alphaspirit - Fotolia
CIO role: Should a CIO manipulate information?
IT experts react to yesterday's report in the Wall Street Journal that a CIO used his private company to manipulate online polling data. What's that say about the CIO role?
The Wall Street Journal published an article on Thursday reporting that John Gauger, the CIO of Liberty University, was hired by President Donald Trump's former personal lawyer, Michael Cohen, to manipulate online polls. The Journal reported that the work was done by Gauger's firm, Redfinch Solutions LLC, in an effort to bolster Trump's profile in anticipation of a 2016 presidential run.
We asked two IT experts to weigh in on the implications of CIOs doing things on their own time that would seem to run counter to the professional mandate of a chief information officer.
Niel Nickolaisen is a senior vice president and the CTO at O.C. Tanner, a human resources company specializing in employee recognition and compensation services. An MIT-trained engineer, Nickolaisen is a frequent writer and speaker on transforming IT.
Rami Essaid is co-founder and chief product and strategy officer at Distil Networks, a cybersecurity company specializing in bot mitigation. An expert on how bots can be used to skew online polls, he helped push the recently passed California legislation that makes this activity illegal.
CIO role, on and off the field
Niel Nickolaisen: I am shocked. First, do I not always represent my organization -- particularly if I am a senior leader of the organization? As I ponder my extracurricular activities -- those things I do outside of normal working hours -- I should reflect on what those say about me and the organization that I always represent.
Second, some of the critical attributes of a successful leader are trustworthiness and ethics. My teams and my organization must believe that I have ethical standards. What does it say of my standards if I am manipulating data to better support my personal point of view?
If I will do this, what other standards am I willing to violate? First, I would never do such a thing. And once I started trying to rationalize the reasons to do such a thing, I would know that I was crossing a line that I did not want to cross. Second, if I did such a thing, I would expect to be fired, because I always represent my organization. I am a senior leader and, as such, must always consider how what I do reflects on my organization.
CIO role vs. personal business
Rami Essaid: So much of bad behavior online is undefined. There's an entire world of actions that are in a gray zone, where we don't have definitions around whether it's OK or not. Each individual has to uniquely define each action based on their own moral compass. We shouldn't have to do this; it should be clear.
The good news is this is starting to happen; we're evolving as a society. In fact, California passed legislation that makes it illegal to use bots to deceive people on any online platform.
Though the Liberty University CIO's actions were not technically illegal at the time, his actions should still be viewed through a retrospective lens as wrong.
Should CIOs be held to a higher standard?
Essaid: There's been a delay in legislation like California's, because the rest of the world doesn't fully understand why this is wrong -- but CIOs should, and they do. The CIO is more equipped than anyone else to understand how the use of bots for manipulation like this is detrimental and wrong, as they are constantly battling these adversaries. Other CIOs recognize this and should be outraged. It's the CIO's job to know better.
Should there be a CIO code of ethics that applies to professional and personal activities?
Essaid: Every [organization] is defining a code of ethics for themselves. We're seeing a lot of companies take action by reprimanding or firing employees for bad behavior, whether it's at work or outside of work. In this case, the bad behavior fell outside of his day-to-day job.
That said, we should not mandate that every organization has a code of ethics for CIOs that extends beyond their work life. Not every organization needs to take action for employee behavior outside of work; it's a decision that some will make and others will not.
Every company should clearly define its code of ethics and expectations that pertain to company time, property, etc. But there's a hard line between professional and personal time. What someone does with their personal time is their business. If a company sets those expectations and clearly defines what the boundaries are regarding personal time, then that's one thing. However, in this case, it seems that those were not clearly defined.