Dirty IT job No. 2: The whistle-blower
Wanted: Highly moral individual willing to expose employer's dirty laundry. Risk is high; financial rewards can be considerable, though not guaranteed. Disgruntled workers welcome.
Nearly every organization has dirty little secrets. More often than not, IT knows where they're kept. Sometimes, it takes a geek to step forward and bring them into the light. But it's not easy.
Just ask Roger Smith (not his real name). As a computer science teacher at an East Coast high school, Smith became concerned when the district bought single-user licenses of Adobe Creative Suite and Microsoft Office, then installed them on network servers where 5,000 users could access them.
Smith says he approached his superiors and the district's IT department and explained why that was wrong, but to no avail. So one day he called the Business Software Alliance and reported them.
"With some software, we were on day 120 of a '30-day' free trial," he says. "Part of what we're trying to do is to teach kids ethics. That's hard to do when the software you're using isn't licensed and the kids know that."
The BSA relies on tips from people like Smith, says Jennifer Blank, the BSA's director of legal affairs. Often it's disgruntled employees spilling the beans on their boss. Sometimes, though, it's just IT pros who want to do the right thing.
Of course, the BSA offers other incentives -- up to $1 million for tips that lead to successful settlements with software pirates, though the largest reward it's ever handed out is in the "tens of thousands of dollars," says Blank. (To qualify for the $1 million reward, a tipster would have to expose piracy that generated at least a $20 million settlement with the BSA.)
Smith says he never asked for nor received any money, and as far as he knows, the district did not have to pay a settlement. But a few months after he contacted the BSA, his employers purchased legal licenses for its software.
The BSA has its share of critics, who claim the trade group exaggerates the amount of software being pirated, targets smaller businesses that lack the resources to defend themselves, or acts as unofficial enforcers for well-heeled software makers like Microsoft.
"The people who call us names forget that the people they are defending are stealing software," says Blank. "You wouldn't go into Best Buy, put a copy of Windows in your pocket and walk out the door. Only in this case they're taking that copy of Windows and installing it on 100 computers, so they're 100 times worse."
Whistle-blowing applies to more than exposing software licensing violations. Earlier this month, biometric smart card maker e-Smart Technologies was ordered to pay $600,000 in damages and rehire an employee who was fired after alerting authorities to inaccuracies in the company's SEC filings.
But this dirty IT job is not for the faint of heart. On her blog, The Whistler's Ear, database administrator Nell Walton details her three-year legal battle with her former employer, credit card processor Nova Information Systems (now Elavon), after reporting rampant security breaches. She ultimately lost. The breaches were quite real, but the court decided that, as a database administrator, she could not have had a "reasonable belief" her employer was breaking the law, as required by Sarbanes-Oxley.
"This is not a path I would recommend to anyone unless you have a completely ethical reason for doing so, have a backbone of steel, and a very thick skin (don't think you will make a million dollars, in other words)," she writes. "Something all IT people in the USA need to be aware of [is that] we don't have a lot of protections when it comes to whistle blowing."