Question:
Professional Issues in Computing - Customer Malfeasance
Consider the following scenario: you are a field engineer for a software company that provides bespoke accounting programs. Your job entails visiting a customer when they report a problem that can not be replicated without the data they use. Many companies are not willing to transfer their financial information to another company so you must visit their site and work through the problem with their employees demonstrating the problem. As a software engineer in the field, you understand a great deal about taxation rules, accounting regulations, and so on. In tracking down the problem, you realize that the reason the customer has a problem is that they are trying to make your program (written with due respect for accounting standards) support their false accounting procedures. You are completely certain that what this company is doing is illegal. Their attitude while you are there makes you believe that this is a wilful act and not a misunderstanding on their part. There are a number of possible actions you can take, with various possible consequences:
* You might tell the customer that what they are doing is illegal and refuse to provide a fix for their software.
* You might tell the customer that you understand the problem but that you must consult with your colleagues before working on a fix.
* You might consult by phone with your management for advice.
* You might fix their software so that it does what they want.
In any of the first three cases, your company may react in a number of different ways:
* They might decide that they should not support illegal accounting practices and refuse to provide a fix.
* They might order you to provide a fix as requested.
* They might arrange for other programmers to provide a fix.
If you are ordered to provide a fix you might or might not be willing to comply with such a request.
1. How far should you be willing to push the ethical case that you should not be aiding and abetting tax fraud?
2. Would you personally and/or your company be criminally liable if you did?
3. What does due diligence require in this case?
4. In general, what responsibilities do computing professionals have in situations like this?
5. Is it enough to produce (as employees and as companies) what the client requests?