Down To Business: HP Investigation: Two-Ring Circus
With each new allegation of board impropriety, the stakes get greater for the technology company--and for the politicos who aim to extract its full PR value. Get ready for the greatest show on earth.
It's hard to decide which is the bigger spectacle: the sight of Hewlett-Packard principals reacting to escalating evidence of boardroom misconduct, or that of government power brokers lining up to declare their indignation.
At last count, the U.S. Attorney's office, the offices of at least two state attorneys general, the House Committee on Energy and Commerce and its Oversight and Investigations Subcommittee, as well as the FCC, SEC, and FBI all want a piece of HP and its cohorts. Expect much grandstanding in the coming weeks.
The company last week admitted to some underhanded tactics: that private investigators hired by its board of directors used false pretenses to obtain phone and fax records of people suspected of leaking or receiving leaks of internal information--so-called pretexting. HP also said the investigators followed a board member and journalist, and even planted a "tracer" on a journalist's computer to try to pinpoint the source of leaked information. Three board members have resigned in connection with the scandal, including chairwoman Patricia Dunn, who stepped down for good last week.
CEO and newly appointed chairman Mark Hurd, in a public address on Friday, called the investigation tactics "disturbing" and apologized to journalists and others pulled into the leak probe. Hurd, who joined HP as CEO in April 2005, just before the leak investigation got under way, maintained last week that he had only perfunctory knowledge of its ongoing tactics. For instance, he said he approved a phony E-mail that was sent to the journalist to try to pinpoint the board leak, but he also said he was unaware that a tracer would be attached to it. Hurd didn't take questions on Friday, saying he would leave those to the House oversight subcommittee, which opens hearings on the matter this week.
Congress is inserting itself into the affair ostensibly because there's no federal law that outright bans pretexting, though the law in HP's home state of California is pretty clear. Several people connected to the HP scandal have been subpoenaed to testify at those hearings (Hurd volunteered). Expect at least one "what did you know and when did you know it" sound bite from the interrogators.
Meantime, the FCC is probing AT&T's role in disclosing phone records to the HP private investigators. The U.S. Attorney's office for Northern California and the SEC are requesting information about the various processes the company used in ferreting out leakers. California's attorney general said last week that he had enough evidence to charge HP insiders with crimes but at press time had taken no formal action.
If you're a public company, especially one with a profile as high as HP's, you shouldn't need formal policy or law to tell you that certain conduct is flat out stupid. The HP affair is oddly reminiscent of Seinfeld character George Costanza's desktop fling with the office cleaning lady. "Was that wrong?" George replies after being told he's fired for the act. "Should I have not done that? I tell you. I gotta plead ignorance on this thing because if anyone had said anything to me at all when I first started here that that sort of thing was frowned upon ..."
Let's get on with the show. If HP board members and executives broke the law, then California's AG should prosecute them. If they flouted company policy, they should be fired. But spare us the inevitable Enron comparisons and corporate greed hyperbole.
Already last week, Michigan's Bart Stupak, the senior Democrat on the House oversight subcommittee, was wondering aloud whether pretexting is a widespread corporate practice. "If Hewlett-Packard is doing it, a big company like that, I think many companies in the United States have used pretexting for their purposes," Stupak told Reuters. A follow-the-herd Boardroom Accountability Act (BAA) or a sprawling Stupak-Whitfield Act (Stufield?) can't be too far away, all because one company's board went way over the top.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.