Airbus' Presentation on Boeing 787 - Bad CI Ethics?

Replies to This Discussion

Permalink Reply by J Lai on December 12, 2008 at 2:09am

Perhaps its due to the different background that I come from (CI as in counter-intel as opposed to competitive intel), but I think the initial reaction here should be "What did Boeing do or not do that resulted in these slides getting out" instead of "How did acquired it?".
(Also, the same could be asked of how the Airbus slides got out and made it to the Flightglobal blog...)

Now, if Airbus had acquired these information due to negligence on the part of Boeing (and/or Boeing employee) instead of illegal activities, would it still be viewed as unethical behavior on the part of Airbus?

▶ Reply to This

Permalink Reply by Scott Yaw on December 15, 2008 at 4:54pm

As business and job pressures increase, as aggressive competition squeezes companies, as budgets tighten, expect to see more unethical behavior that will come in many forms. I'm afraid this is a sign of the times.

▶ Reply to This

Permalink Reply by Eric Garland on December 15, 2008 at 10:03pm

Just a bit of contrarianism:

I think that the word "PROPRIETARY" is pretty clear to most English speakers, but heck, it's Europe and maybe there was confusion.

That said, it makes me think - in a world changing as fast as it is, why risk ethical problems by focusing so much on competitors? In a world where old markets are incinerated and new ones generated just as fast, why not focus more broadly on customers and nascent markets?

Yes, ethics are an issue in collection, but isn't intelligence more that collection. What about...being intelligent and working more on analysis?

▶ Reply to This

Permalink Reply by J Lai on December 15, 2008 at 10:19pm

Just a few more thoughts here...

First off, do we have a chronology on the entire event here? Did Airbus issue the statement professing their innocence before FlightBlogger acquire the presentation (and perhaps, played the role of a journalist and requested comments from Airbus and Boeing?), right after Airbus present the slides, or in response to someone (perhaps someone in the audience during the presentation) questioning the legitimacy of the material internally? Without an established time-line here, it would not be prudent to simply look at the issuance of their statement as being proactive.

Next, as to the tone of the statement. Yes, Airbus does appear to be purposely vague here, however that could simply be them trying to protect their source and methodology. Just to name an example... perhaps there's a blog/site somewhere, which may or may not be in English, where a careless Boeing employee would post willy-nilly information that he/she's not suppose to? If such a place exist online (or anywhere), Airbus probably won't want the cat to be out of the bag unless legally pressed to reveal it.

Now, as for how FlightBlogger got this.... I realized shortly after I made my first reply here that the point is probably moot. If pressed FlightBlogger will probably call their acquisition of it as part of the journalistic process and circle the wagons (Yes, there's probably a bad lesson to be learned here about a completely unethical way to do certain kind of business if you read between the lines)

That said, looks like both Airbus and Boeing have some serious internal security issues to work out, never mind that Boeing just had a major leak last year (wonder if the information used by Airbus here was part of those 320,000 pages that got out).


Lastly... just throwing a question out here that may make some people uncomfortable: Just because there's a proprietary stamp on something, does that denote a definite "Hands Off!" even if its left in a place where there is no reasonable expectation for privacy?

▶ Reply to This

Permalink Reply by August Jackson on December 16, 2008 at 10:06pm

I'm going to be lazy and re-post my comments on this topic that I posted to Jon Lowder's blog last week...

This is an interesting development, and it will indeed be very interesting to see how this plays out.

As an aside on search techniques, the approach that I suggest to better evaluate the presence of proprietary information posted to the web by a company is to use the "site:" operator to designate a company's domain name as the limitation for your search. Also to use the "filetype:" operator to designate in Google (Yahoo follows the same syntax) that you want the search engine to search for Powerpoint files. So in this instance I ran a Google search for "+Proprietary filetype:ppt site:boeing.com."

I found two results. One includes a mention of proprietary data. Another is a PowerPoint file describing Boeing's intention to protest the Air Force fuel tanker award that received so much attention this past Spring (AIrbus won and the award was cancelled over claims of improper evaluation methodology).

One unknown is a difference between what was on the Boeing site and what is on the Boeing site today. It's not inconceivable that Boeing employees could have realized proprietary data was exposed and took the information down.

Another unknown is what information Airbus employees might have found using the "robots.txt" file on the Boeing site that tells search engines such as Google not to index certain files or pages on the site. The current robots.txt file on the Boeing site does not appear to limit search engines indexing of any content on the site.

In no circumstances am I suggesting that Boeing did anything to clean up their site. Only that it is within the realm of possibility that they could have done any of these things to close gaps that might have existed before. It's also conceivable that Airbus employees applied search methods more advanced (and potentially more intrusive) than my own. Again, not saying they did-- just that it is within the realm of possibility.

Many companies post information market "Proprietary and Confidential" to their public web sites. Companies in every industry. Fortune 500 (100, 50) companies that should have information security professionals that should know better. As CI professionals an important question is whether or not we are obliged to respect the privacy markings of competitors' documents that are posted and available on their public web site.

Another dimension of the problem in the corporate world is the over-reliance of Proprietary information markings. One of the principal concepts of information protection is that to protect everything is to protect nothing. In this environment it is a crap-shoot, and trade secrets are put at risk through haphazard application of the security frameworks that are intended to protect that very and truly proprietary information.

▶ Reply to This

Permalink Reply by Eric Garland on December 17, 2008 at 8:16am

I want to revise my previous comments a bit - naturally, major competitors are always going to feature prominently in competitive analysis. Ahem. That said, open source intelligence is showing some of the most promise of any branch currently under development, and it features zero unpleasant calls from another company's general counsel. You might find the following article of interest:

How to Restore Spies' Credibility: Go Open Source!

In the mid '90s, Robert Steele, a former-CIA officer and early proponent of open source intelligence, testified before the Aspin-Brown Commission about the tremendous value of unclassified information. The Commission decided to put this open source intelligence, or "OSINT," to the test and directed that Steele and his network of commercial intelligence contacts would go head-to-head against the secret intelligence community in a battle-of-the-INTs. The subject would be the tiny and generally dismal nation of Burundi. The battle was engaged at 17:00 on a Thursday and the delivery deadline was 10:00 the next Monday. On Monday morning Steele showed up with:

* The names of the top 10 journalists covering Burundi (ripe for debriefing)
* The names of the top 10 academics covering Burundi (ripe for debriefing)
* 20 two-page executive-level political-military summaries on Burundi
* Burundi order-of-battle information down to the tribal level.
* 1:50 maps of the country
* 1:50 cloud-free imagery of the country that was less than 3 years old.

The CIA showed up with a PowerPoint chart of nominal value and a regional – not country-specific – economic study. You could pretty much conduct a non-combat operation in Burundi with Steele's info; you wouldn't send your worst enemy to Burundi based on what the CIA provided.

Did we mention that open source is easier and cheaper to obtain?

▶ Reply to This

Permalink Reply by August Jackson on December 17, 2008 at 9:05am

Thanks for this example, Eric.

OSINT is an important part of any intelligence collection process, and it still surprises me the degree to which OSINT advocates are considered the tin-foil hat contingent of the government intelligence community. The cynic in me thinks part of the resistance to OSINT in the intelligence world is the maintenance of an artificial scarcity. If I tell you that only a high-priced human collector deployed to exotic and sexy locations will work then I protect my salary and lifestyle. Throw in a requirement for only "cleared" personnel to conduct or see the output of this collection and I've guaranteed high-paying jobs for me and my buddies, because we're also the determinants of who is and who is not "clearable." Clearable: conformist white guys. Not clearable: foreigners, minorities, hippies, women (they're on the bubble) and anybody who is going to question or challenge established orthodoxy.

OSINT is a valuable input to other -INT practices (such as HUMINT). Why wouldn't you look to see if your human source has a MySpace page, LinkedIn profile, blog or resume on Monster for potential background information before you approach him or her? It's inexpensive, comparatively quick and less prone to misinformation because of the transparency of public information. If I try to distribute misinformation it doesn't take too long for a competitor, academic or technical expert to call me out on it in another public forum.

OSINT is also a valuable check on human collection. Technical intelligence is a valuable way to quickly determine an appropriate range of responses as well as identify any disagreements or schisms that might exist in a subject domain. Is there a consensus? If there are schisms what is the nature and basis for those differences of opinion? Is there any upper and lower limit to valid answers from human sources? If a human source tells me that the round-trip delay requires data to travel faster than the speed of light I know something is wrong.

And, Eric, I think your previous comment about looking more broadly than competitors (customers, markets, technology, etc.) is critical in today's fast changing world. I'm a strong advocate for looking more broadly at competitors than the companies that look just like you. A competitor is any entity that can fulfill the same fundamental value for your customer. That might be a small start-up (even if you're a Fortune 50 company), that might be a non-profit or open source entity-- it might even be the customer themselves. Current suppliers are one value-add innovation away from entering your business, too.

Analysis really is the basis for delivering value, too. Aric Johnson has talked and written about "asymmetrical analysis," and I think that's fertile ground for improving the competitive intelligence practice and delivering higher value to our customers.

▶ Reply to This

Permalink Reply by Eric Garland on December 17, 2008 at 11:03am

A related question: If you took away the special effects, cinematography, bevy of international minxes, and Daniel Craig, would anyone care about James Bond?

When you think about it, the nature of intelligence collection and analysis is SO different than it was in the 1960s, those films have almost no connection to reality. Yet it remains the dominant image of clandestine intelligence - which is by nature the public's view of our job.

Maybe if we cut it out with the Matt Damon/Pierce Brosnan/George Clooney stuff, we could spread the message that intelligence and analysis is actually rigorous, intellectual and a little "boring."

But we might actually produce some decent assessments of the world as it is.

▶ Reply to This

Permalink Reply by Mark Johnson on January 20, 2009 at 11:01pm

We don't have chase scenes, shootouts or (sadly) the stunning scantily clad blonde...

The problem is that we still technically "torture". The international human rights tribunal ruled that 100-slide powerpoint decks are the corporate equivalent of Waterboarding.

With tongue in cheek...
Mark Johnson

▶ Reply to This

Permalink Reply by August Jackson on January 21, 2009 at 6:58am

I believe America's Attorney General in waiting was clear on this in his Senate hearings.

Complete aside and shameless promotion of a book I really like: To avoid being an instrument of said torture, take a look at Andrew Abela's "Advanced Presentations by Design: Creating Communication that Driv...

▶ Reply to This

Permalink Reply by Arthur Weiss on December 25, 2008 at 5:49am

I find the comments on this amusing, as in my competitive intelligence training courses i've long used Boeing as an example of what i call a "stupid company" for the quantity of proprietary and confidential information that they routinely placed online. I still have slides I used to show how such information could be found on Boeing's web-site using standard advanced web search techniques.

Anybody who knew how to search would have found a wealth of information that really should have been kept confidential on Boeing's public web-pages. Over time, most of this has been removed but a number of years ago it included material that was labeled "confidential". Boeing is now more astute about the information and although i'm sure it's still there, it's now password protected so ethically it's off-limits.

The key thing here is the definition of the word "confidential". If it's put up on a public web-site by the company itself it loses its confidentiality. A web-site is part of the advertising / PR effort of a company and so such material is by definition, public domain. In contrast, had the information only surfaced as a result of a leak to a blog site then Boeing could have had an argument that the information was confidential. This would have then have had to be decided by the courts, and using such data would depend on more factors (e.g. how long the leaked information was available before it was removed or what attempts had been taken to protect it).

▶ Reply to This

Permalink Reply by Chris Hote on December 26, 2008 at 9:29am

Hi Arthur,

I wonder whether Boeing could have put those "confidential" pieces of information for the purpose of counter intelligence. In other words, it would not take a lot of work to disclose fake "confidential" information: releasing old and buggy versions of documents.

What do you think?

Chris.

▶ Reply to This

• First
• Previous
• Next
• Last