The craft of intelligence is part art and part science. As the world grows smaller, through technology and the ability to virtually reach across the globe in seconds, our ethics, tradecraft and tools risk becoming more controversial. As private sector intelligence professionals, our work should not be as fraught as that of our government counterparts – but at times it can be – particularly when our integrity is on the line. This is one of the reasons we always recommend that our clients develop an ethics policy within their intelligence organization. These guidelines should dictate what is allowable and what is not – and what requires sign off from other authorities within the company. With that, and some recent private and public sector intelligence snafu’s in mind, we created a list of seven deadly sins of the private sector intelligence professional to help guide some of these ethics considerations.
Collection of non-public intelligence or information on a competitor company
Despite Hollywood depictions, it is generally illegal in the US to steal non-public information from a company – especially intellectual property, trade secrets, patents or new products. But it seems like at least once per year a company shows up in the press, in trouble because they asked one of their business intelligence or security intelligence functions to do just that. Think of it this way, the US government frequently prosecutes foreign nationals for engaging in these sorts of behaviors. They are no less illegal for Americans, and when it does happen it can impact a company’s stock price, reputation and legal standing. And, for those of us in private sector intelligence, it unfortunately misrepresents the entire professional field, making it that much harder to professionalize the role.
Misrepresenting oneself online or in-person
Similarly, intelligence professionals sometimes crossover from their days of covert operations in the government, unaware that this same practice is generally ethically prohibited within their companies, and in some cases – also against the law. In 2014 Sea World representatives admitted that employees had gone undercover to spy on activist groups concerned about the company’s treatment of killer whales. Although it was never made clear who gave the order to do this, the company’s already embattled market value dropped further (it was already down over intense pressure from activists), and their reputation was further damaged by the revelation. In the aftermath, the company changed their policies to disallow such actions and hired a consultant to audit the company’s security practices.
There are plenty more examples of companies ending up in trouble for this type of behavior over the years – and as such – many company’s policies prohibit this type of behavior. Even when a policy doesn’t prohibit it – in some cases misrepresenting oneself can lead to charges of fraud or entrapment.
Producing intelligence with the end result already decided or framing intelligence to support a particular point of view (AKA cherry-picking)
Intelligence analysis will undermine its purpose if the analyst writes the report to suit their particular point of view – or that of a decision-maker. While we sometimes “begin with the end in mind,” looking for evidence that only supports a particular point of view is a recipe for failure when it comes to security and risk. Consider the idea of only collecting intelligence on attacks against your company if they were perpetrated by a particular type of extremist, or people from a particular ethnic group. The end result would be an intelligence failure when we failed to account for the possibility of an attack by a repeat offender or a different type of extremist.
Failing to look for disconfirming information
Sometimes one-sided analysis is not intentional, but rather is the fault of an unintentional failure to seek out information that disproves a theory. This can be especially hazardous when analyzing cause and effect relationships that appear on the surface to be obviously explained. In 2012, petty shoplifting crime in the city of Dallas decreased by a whopping 75 percent. The result of a focused and expanded police presence, right? The hiring and academy graduation of more officers? No, a 2012 change in police policy made it extremely difficult for store owners to report petty theft. In fact, statistical anomalies are often the product of a change in reporting policy. A quick look at data on rape in Sweden tells a similar story. The data (see chart below) shows a sharp increase in rape reports starting in 2005. This increase and the resultant numbers have been misattributed to various factors but a quick look at the information provided by the Swedish government provides additional context, explaining that the definition of rape has changed over time. The increase is in fact due to a change in reporting requirements, including one which requires that every instance of rape – including marital rape, be counted separately. So, if a woman reports that she was raped once a night for a year – that counts as 365 times. But if the correlation was made that the rise in numbers correlates with the arrival of more refugees (it actually doesn’t) and the analyst failed to look for disconfirming information – they could be unintentionally passing on misinformation to decision or policymakers.
Failing to conduct thorough research and reach an accurate analysis in an effort to meet a tight deadline
We have all been there. Our decision-makers have a meeting scheduled for 9:00 AM tomorrow and must plot strategy for handling a major crisis. It is now 4:00 PM. And we really want to go home at five. The majority of private sector intelligence professionals are generalists, meaning that we alternate from topic to topic and region to region on a daily basis. Rarely do we have the luxury of hovering over one area long enough to develop a deep, sustained expertise in any one specific account. However, if we are going to do our craft justice and bring real value to our organizations, we must put the time and focus into our research required to ensure that we are providing our consumers with a fully-formed, comprehensive review of all key facts, and that our analysis takes all of this critical information into account. Reaching sound, valuable conclusions is, simply put, our craft.
Changing an analytic judgment to suit the demands of a policymaker or decision-maker
While there are moments in one’s career when it might appear wise to align with the preconceived views of our key decision-maker/s, especially when the key decision-maker in question holds the key to our professional advancement, history is replete with examples that prove just the opposite. When tempted to fall into this trap, we want to ask ourselves one question. Do we want to say what those around us want to hear, or do we want to provide wise counsel that positively impacts our organization, potentially improves decisions and outcomes, and leads to improving our security or enhancing our bottom line? A momentary decision to change analysis based on pressure from a policy-maker may seem attractive, but the bad legacy and damage to integrity that it leaves for the analyst – and potentially the entire company – is never worth it.
Refusing to consider opposing arguments, even when new evidence comes to light
None of us can completely escape our biases, human nature being what it is. But when we allow our biases to prohibit us from hearing other points of view, or even more dangerously, prevent us from taking into account new and valuable evidence, we are simply not doing our job. The temptation to defend our analysis without full consideration of the other side of the story – is usually more about our ego than the strength of our analysis. There is always another side to every story, and in most cases both sides carry a degree of truth as seen from a different perspective. Maintaining objectivity and looking at a problem from every angle is possibly the single most crucial skill required to deliver accurate and impactful analysis.
Conclusion: Intelligence without integrity is a recipe for disaster
Intelligence without ethical codes of conduct, regulatory roadmaps and oversight too often leads to abuse of power and poor decision making, based on bad information obtained by unethical means. In extreme cases, like the US invasion of Iraq in 2003, it can also lead to unnecessary loss of life. While these problems have historically been more prevalent in government, the growth of the intelligence in the private sector will, unfortunately, bring with it more problems with unethical conduct if these types of ground rules are not established and adhered to within our organizations.
Meredith Wilson is the CEO of Emergent Risk International (ERI) and Brady Roberts is the Director for Client Relations. ERI specializes in the building private sector intelligence functions, training, and providing high value intelligence for private sector organizations.