While there are issues with publishing information that someone got via a hacking attack, often at times the information can be useful in many ways. Over the weekend Techcrunch was sent an unsolicited e-mail from a hacker that contained over 300 internal Twitter documents, and an explanation on how the various accounts was hacked. Techcrunch has chosen to publish some of those documents, the question is, was this a good choice or a bad choice.
Many companies have been hacked, some companies like Torrent Spy have found that it was an internal employee that sold information, and others have found themselves at the end of a ransom note when a hack happens within their code structures. The other part is that many of us rely on systems like Wikileaks, which requires that personal or classified information is distributed into public channels. Nor should we forget the role that investigative journalism plays when a knowledgeable insider comes along and discloses information that can end up with something like Watergate, or the current issues surrounding the CIA’s actions to hunt down terrorists. Many of our outlets, including blogs rely on information that in one form or another is gotten in a manner that is ethically challenged, but we do it, and like Techcrunch we might or might not print it (press publish) depending on how we feel about the information.
Techcrunch has decided to publish a number of documents that they were sent, they are not printing all of them, or ones that they believe that could be potentially embarrassing to individuals. The choice to not print personally embarrassing information is good; this is a good choice on the part of Techcrunch. The question is what about the rest of it? If it has a value that can show how the business is running then there is a deep public interest in the information, and it would be valuable to various people who have invested in Twitter to have. And that is the real weigh in on the decision, is the information worth the value of public disclosure, and is there a social good that can come from this. Publishing internal business plans and information has no social value, but it has a deep business value to people who have invested in twitter. Most of us will read it and go meh, no big deal.
This really though is a question of what value does the information have in the public realm. Rather than publishing it, TechCrunch could have done a great many things, and while living firmly in an ethical gray area, we are all going to have an opinion about this, and how that opinion plays out is down to each individual’s sense of ethics, where they stand, their own ideas of right and wrong. I have been asked not to publish a great many things over the years, and I have never published information that I got via a hacking attack. And I have had to make serious choices in this matter over the years. We all eventually make these choices, and they are all intensely personal when the choice is made.
The question remains though, and while my answer might look like it is a non-answer, the reality of when we publish information and how we got the information that we published has been something that journalists and bloggers have had to address for years. Should we fault Techcrunch for publishing, or should we treat this like investigative journalism, or should we treat this like the torrent spy hack. Either way this is not the first time we will be dealing with the ethics of when to publish, what to publish, and how to publish information that we get through various side channels of information. The good part is that at least Techcrunch showed some restraint on this one, they chose to publish information that has a general value for public good, and did not publish information that would be individually and publicly embarrassing.
(Cross-posted @ IT Toolbox)