I agree. Let me tell you about what just happened to me.
After a very public burnout and spiral, a friend rescued me and I took a part time gig helping a credit card processing company.
About 2 months ago, the owner needed something done while I was out, and got their uber driver to send an email. They emailed the entire customer database, including bank accounts, socials, names, addresses, finance data, to a single customer.
When I found out, (was kept hidden from me for 11 days) I said "This is a big deal, here are all the remediations and besides PCI we have 45 days by law to notify affected customers."
The owner said "we aren't going to do that", and thus I had to turn in my resignation and am now unemployed again.
So me trying to do the right thing, am now scrambling for work, while the offender pretends nothing happened while potentially violating the entire customer base, and will likely suffer no penalty unless I report it to PCI, which I would get no reward for.
Why is it everywhere I go management is always doing shady stuff. I just want to do linuxy/datacentery things for someone who's honest... /cry
My mega side project isn't close enough to do a premature launch yet. Despite my entire plan being to forgo VC/investors, I'm now considering compromising.
>Why is it everywhere I go management is always doing shady stuff.
Well here's a cynical take on this - management is playing the business game at a higher level than you. "Shady stuff" is the natural outcome of profit motivation. Our society is fundamentally corrupt. It is designed to use the power of coercive force to protect the rights and possessions of the rich against the threat of violence by the poor. The only way to engage with it AND keep your hands clean is to be in a position that lets you blind yourself to the problem. At the end of the day, we are all still complicit in enabling slave labor and are beneficiaries of policies that harm the poor and our environment in order to enrich our lives.
>unless I report it to PCI, which I would get no reward for.
You may be looking at that backwards. Unless you report it to PCI, you are still complicit in the mishandling of the breach, even though you resigned. You might have been better off reporting it over the owner's objections, then claiming whistleblower protections if they tried to terminate you.
This is not legal advice, I am not a lawyer, I am not your lawyer, etc.
People are so quick to judge without knowing the details, the situation is more complex than I'm willing to go into here, and I'm comfortable with my decision.
That's totally fair. After all, laws are about what people will force you to do using (the threat of) violence, while ethics and morals are about how you personally navigate the world, and a bit about how people will try to shame or socially compel you. If you are comfortable with your decision, that's all that really matters at the end of the day.
The problem isn't society or profit motivation. It's people. Humanity itself is corrupt. There aren't "good people" and "bad people". There's only "bad people." We're all bad people, just some of us are more comfortable with our corruption being visible to others to a higher degree.
> We're all bad people, just some of us are more comfortable with our corruption being visible to others to a higher degree.
If the GP's story is true (and I have no reason to suspect otherwise), then there are clearly differences in the degree of "badness" between people. GP chose to resign from his job, while his manager chose to be negligent and dishonest.
So, even if we're all bad people, there are less bad and more bad people, so we might as well call the less bad end of the spectrum "good". Thus, there are good and bad people.
I understand your perspective, but I maintain that "good" (morally pure) isn't a category any of us belong to. We're all lying, hateful people to one extent or another, and lying hateful people aren't "good", even if we haven't lied or hated as much as other lying, hateful people. "Less evil" isn't synonymous with "good".
The argument that profit motivation is the origin of shady business practices ignores the existence of those businesses which pursue profit in an ethical manner. The company I work for, for instance, is highly motivated to produce a profit, but the way we go about obtaining that profit is by providing our customers with products that have real value, at fair (and competitive) prices, and by providing consistently excellent customer support. Our customers are *very* satisfied with our products and services, and they show their satisfaction with extreme brand loyalty. The profit we make year over year allows us to increase the quality of life for our employees, and keeps our employees highly motivated towards serving our customers. We pursue the good of our customers alongside our own, and we avoid shady business practices like the plague.
as it is written:
None is righteous, no, not one;
no one understands;
no one seeks for God.
All have turned aside; together they have become worthless;
no one does good,
not even one.
Your attempt of making the situation seem to be asymmetric by arbitrarily defining "good" as absolute good, while "evil" as everything else - is unconvincing. (Why not the opposite - which would also be ridiculous ?)
It's like a glass of pure water. If there is anything else in the glass, it can no longer be called a glass of pure water. Likewise, the presence of evil of any quantity or quality in a person disqualifies them from being good. Apple trees do not yield blueberries, and good men do not do evil things. So if we discern in our thoughts, words, and actions the presence of evil, we can know with absolute certainty that we, too, are evil.
Or is it supposed that hating each other, lying to one another, stealing from one another, murdering one another, failing to fulfill contract, covenant, and commitment to one another are things that should be considered good?
This. Also, the world isn't black and white. Good and Evil are overly simplistic categories that aren't constructive. Just because one person does something wrong, it doesn't have to define them or negate the good they do in other areas.
What is this even supposed to mean? Profit motivation is a concept invented by humans for humans to apply. If it leads to unexpected or undesirable outcomes then it's a bad idea. A system that requires all participants be paragons of some definition of virtue to produce good results is fundamentally unsuited for human beings.
>As described in more detail in the program guidance, the information must relate to one of the following areas: (1) certain crimes involving financial institutions, from traditional banks to cryptocurrency businesses; (2) foreign corruption involving misconduct by companies; (3) domestic corruption involving misconduct by companies; or (4) health care fraud schemes involving private insurance plans.
>If the information a whistleblower submits results in a successful prosecution that includes criminal or civil forfeiture, the whistleblower may be eligible to receive an award of a percentage of the forfeited assets, depending on considerations set out in the program guidance. If you have information to report, please fill out the intake form below and submit your information via CorporateWhistleblower@usdoj.gov. Submissions are confidential to the fullest extent of the law.
Why would you resign? You could have reported it yourself and then you would have whistleblower protections - if the company retaliated against you (e.g. fired you), you then would have had a strong lawsuit.
Because I don't want to be associated with companies that break the law and violate regulations knowingly.
I've long had a reputation of integrity, and it's one of the few things I have left having almost nothing else.
So you would rather be known as someone who had an opportunity to report a violation, and chose not to? From my perspective it seem like you decided against acting with integrity in this situation - the moral thing would have been to report the violation, but you chose to look the other way and resign.
> it seem like you decided against acting with integrity in this situation ... you chose to look the other way and resign.
I agree with this statement.
This isn't a judgement, we all have to make choices; the "right" choice (the one that aligns with integrity) is usually the one that will be the least self-serving and even temporarily harmful. They did what was right for them, that's okay, but it was not the choice of integrity.
Because that is the choice they made for themselves.
How it plays out after is another matter entirely. But the choice was what they seemed to think was right, for them, at the time. Thus it was the right choice for them. It doesn't mean it was the right choice in terms of integrity, or the right choice for me, or you or anyone whose data got caught up in it. Nor was it right choice in receiving a paycheck the next week.
But the way it was explained, it doesn't seem like they went out of their way to pick a "wrong" choice, specifically. They picked what they felt was the right one, for them, at that time. There were less ethical options to choose as well, and those were not picked either.
You appear to be talking about the external consequences of choices, while I am talking about them making a choice based on what they believed was the inner rightness of their choice. They did not want to be associated with a company like that, so they made the choice to not be -- because it aligned with their inner knowing of not wanting to be a part of that company. The right or wrongness in terms of external consequences is not what makes the choice, right or wrong -- for them
But they left the vast majority of the morality on the table. They even talked to a lawyer to avoid reporting. So in the sense of making the choice that aligns with inner rightness and makes them moral, they still made a bad choice.
> making the choice that aligns with inner rightness
Again, I am talking about -- them -- not anyone one else or what anyone else thinks of it outside of them. I am not talking about "inner rightness" in general, I am talking "what they believed was the inner rightness of their choice" -- Their inner rightness. You seem to be talking about what -- you and/or others -- may believe from an outside perspective. My outside perspective is they made the choice that did not align with integrity. But that does not mean that was not the right choice for them.
And again, they made the right choice, for them -- at that time. How that plays out after is neither here nor there and in your labeling it a "bad" choice for them is akin to saying that they have no real agency over their choices, and we outside of them are the final say in what is good or bad for that person.
Again, I am talking about things internal to that specific person just as much as you are. Not external anything.
You are trying to focus on what they believed in that moment, but I see no reason to use that in an analysis of whether their actions fit their own morals. Sometimes people make mistakes even by their own rules. If we only care about what someone thought right in the heat of the moment, that category of mistake would be impossible, and it's not impossible. Saying that mistakes are possible is not overriding agency.
The core of it is in this line "the choice was what they seemed to think was right, for them, at the time. Thus it was the right choice for them". I don't agree with that logic at all. Humans are not good enough at following their own motivations and principles. They are impulsive and bad at analysis. You can't assume that their choices will always be consistent with their personal parameters of right and wrong.
Also, saying I think someone made a mistake is not denying agency. Don't be so melodramatic. Nowhere am I claiming to have the final say. I merely have the right to an opinion.
I was never talking about if they made a mistake or not. That is after the fact and outside the scope of what I have been saying. I know it matters, but that is not within the scope of my first comment that started this.
I took the little information they gave and from that the only true logical conclusion was they made the right choice for them at that moment. Full Stop.
You’re the one bringing the extra opinions into the matter and reading into a simple thing far too much. Most of the above I agree with you on outside of this particular thread. It has nothing to do with the very narrow scope of my original comment and attempted clarification.
Neither of us can know 100% what was right or wrong for them in that moment, but based on the information of A. no longer feeling right about being associated with a place for reasons that they deemed important enough to come to this conclusion — and B. aligning actions with that inner knowledge; makes it the right action (choice) for that person. If they changed their mind later, it does not change the immutable facts of that moment. It simply provides a new set of choices and options that is outside the scope of my original comment.
> I was never talking about if they made a mistake or not. That is after the fact and outside the scope of what I have been saying. I know it matters, but that is not within the scope of my first comment that started this.
When I say mistake here, I specifically mean "mistake as far as their goal of making the right choice". And I mean that in the moment, using knowledge they have at that time, just like you're defining "right choice". Nothing after the fact nor outside the scope.
> I took the little information they gave and from that the only true logical conclusion was they made the right choice for them at that moment. Full Stop.
I don't see how they gave enough information to be sure, but more importantly you seemed to make a generic statement that anyone making a choice like that would be making the right choice, and that's what I really object to.
> You’re the one bringing the extra opinions
I am not! Please stop misreading me! Why won't you listen to what I'm saying about my own argument?
> Neither of us can know 100% what was right or wrong for them in that moment,
Please explain how "neither of us can know 100%" can be true at the same time as "only true logical conclusion was they made the right choice for them at that moment. Full Stop."
> A, B
Remember that not reporting the company was also part of the choice they made. The basic description of the choice was to report, quit, both, or neither, and they chose to quit.
> If they changed their mind later, it does not change the immutable facts of that moment. It simply provides a new set of choices and options that is outside the scope of my original comment.
I'm not talking about whether someone might change their mind later with new information, per se. I'm making the objectively true claim that people don't always think things through, meaning their choice might fail to represent the knowledge and priorities they had at the time.
Since this thread seems interested, I will reveal the main issue being that based on my analysis, reporting to PCI and the state AG would have absolutely destroyed this (very) small business and the businessowner, someone who helped me in a very rough time, and thus I felt both options were bad/wrong, but resigning without whistleblowing was the better of the two options. I appreciate the analysis and really hope I made the right choice, and if I change my mind, I can still whistleblow on this, which has been a solace in the struggle in this decision.
Yes. The owner is old, and going blind, but refuses to sell or hand over day to day ops to someone else, and thus must ask for help on almost everything. I even pulled on my network to find a big processor with a good reputation to buy the company, but after constant delays and excuses for not engaging with them, I realized to the owner the business is both their "baby" and their social life, neither of which they want to lose.
So me trying to do the right thing, am now scrambling for work, while the offender pretends nothing happened while potentially violating the entire customer base, and will likely suffer no penalty unless I report it to PCI, which I would get no reward for.
Why is it everywhere I go management is always doing shady stuff. I just want to do linuxy/datacentery things for someone who's honest... /cry
My mega side project isn't close enough to do a premature launch yet. Despite my entire plan being to forgo VC/investors, I'm now considering compromising.