Wednesday Wisdom: Digital Rusing

Dear Claudia,

I have started to practice flipping and x-raying sites. I am finding some really good stuff out there, but here is my problem: by mining deeply, I am getting to directories and files (especially Excel and Word documents) that are clearly not posted for public access. So my question is, should I be feeling guilty about using this information?

Snooping Around

Dear Snooping,

I love this question, because it shows two things: first, that you’re working to master the sourcing side of our business (which means you’ll never go hungry for long); and second, that your integrity meter is powered up. The fact that your question combines both of these elements is an excellent start.

We tend to assume that the same laws that protect our privacy in the physical world apply to the digital world as well, and sometimes operate from an unfounded sense of information security. But the truth is that the Internet remains largely unregulated and policies governing the Internet are still developing.

When I find myself in a behavior dilemma like this, I go back to review some of the basics I learned in kindergarten:

• Play fair;
• Don’t hit people;
• Don’t take things that aren’t yours;
• Say you’re sorry when you hurt somebody.

I certainly won’t tell you here what you should or shouldn’t be feeling – but since you’re on the fence about the integrity of this one, I will encourage you to examine the following questions carefully:

Where do you draw the line between “finders, keepers” and "just plain stealing"?
If you don’t get caught, is it really validation that you're doing the right thing?

Legalities aside (and yes, you do have a responsibility to know and work within the law), it seems to me you have four choices based in using or not using the data, and telling or not telling the company. The option of not using/telling is interesting because it could open the door to a new client relationship built on trust that differentiates you as a recruiter from your competition. Imagine if your first contact with a company was a courtesy call providing evidence that sensitive employee data was freely accessible in the public domain? And when asked what you intend to do with the information, imagine if you responded simply that your call was both a courtesy and a friendly warning: for you, companies are either clients or sources. Of course, you’d like very much for them to be a client…

I say, when in doubt take the high road. You can't be responsible for the innocence (or stupidity) of others, but you can use your knowledge responsibly. It’s Karma that comes back to find you when you need it most.

**
In my day job, I’m the head of Products for Improved Experience, where we help employers use feedback to measure and manage engagement for competitive advantage in hiring and retention. Learn more about us here.

Do you have a question you'd like answered in this weekly forum? Drop me a line!

Comment by Maureen Sharib on May 14, 2008 at 7:46am

Comment by Amitai Givertz on May 14, 2008 at 7:58am: Maureen, I don't get it. Is the image supposed to link to something?

Comment by Maureen Sharib on May 14, 2008 at 8:23am: No - it's a comment. The word rusing will "rouse" them. Some people use the word "rouse" instead of "ruse" - I think it's more a European thing.

Comment by Amitai Givertz on May 14, 2008 at 8:33am: Ah ha! Double meanings and subtle convolutions. Maureen, you're the best.

Comment by Maureen Sharib on May 14, 2008 at 8:46am: "O divine art of subtlety and secrecy! Through you we learn to be invisible, through you inaudible; and hence we can hold the enemy's fate in our hands."
~Sun Tzu, The Art of War, VI. WEAK POINTS AND STRONG

Comment by Claudia Faust on May 14, 2008 at 9:09am: I constantly learn at the feet of the Masters. Or in this case, Mistress. Love ya, Maureen!

Comment by Amitai Givertz on May 14, 2008 at 9:09am: @ Claudia:

I like your idea of approaching companies and pointing out their vulnerabilities as an open-handed gesture. But my experience is that more often than not this can backfire. You end up distracted at best, held in suspicious contempt more likely.

I don't know if trying to "trigger the corporate immune system" ultimately serves anyone's best interests unless it is a calculated, strategic move.

To the dilemma - let me reframe the question: Is it OK to help yourself to pie off the kitchen table simply because the kitchen window is left open and the pie is within reach?

If you are suggesting we knock on the door and alert the housekeeper that there is a potential problem are you also suggesting that we do that in anticipation of getting a piece of the pie or simply because its the neighborly thing to do?

@ Maureen:

Is a list obtained from a ruse call any more or less dubious or valuable, depending on your point of view, from a list obtained by flipping site or "peeling back" a URL?

Comment by Maureen Sharib on May 14, 2008 at 10:15am: Ami, I had the same first reaction you did - the "kill the messenger" syndrome is what I THINK would be the reaction...besides, almost nobody's really listening because nobody thinks this stuff is very important...

Now: the real question. Value. I have long since given up responding by offering my definition of right and wrong in sourcing. Everyone must find their own moral compass on this thing. I can tell you this - rusing, done by a professional ruser - one who doesn't carry alot of morality baggage and looks cold and hard at the thing as a means to an end - is viciously effective and can offer tremendous time savings. But the fact of the matter is it can be done by very few because most people are not comfortable with it and it is the NUMBER ONE reason telephone sourcing is viewed with distrust and suspicion. It is a fact that telephone names sourcing can be done without rusing (lying) and as you know this is the focus behind my telephone names sourcing course, “The Magic in the Method”.

However, besides plugging my stuff once again, I’m not sure I’ve answered you. I have always believed that if something can be found on the Internet it can be found by more than one person – so a “flipped” or “peeled back’ site that offers information not seen by the casual observer but by one more skilled in Internet search – may be of more value because it is viewed less often? It’s an interesting question. I think what you’re really getting at though, is a site that offers information and is illegally accessed – that is, firewall-penetrated by hacker methodology (and why in the world would anyone want to leave an electronic trail to their keyboards like this, I ask you?) of more value than a site commonly accessed?

I would say yes, because it’s scarcer information. But dangerous indeed.

Is telephone rused information of more value than telephone information obtained by a skilled telephone sourcer?

I doubt it and the rused info could carry some legal baggage with it also.