Blacklist Patricia Dunn
I HAVE FAMILY inside HP (NYSE:HPQ) and I used to share core values with Hewlett-Packard but now I wonder whether it's possible to restore the values of the HP Way to a company that appears to have serious issues at the executive level. In the ethics module of the multimedia programming course I teach, I have replaced excerpts from The HP Way with dry reading from a corporate governance textbook. I think HP has lost its way because internal HP e-mail shows that Patricia Dunn, a board member at HP and named as #17 on the Forbes "Power Women" list, commissioned a team of independent electronic-security experts to spy on the January 2006 communications of the other 10 directors. These snoops got records of phone calls made from personal accounts. This means private investigators got phone calls made and received from the homes, cars, boats and privately-owned telephones. It isn't right for board members to spy on each other. There are other methods, effectively used before electronic subterfuge, that professionals have leveraged to good effect. Electronic eavesdropping violates basic trust expected in corporate governance. The way some of this transpired is definitely stupid, downright unethical and potentially illegal. If you commission this kind of tactic, you are complicit in its results. And if you don't know it's wrong, you're incompetent.
It's a kind of data mining that the Irish government actually facilitates--although Irish records weren't used in Dunn's snooping. In Ireland, the government requires the records of all phone calls made and received to be held for three years. There are no legal protections afforded to these data outside of the standard Data Protection statutues. It is not a criminal offense to sell, exchange or lose these data which means at the right price for the right friend, some elements of the Irish-maintained phone records might find their way to a USB key and walk out the door to a private investigator.
Once you have the data, you mine it in search of a pattern of contacts.
Dunn had her snoops rummaging through records without informing anyone else on the HP board of directors. Her actions, documented in an official filing to the Securities and Exchange Commission, unleashed a shit storm. Neither Dunn nor HP are talking about this mess.
When Dunn calmly explained that she had discovered a leaker during her snooping, the director in question acknowledged what he had done. He apologised. Before he left the boardroom he said, “I would have told you all about this. Why didn’t you just ask?” He is still on the board.
According to Newsweek, only Tom Perkins, the Silicon Valley venture capitalist, rose to take Dunn on directly. "Perkins says he was enraged at the surveillance, which he called illegal, unethical and a misplaced corporate priority on Dunn’s part. In an interview with Newsweek, Perkins says he was particularly annoyed since he chaired the HP board’s Nominating and Governance Committee and had not been informed by Dunn of the surveillance, even though, he says, she had told him for months that she was attempting to discover the source of the leak."
The entire episode invites a range of civil lawsuits brought on the foot of privacy invasions and fraudulent misrepresentations. HP have given business ethicists important points to consider in terms of corporate surveillance in a digital age. In Ireland and beyond, audio and visual surveillance capabilities keep advancing. Every single day, I watch custodians where I work reviewing CCTV footage of everyone entering and leaving the premises outside normal hours. This practise happened in two other Irish organisations where I worked. Surveillance is a routine, even essential, matter but nowhere is there a consensus on ethical limits.
Digital Rights Ireland have made this point because those of us involved in this space know companies will continue trawling until their behaviour is illegal. And even then, there must be teeth in the law.
There is no real constraint on the pretexting tactics used by Patricia Dunn, either in Ireland or the States. Investigators who have snooped into my personal live used pretexting to get approval--under false pretenses-- to harvest my personal nonpublic information: letters, postcards, bank details, credit card transactions, Officer Club billings, receipts of the entire hotel for weekends where I stayed. On the top of my microwave oven is a first-person story related to this practise in Ireland. Pretexting is heavily marketed on the internet and there might be an advertisement from Google accompanying this blog entry.
Pretexters can ring up your mobile phone operator, falsely represent themselves as you, and ask for on-screen elaboration of call histories on the basis of a "lost monthly phone bill". All you need is a birthday, home address and little heartfelt passion with the call centre operator. But is the practise illegal in Ireland? In the USA, some attorneys general have brought enforcement actions against pretexters for allegedly violating federal and state laws on fraud, misrepresentation and unfair competition. Patricia Dunn should be wary.
Photo of Patricia Dunn by Paul Sakuma/AP.
David Kaplan -- "Intrigue in high places"
Robert Scoble -- "Corporate hypocrisy by HP"
Tom Krazit -- "The HP Pretexting Scandal"
Therese Poletti -- "Attorney general issues subpoenas in probe of HP"
Connie Guglielmo -- "Patricia Dunn Says She Would Resign If Asked"
Damon Darlin -- "HP Chairwoman Aims Not to Be the Scapegoat"
Allen Wastler -- "HP Chair: Lying or Incompetent?"
David Berlind -- "Dunn is Done (as HP's Chairwoman) but stays on board
Chris Kraeuter -- "HP After Dunn"
Jordan Robertson -- "Charges Possible in HP Scandal"
Rob Hyndman -- "The HP Saga: Dunn is Indeed Done"
