top | item 27786715

(no title)

From the code you linked:

> Computing professionals should protect confidentiality except in cases where it is evidence of the violation of law, of organizational regulations, or of the Code. In these cases, the nature or contents of that information should not be disclosed except to appropriate authorities.

discuss

throwaway1459|4 years ago

This code of ethics, like all others, has limitations. Here, it has failed to consider all cases, namely the case where the entity whose confidentiality is being protected doesn't exist anymore. That doesn't necessarily mean your quote isn't relevant, just that it shouldn't be given the final say until we've balanced it out with the rest of the document and looked at the tradeoffs involved.

Not breaking the NDA is an issue w/r/t:

  - 1.2 "Well-intended actions, including those that accomplish assigned duties, may lead to harm. When that harm is unintended, those responsible are obliged to undo or mitigate the harm as much as possible."

  - 2.2 Maintain high standards of professional competence, conduct, and ethical practice.

  - 2.7 "As appropriate to the context and one's abilities, computing professionals should share technical knowledge with the public"

  - 2.7 again "a computing professional should respectfully address inaccurate or misleading information related to computing."

Lastly, since the company's actions were clearly in violation of the Code and potentially causing harm, I could simply argue that the public is the ultimate appropriate authority (since none seem to be more appropriate in this case) and that not breaking the NDA would have been unethical by the very passage you chose to quote.