As you might imagine, a lively debate has been raging inside the HP firewall (usenet is dead; long live usenet). Maybe more surprisingly, there hasn’t really been any thoughtful discourse on the matter. In one (lonely) camp, a few lone voices are defending HP’s conduct of the investigation as if it were the Maginot line. In the other camp, so crowded that I suspect dysentery might be breaking out and causing the inhabitants to go insane, people are handing out blanket condemnations and excoriating the investigation.
Me? As usual, I tend to be somewhere in the middle. Using the word “spying” sure makes it seems like bad, unethical stuff was going on, but on the other hand, it’s hard to say what you or I might have done given the exact same set of circumstances.
In any case, I haven’t really participated in the debate, but I did feel necessary to react to one slightly inflammatory post that basically captures the mood of the “ethics are black and white” camp. I responded with the text below, and after 3 or so days, there really hasn’t been any meaningful response. So I present it here for you, gentle reader, and if you can tell me where I’ve gone wrong, please let me know.
Upfront disclaimer: these are my own personal thoughts and do not represent the views of anyone else, including, but not limited to Hewlett-Packard Company.
Also, you may want to have these links handy:
Away we go… The post I responded to is the quoted stuff. My response follows.
But you two just don’t get it either. You gotta be GWB Republicans. Ends-justify-any-means kind-of guys?
[...]
This isn’t war. There aren’t lives at stake. The “leaks” had gone on for years, and I don’t buy for a minute that they didn’t pretty much know who it was. This was no “crisis”. In fact “leaks” appear to be a national sport. Your point of view will define how you view a particular leak
[...]
If this was such a burr in Ms Dunn’s backside, she should have done the investigation out in the open. Either people voluntarily provided access to all their phone records - or would be terminated (or not renominated). Taken a polygraph, or resign. But it would appear that there wasn’t *that* kind of support for the investigation.
Have you read the testimony?
From Dunn’s testimony, we learn that:
“The CNET leaks of January 23, 2006, were serious. They referred to the most sensitive commerical relationships of the Company and its plans for those relationships (i.e., Intel and AMD, HP’s micro-processor suppliers); they referred to potential acquisitions in a very concentrated part of the public markets for infrastructure software companies; they confirmed the Company’s plans to target a key competitor by name in the printing business (Heidelberg Press); and they discusses the Company’s plans for branding its key new offering in the enterprise computing business. A separate article on the same day referred to discussions that the Company was having with a potential acquisition target, CSC corporation.”
Add to that leaks about the BoD’s dissatisfaction with Carly, the search for a new CEO, etc. Attempting to trivialize leaking as a “national sport” may seem amusing to you, but seriously underestimates the repercussions and consequences of the leaks.
In Baskin’s testimony, there are some very interesting interviews with Kevin Hunsaker. There, we learn that Ron DeLia, the private investigator used by HP for the last 8 years to do all sorts of things, such as background checks on CEO candidates, and investigate other leaks:
“In his investigations, DeLia uses proprietary databases which are accessible by law firms, law enforcement agencies, insurance company investigators, and licensed private investigators. DeLia thought there were regulations restricting the distribution of information contained in such databases to those who had a need for it. Demonstrating a need entails contacting the database company, filling out an application, and providing documentation such as proof of insurance, an investigator’s license, and incorporation information. Generally, DeLia’s analysts access the databases, not DeLia.”
Back to Dunn for a bit, who says, in reference to Kona I:
“I informed the Board at its March 2005 meeting that a leak investigation in response to their concerns had been initiated. I explained, as had been explained to me that, due to its very nature, those being investigated–including me–could not know the details of how the investigation was being conducted. It had been explained to me that to do so would compromise the effectiveness of the investigation, which made sense to me.
No director questioned me in Board session or privately about concerns regarding how the investigation was being conducted. I had the clear impression that they were satisfied that I had taken their priority seriously and that they fully expected whatever was being done would be done properly.”
Some time passes, Kona I is ineffective, and after the CNET leaks I mentioned in my first quotation, Kona II is initiated. After DeLia sends a draft report to Dunn, Hurd, and Baskins, we get this:
“Mr. Hurd met with Mr. Keyworth on the evening of the day that the above meeting with the investigative team took place. He has related many times to me and to others that he tried in every way he could to get Mr. Keyworth to come forward and admit culpability. Ms. Baskins and I were sitting near them during this meeting, which occurred over cocktails in the hotel lobby, and I could see that Mr. Hurd was intensely engaged with Mr. Keyworth. Mr. Hurd subsequently described to me, to Ms. Baskins and to others that, though he gave Mr. Keyworth several chances to come forward, Mr. Keyworth declind to acknowledge his culpability.”
Now for the fateful board meeting. It turns out that Perkins first thought that the identity of the leaker should have been kept hush hush, and taken care of quietly. Sonsini, Baskins, and Dunn push back, saying that procedure would be improper, and that the full Board should be given the opportunity to discuss the correct course of action. Perkins finally agrees…
“Mr. Keyworth was asked by the Board to explain himself. He did not apologize in a way that convinced the Board that he understood the gravity of the matter, and he was asked to recuse himself while the Board deliberated. Mr. Ryan conducted this part of the meeting; I did not take an active part in the deliberations except to offer my own views, as a director and not as Chairman, just as every director was asked to do. My views were among the last to be heard.
Mr. Perkins became very agitated when it became clear that a majority of the Board did not think Mr. Keyworth had handled his response to the Board appropriately and thus were leaning strongly toward asking for his resignation. A secret ballot, suggested by another director, was taken, in which a strong majority of the Board voted to ask Mr. Keyworth to resign, which later in the meeting he refused to do. At that point Mr. Perkins erupted in great anger.
[...]
At no time during Mr. Perkins’ outburst did he make any statement whatsoever about the leak investigation–including its justification or its methods.”
One last note on Kona II, back from Hunsaker’s interview:
“Hunsaker gave instructions to DeLia to find telephone numbers for the various reporters in whom the Team was interested. Hunsaker determined the phone numbers for some of the reporters from the HP Public Relations (”PR”) group and from online sources. These numbers were checked against the phone records for every member of the Executive Council. Then he pulled emails and phone records of the Executive Counsel and members of the Board of Directors and checked for emails or calls to or from those reporters. He also had the hard drives of every member of the Executive Council imaged. He added that individuals were not told that their computers were being monitored. (HP’s standards of business conduct and business policies make clear that any information on HP computers and servers belongs to the Company and is viewable by the Company at its discretion.)
There’s lots more in both testimonies, but I’ve already gone on long enough. From the above, I conclude the following:
- a) The leaks were serious and hurtful to our business. They did not simply consist of telling some reporter what the BoD ate for dinner at some posh resort. Leaking such information is about as anti-HP way as you can get.
- b) Investigating and stopping the leaks was absolutely necessary.
- c) HP IT can do things such as pull all your emails, HP phone records, and image your hard drive, and it’s entirely consistent with the SBC.
- d) Law enforcement types have access to “proprietary databases” that are not generally accessible to the public. As a layperson, I was not aware of the existence of these databases (until now), nor of the contents therein. I suspect most laypeople are in the same situation.
- e) Multiple lawyers up and down the chain, including Baskins, Hunsaker, Sonsini, John Kiernan, and DeLia’s lawyers were all convinced that pretexting was a perfectly legal and common practice. It has been used for “at least 20 years” by private investigators and police detectives. So one “skilled in the art” of being a detective would have considered pretexting as a perfectly valid and legal tool in the investigative toolbox.
- f) Given (c), (d), and (e) above, and considering that Dunn delegated the entire investigation to those “skilled in the art”, it is not impossible to suppose that in addition to being legally sound, that pretexting might also be considered ethically sound, especially given her status as a layperson.
If you’re not convinced that (f) is at least *plausible* (ie, that pretexting isn’t always unethical), then remember that the actions performed in (c), such as surreptitiously imaging your hard drive would
be considered unethical in most circumstances too, but is entirely consistent with the SBC.
In other words, if you think ethics are always black and white, you may want to rethink your position.
As far as conducting an open investigation, or perhaps something straightforward such as polygraphs:
- g) Remember that Kona I was initiated due to leaks on the Board. Dunn was tasked with determining the source of the leaks, and kept the entire Board apprised of the results.
- h) At no time did Keyworth volunteer himself as the leaker.
- i) There is testimony that I didn’t quote that explored the idea of polygraphs, and other techniques. Those techniques were dismissed due to their inefficacy.
And finally, I conclude that:
- j) Perkins was trying to use the power of the good ol’ boy network and keep his buddy Keyworth from being discovered. Upon realization that Dunn followed procedure and wouldn’t be swayed by Perkins’ pressure, he had his ensuing public histrionics, and is the root cause for all of HP’s tarnished reputation and media coverage today.
- k) This story has amazing media legs because the investigation tweaked the entire profession. What was good for the goose was not good for the gander. Witness how no one is criticizing Bob Woodward, one of their own, for his most recent book. If a reporter does it, then it’s just good old fashioned, hard hitting, investigative reporting.
- l) Dunn and Baskins are scapegoats, and really did resign with the company’s best interests ahead of their own.
Agree or disagree. The weakest point of my argument is probably (f). But to refute me, you’ll have to explain to me what you would have done differently given knowledge of (c), (d), and (e), and without the
benefit of 20/20 hindsight. Remember, you’re going to have to make the case that your ethical decisions are 100% black and white, 100% of the time.
Bonus points if you can point to testimony or law, rather than just resorting to rhetorical masturbation such as “you must be a GWB Republican”.
I’ve said my piece on the matter.
/ac