Andreas Whittam Smith: A chilling lesson we can learn from Hewlett Packard

In the past few days, Hewlett-Packard has lost its chairwoman, has seen three other senior executives leave in a hurry, has found itself under investigation by state and federal prosecutors in the United States as well as by the Securities and Exchange Commission, and has been reprimanded by a Congressional Committee. These are dramatic events for this giant of corporate America, a leading manufacturer of printers and ink cartridges and computers.

The story, involving as it does disregard for privacy and flagrant corporate spying, is not something about which we can say - oh, that could only happen in California and not here. I am writing about it precisely because it gives a vivid picture of what has become a global phenomenon - distrust and the easy availability of surveillance techniques. Spying is no longer confined to the pages of a John le Carré novel or to the work of MI5 and MI6; it is an activity which could snare any of us, however innocent we believe our lives to be.

The starting point is familiar. There was a dispute about strategy in the Hewlett-Packard boardroom. So far, so normal. And the second stage is pretty common too - partisan directors leaked their version of boardroom discussions to the press. And, soon afterwards, what should have been the confidential details of the search for a new chief executive were also reported in the media.

Normally this would come under the rubric of "stuff happens". The chair would give members of the board a stiff lecture. Hewlett-Packard, however, already had what the chairwoman, Patricia Dunn, called, in a strange phrase, a "captive subsidiary" that carried out private investigations on people. It conducted, for instance, background checks on the health of candidates for senior jobs. It was a seemingly small step, then, for Ms Dunn to ask this same firm to find the source of the boardroom leaks.

The sleuths got to work. They went through 10,000 articles about Hewlett-Packard to determine which ones contained secret information. One piece about a board meeting quoted an anonymous source as saying: "By the time the lectures were done at 10 pm, we were pooped and went to bed." Which board member, the investigators wondered, would use such an old fashioned word as "pooped" or even "lectures", a reference more common in an academic setting than in a business meeting. These verbal clues pointed to a particular director, who became the prime suspect.

However, the investigators needed more than coincidence - they required proof. So they sought to obtain the suspect's private phone records. First, someone called the telephone company posing as a customer service representative who was having difficulty in accessing the target's account. That didn't work. The investigators, however, kept trying until at last they achieved what they wanted: they first managed to block the victim's text message facility so that he couldn't be notified if his account information was being changed. Then they got into his account, changed his e-mail address and password. As a result, they could examine everything and find the "proof" they were seeking.

The director concerned was asked to leave, but he had guessed what had been going on. He complained loudly and got the attention of the law enforcement agencies. Hewlett-Packard has since endured a month of unfavourable daily coverage. The climax was less the resignation of the chairwoman, although that was serious enough, than her summons to explain herself to lawmakers in Washington last Thursday.

This was the most chilling episode in the whole story. For Ms Dunn refused to accept any blame whatever and confessed herself unable to see that what the company had done was wrong. She said that she had the responsibility to identify the source of the leak: "I did not propose the specific methods" and those who performed the investigation "let me and the company down". She never had reason to believe that illegal methods were used.

And, she said, she repeatedly sought assurances that what was being done was legal from those directly involved. Presumably she never saw the warning from a senior official of the company who wrote that techniques of using subterfuge to gain private phone records were "very unethical at the least and quite likely illegal."

Ms Dunn's attitudes are not so unusual as we might care to think. Her moral imperative was the company and its interests. She saw the rights of her fellow directors as quite subordinate to that greater good. Vis-à-vis the company, she couldn't conceive that the notion of privacy was something that must be respected. Blinded by duty, Ms Dunn failed to realise that asking people whether they are sure that what they are doing is legal is hardly ever likely to elicit the response that they are not sure.

Thus when members of the Congressional Committee asked Ms Dunn to agree that what she had done was unethical, she refused to express contrition. Exasperated, Representative Cliff Stearns, Republican of Florida, said: "I get the sense that you still don't believe that you did anything wrong". She replied: "I do not accept personal responsibility for what happened". In other words, Ms Dunn, like many others, believes that spying on each other is just part of the world in which we live. Surveillance is not an activity reserved solely for the state. Anybody can do it. Hewlett-Packard is a warning.