How Big A Crime is Invasion of Privacy?

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
With the dismissal of charges against former Hewlett-Packard chairman Patricia Dunn, and the assignment of 96 hours of community service to each of three other defendants, the saga of the HP board of directors spying case is drawing to a close.

Or is it?

Related Articles
Mac vs. Linux: Which is More Secure?

Is the Mac Really More Secure than Windows?

IT In 2007: Budget and Trends

The Emerging Dell-Linux-Apple War

FREE IT Management Newsletters

Silicon Valley was rocked late last summer with news that Dunn ordered company executives to root out the source of leaks about internal company matters in the wake of HP’s latest round of corporate upheavals.

In the course of that effort, investigators hired by HP used a well-known and highly illegal tactic, called “pretexting,” to trick telephone company personnel into turning over the private phone records of the investigation’s subjects, including board members and news reporters.

News of the spying came out when HP board member, and spying victim, Thomas Perkins, resigned in disgust. In the wake of the revelations, Dunn was forced to resign along with the company’s in-house lawyer, and eventually criminal charges were brought against the pair, along with two private investigators.

When news of the scandal first broke in September 2006, I wrote a column suggesting that the long-term impact of HP’s excesses would probably be fairly minimal.

But I must confess, it never occurred to me that among those who would be unimpressed with the gravity of the offenses would be the judge hearing the subsequent court cases!

The brutal wrist-slaps doled out by Santa Clara County Superior Court Judge Ray Cunningham send a clear message that fraud, identity theft, and invasion of privacy are inconsequential when they’re done for white-collar reasons.

The message being sent by the judge’s decisions is pretty clear: try harder not to get caught next time or you too may have to spend two weeks picking up roadside garbage.

I can’t help feeling, however, that if those same acts had been committed for some frivolous reason, such as to get money to pay for a drug habit, the defendants would be facing hard time instead of community service.

But when you’re engaged in the serious business of ferreting out who’s telling stories out of school, the penalties for fraud and identity theft apparently slide below the mandatory minimums for jaywalking.

At least the crack addict has a chemistry-based explanation for their motivations; could there be a similar reason for the illegalities committed in the name of finding HP’s internal leaker? A pathological fear of reading embarrassing newspaper articles while enjoying their morning’s coddled eggs and toast-points?

The affront to personal privacy and the idea that corporate executives might order illegal privacy invasions is why the HP spying scandal attracted such widespread attention and evoked such powerful visceral reactions from the public, lawmakers, and prosecutors.

Yet, as time wore on and people began to ask “Ok, so what harm was really done?” the wagging fists soon turned to shrugs.

Indeed, this is a common occurrence when privacy-related problems arise: how do you quantify the harm?

The reality is that most privacy issues have a high shock value, but people have a much more difficult time assessing a “real” value to a privacy problem.

Privacy is an inherently difficult state to quantify. For too many people, privacy is more valued after its loss than before. As a result, too many people treat their privacy in a very cavalier fashion, scribbling their intimate details on an entry form to win the Jaguar parked in the atrium of their local shopping mall.

In a monetary sense, the victims of the HP spying may well have suffered very little. But how do you put a price tag on peace of mind?

How do you assign a dollar amount to the fear that your phone records are an open book for anybody who can trick a customer service operator?

More importantly, for those of us who invest in public companies like HP, what value can be placed on the ability of newspaper reporters to freely cover the internal shenanigans of a company’s leadership team without fear that they will be spied upon in retaliation?

As long as privacy is undervalued as an individual right, it will be difficult to argue that its protection is worth the effort. And as long as privacy is undervalued, it will be difficult to justify harsh penalties for those who willfully breach it for their own petty purposes.

When given the opportunity to assign a value to the fraud, privacy invasions, and breaches of ethics exhibited in the HP spying case, the judge weighed everything and concluded that it was roughly equivalent to the quantity of trash three people could collect during 96 hours of community service.

So, to those corporate executives who might be considering engaging in pretexting to gather some juicy info on your board members, the court wants you to remember something very important: when it comes time to do your community service, the government will provide you with that little orange vest and all the trash bags you need!