

- I had a lot of sympathy and even kind of a friendship with those people.

- I wasn't paid enough for it.

"I wasn't paid enough for it" is probably close to the best reason.

To even consider doing it (for me) the value I gain should at least relate to the value I'd produce.

It's the only thing close to a justifiable reason, honestly. But even then, if you're paid for a full-time job as a developer, and asked to develop a piece of software, you can't very well say "I'm paid enough to develop all the other stuff you want, but not this one thing" with a straight face. You could certainly use your development of it as a good reason for a raise, though!

While there are some truly bad things in the top-level comments, it seems a non-trivial percentage of the responses here are some form of "my employer attempted to make money, sometimes even a profit, in legal ways."

Not only is it ethical, it is the reason we are on computers right now and not foraging for food.

Agreed, it's pretty much what we (programmers) do. A cleverer boss will use his people to make more profit, instead of fire a bunch to reduce costs, but cest la vie.

Sometimes, sometimes not. Not all automation puts people out of work. I work for a company whose service facilitates a marketplace and allows a real life industry to grow.

Without our service nobody was doing the job of connecting the people who find each other on our platform. The industry was simply smaller and people could find others to work with only through their personal networks. There are no jobs being lost to our automation, only jobs being created.

And yeah, that’s a good feeling.

All depends on what would happen to the laid off persons.

If this were a country with good social support and they would get some sort of severance, it would be fair.

If they would not be compensated for the caused harm, it would be unethical, since one's action would be a key contributor to that harm.

I remember my first on site project at a paper mill in the north of England. I couldn't figure out why the people involved were so hostile. It was only later when I was talking to the salesman about it that I found out they were all going to loose their jobs once I'd finished.

Should've gone through with it but shared the result with the data-entry people instead of the boss!

I once used curl to continuously upvote a family member's art submission to some national contest. The contest site did no validation so continuously sending POSTs with was almost too easy to game it. They won and got a free trip across the country (among other things).

Did the family member know you were doing it, or was it a "present"?

In my first job out of college i worked at a big consulting company on a project at a company that used interwoven teamsite cms. Teamsite was a cms written in Perl, JavaScript, and Java with lots of xml sprinkled in. It was a horrible system.

I blogged about it on my personal blog. All the posts were about how to solve issues I had using it. This was before stack overflow.

After I had about 10 such posts I wrote a post titled "interwoven teamsite sucks" and linked all the other posts there.

I started noticing traffic to that post from specific ips accross the country.

A week later I was pulled into a meeting with the top see directors and told to remove my blog. Interwoven was an Accenture client.

I removed it.

I like how you dropped the name of the "big consulting company" in the end, there.

Yeah that was a mistake on my part, but you can easily find it on my resume anyway.

Ever so slightly surprised you didn’t get fired immediately.

I had already given notice at this point, so maybe that is why they didn't fire me. They could still tell interwoven "this asswipe is no longer with us".

What was your experience like in Consulting?

Worked quite a while for an "Internet Cafe" SAAS company. If you're confused by the quotes, these internet cafe companies basically sell internet time to users and with each minute purchased, you also get an entry into a sweepstakes where the prize is a jackpot. The sweepstakes entries would be redeemed electronically by way of slot machines, video poker, etc. They're basically legalized gambling. I suppose that in and of itself isn't unethical, but we didn't exactly operate by by the book.

In order for this to be legal, the sweepstakes games have to have a defined number of entries as well as a defined number of winners and losers. None of our games did, it was just too prohibitive. We did provide to our customers, by law, our average payouts and our games did adhere to those through averages over time. But there were many occasions where the games didn't pay out jackpots regularly or paid them out too frequently, hurting stores that were using our software. Our recourse was to provide them more "entries" to distribute to sell to their players, which of course cost us nothing.

Business was good for quite a while, but stricter laws and states cracking down really killed profits. I just feel like any type of gambling in unethical, it seems to really pray on people's dopamine addictions. And these internet cafes, in particularly, are largely occupied by retires who, I'd wager, can't really afford to be throwing their money way.

Years later, my Aunt and Uncle became addicted to gambling on those casino boats and have now lost the house my Grandmother left to them when she passed. I don't necessarily believe in karma, but that certainly made me rethink it.

Applications are open for YC Winter 2024

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact