Should I disclose I know sensitive information about a company relation that I wasn't supposed to know?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;







up vote
10
down vote

favorite












The story goes like this:



  • I am currently interning at one technology company.


  • I am probably going to intern at a security consultancy company.


By reading information about the security consultancy, I've figured out that they seemed to have dealt with current (tech) company on a topic that could be described as (quite) sensitive. This was from reading materials that the security consultancy made public.



  • The company name have been shortened, but is enough to make me notice by chance and am 85% sure I'm correct. This slight degree of disclosure seems intentional. I'm not sure about the motive for this.

  • I'm fairly certain they have contact (it is inferred rather than implied).

  • Knowledge that I have acquired after signing an NDA with my current employer (technology company) lets me piece the details together. No NDA with security consultancy yet.

  • My work is not classified (albeit a little sensitive) and neither are the released documents. I'd probably guess this knowledge would rank between confidential and secret in government domain.

Question:



Do I have an (moral/ethical) obligation to reveal to my current employer that I (probably) know stuff that I shouldn't know between them and the company I might intern with?



(I like my current company and wouldn't like to them to figure this out later and take it badly from some reason. I think they are on good terms, but still.)







share|improve this question

















  • 25




    "I know stuff that I shouldn't know...". You said that you found out what you know by reading public documents. How can you say it is something you shouldn't know, then?
    – Brandin
    Jul 6 '16 at 13:39






  • 1




    @Brandin US government Employees are forbidden from reading classified documents even if they were leaked to news outlets, but I doubt this is the case here.
    – SBoss
    Jul 6 '16 at 13:40







  • 5




    Whoever wrote the article (someone from your company?) must realize that you can guess if you work there. It would be like if I told you "M. and S. are having an affair." Meaningless to someone on the outside, but obviously people working at the company could guess who M and S are.
    – Brandin
    Jul 6 '16 at 13:47






  • 3




    Could you not use latter, former, current, and potential. Pick just two terms. And be clear about which company release the report.
    – paparazzo
    Jul 6 '16 at 21:11






  • 1




    VTC - Have asked for clarification on which company is which. OP has been on and not updated.
    – paparazzo
    Jul 7 '16 at 12:42
















up vote
10
down vote

favorite












The story goes like this:



  • I am currently interning at one technology company.


  • I am probably going to intern at a security consultancy company.


By reading information about the security consultancy, I've figured out that they seemed to have dealt with current (tech) company on a topic that could be described as (quite) sensitive. This was from reading materials that the security consultancy made public.



  • The company name have been shortened, but is enough to make me notice by chance and am 85% sure I'm correct. This slight degree of disclosure seems intentional. I'm not sure about the motive for this.

  • I'm fairly certain they have contact (it is inferred rather than implied).

  • Knowledge that I have acquired after signing an NDA with my current employer (technology company) lets me piece the details together. No NDA with security consultancy yet.

  • My work is not classified (albeit a little sensitive) and neither are the released documents. I'd probably guess this knowledge would rank between confidential and secret in government domain.

Question:



Do I have an (moral/ethical) obligation to reveal to my current employer that I (probably) know stuff that I shouldn't know between them and the company I might intern with?



(I like my current company and wouldn't like to them to figure this out later and take it badly from some reason. I think they are on good terms, but still.)







share|improve this question

















  • 25




    "I know stuff that I shouldn't know...". You said that you found out what you know by reading public documents. How can you say it is something you shouldn't know, then?
    – Brandin
    Jul 6 '16 at 13:39






  • 1




    @Brandin US government Employees are forbidden from reading classified documents even if they were leaked to news outlets, but I doubt this is the case here.
    – SBoss
    Jul 6 '16 at 13:40







  • 5




    Whoever wrote the article (someone from your company?) must realize that you can guess if you work there. It would be like if I told you "M. and S. are having an affair." Meaningless to someone on the outside, but obviously people working at the company could guess who M and S are.
    – Brandin
    Jul 6 '16 at 13:47






  • 3




    Could you not use latter, former, current, and potential. Pick just two terms. And be clear about which company release the report.
    – paparazzo
    Jul 6 '16 at 21:11






  • 1




    VTC - Have asked for clarification on which company is which. OP has been on and not updated.
    – paparazzo
    Jul 7 '16 at 12:42












up vote
10
down vote

favorite









up vote
10
down vote

favorite











The story goes like this:



  • I am currently interning at one technology company.


  • I am probably going to intern at a security consultancy company.


By reading information about the security consultancy, I've figured out that they seemed to have dealt with current (tech) company on a topic that could be described as (quite) sensitive. This was from reading materials that the security consultancy made public.



  • The company name have been shortened, but is enough to make me notice by chance and am 85% sure I'm correct. This slight degree of disclosure seems intentional. I'm not sure about the motive for this.

  • I'm fairly certain they have contact (it is inferred rather than implied).

  • Knowledge that I have acquired after signing an NDA with my current employer (technology company) lets me piece the details together. No NDA with security consultancy yet.

  • My work is not classified (albeit a little sensitive) and neither are the released documents. I'd probably guess this knowledge would rank between confidential and secret in government domain.

Question:



Do I have an (moral/ethical) obligation to reveal to my current employer that I (probably) know stuff that I shouldn't know between them and the company I might intern with?



(I like my current company and wouldn't like to them to figure this out later and take it badly from some reason. I think they are on good terms, but still.)







share|improve this question













The story goes like this:



  • I am currently interning at one technology company.


  • I am probably going to intern at a security consultancy company.


By reading information about the security consultancy, I've figured out that they seemed to have dealt with current (tech) company on a topic that could be described as (quite) sensitive. This was from reading materials that the security consultancy made public.



  • The company name have been shortened, but is enough to make me notice by chance and am 85% sure I'm correct. This slight degree of disclosure seems intentional. I'm not sure about the motive for this.

  • I'm fairly certain they have contact (it is inferred rather than implied).

  • Knowledge that I have acquired after signing an NDA with my current employer (technology company) lets me piece the details together. No NDA with security consultancy yet.

  • My work is not classified (albeit a little sensitive) and neither are the released documents. I'd probably guess this knowledge would rank between confidential and secret in government domain.

Question:



Do I have an (moral/ethical) obligation to reveal to my current employer that I (probably) know stuff that I shouldn't know between them and the company I might intern with?



(I like my current company and wouldn't like to them to figure this out later and take it badly from some reason. I think they are on good terms, but still.)









share|improve this question












share|improve this question




share|improve this question








edited Jul 12 '16 at 17:18
























asked Jul 6 '16 at 13:33









Peter Smith

5415




5415







  • 25




    "I know stuff that I shouldn't know...". You said that you found out what you know by reading public documents. How can you say it is something you shouldn't know, then?
    – Brandin
    Jul 6 '16 at 13:39






  • 1




    @Brandin US government Employees are forbidden from reading classified documents even if they were leaked to news outlets, but I doubt this is the case here.
    – SBoss
    Jul 6 '16 at 13:40







  • 5




    Whoever wrote the article (someone from your company?) must realize that you can guess if you work there. It would be like if I told you "M. and S. are having an affair." Meaningless to someone on the outside, but obviously people working at the company could guess who M and S are.
    – Brandin
    Jul 6 '16 at 13:47






  • 3




    Could you not use latter, former, current, and potential. Pick just two terms. And be clear about which company release the report.
    – paparazzo
    Jul 6 '16 at 21:11






  • 1




    VTC - Have asked for clarification on which company is which. OP has been on and not updated.
    – paparazzo
    Jul 7 '16 at 12:42












  • 25




    "I know stuff that I shouldn't know...". You said that you found out what you know by reading public documents. How can you say it is something you shouldn't know, then?
    – Brandin
    Jul 6 '16 at 13:39






  • 1




    @Brandin US government Employees are forbidden from reading classified documents even if they were leaked to news outlets, but I doubt this is the case here.
    – SBoss
    Jul 6 '16 at 13:40







  • 5




    Whoever wrote the article (someone from your company?) must realize that you can guess if you work there. It would be like if I told you "M. and S. are having an affair." Meaningless to someone on the outside, but obviously people working at the company could guess who M and S are.
    – Brandin
    Jul 6 '16 at 13:47






  • 3




    Could you not use latter, former, current, and potential. Pick just two terms. And be clear about which company release the report.
    – paparazzo
    Jul 6 '16 at 21:11






  • 1




    VTC - Have asked for clarification on which company is which. OP has been on and not updated.
    – paparazzo
    Jul 7 '16 at 12:42







25




25




"I know stuff that I shouldn't know...". You said that you found out what you know by reading public documents. How can you say it is something you shouldn't know, then?
– Brandin
Jul 6 '16 at 13:39




"I know stuff that I shouldn't know...". You said that you found out what you know by reading public documents. How can you say it is something you shouldn't know, then?
– Brandin
Jul 6 '16 at 13:39




1




1




@Brandin US government Employees are forbidden from reading classified documents even if they were leaked to news outlets, but I doubt this is the case here.
– SBoss
Jul 6 '16 at 13:40





@Brandin US government Employees are forbidden from reading classified documents even if they were leaked to news outlets, but I doubt this is the case here.
– SBoss
Jul 6 '16 at 13:40





5




5




Whoever wrote the article (someone from your company?) must realize that you can guess if you work there. It would be like if I told you "M. and S. are having an affair." Meaningless to someone on the outside, but obviously people working at the company could guess who M and S are.
– Brandin
Jul 6 '16 at 13:47




Whoever wrote the article (someone from your company?) must realize that you can guess if you work there. It would be like if I told you "M. and S. are having an affair." Meaningless to someone on the outside, but obviously people working at the company could guess who M and S are.
– Brandin
Jul 6 '16 at 13:47




3




3




Could you not use latter, former, current, and potential. Pick just two terms. And be clear about which company release the report.
– paparazzo
Jul 6 '16 at 21:11




Could you not use latter, former, current, and potential. Pick just two terms. And be clear about which company release the report.
– paparazzo
Jul 6 '16 at 21:11




1




1




VTC - Have asked for clarification on which company is which. OP has been on and not updated.
– paparazzo
Jul 7 '16 at 12:42




VTC - Have asked for clarification on which company is which. OP has been on and not updated.
– paparazzo
Jul 7 '16 at 12:42










5 Answers
5






active

oldest

votes

















up vote
25
down vote













Here's the way it is:




If no one asks you whether you know anything about it all, don't volunteer the information.




Most likely if the information was that sensitive no reference would be made to it in public materials, so for all you know you're blowing it all out of proportion anyway.



But asuming that it is super secret, why would you walk up to your potential employer and basically say "I know what you did last summer."



Leave well enough alone, and congrats on the new job.






share|improve this answer

















  • 8




    @ChrisG - give me a break. It's not as if the OP wrote those documents, or has any personal responsibility, especially as an intern who's there for a few months.
    – AndreiROM
    Jul 6 '16 at 15:38






  • 3




    If you've ever worked around classified information, you actually do have that responsibility. I likely would have had your same reaction before exposure to the defense industry.
    – Chris G
    Jul 6 '16 at 15:42






  • 2




    That is an irresponsible view of security. I can tell you that is not the US federal government view of security. Leaked/published information (intentional or unintentional) is still sensitive. If you have knowledge it is sensitive then you have to treat it as such. Adding inference to published information based on sensitive information is a security beach.
    – paparazzo
    Jul 6 '16 at 16:09







  • 2




    The OP was asking about whether or not to tell his current employer not whether or not to tell his potential employer. Good answer, but wrong question.
    – Anketam
    Jul 6 '16 at 19:14






  • 4




    @ChrisG Why would an intern have classified clearance from either company? This seems obviously confidential information and not classified information with very high probability.
    – Nate Diamond
    Jul 6 '16 at 20:42

















up vote
8
down vote













Hold your horses - I may have read the question incorrectly and it will would change my answer.

It is not clear on later / former. Not clear on which company released the report.



Question:



Do I have an (moral/ethical) obligation to reveal to my current employer that I (probably) know stuff that I shouldn't know between them and the company I might intern with?



Going to assume you have the NDA with you current company.



You read some public information and attached that to some sensitive information. Disclosing ANYTHING about the sensitive information is disclosing sensitive information. Even if you don't disclose the information directly saying I know this company is really X based on access I had to sensitive information is a breach of security. A leak (intentional or not) does not make the information public. If you know the information (or anything about it) to be sensitive then you have an obligation to treat it as sensitive.



If the sensitive information is about your current company then you are not disclosing anything sensitive to you current company.



You read a public report. That is not something you shouldn't know. Give a copy of the report to your current company and tell them it may be disclosing more than they want.



Cannot go the security company and say I think you are talking about my current company as then you would be violating you NDA (in my opinion).



If you disclose to the security company you suspect a prior relationship based on knowledge of sensitive information then the security companay will think this guy is not very good at keeping sensitive information to himself.



I work in IT and have had security clearance. Many times I have had to pretend I don't know. You only discuss or acknowledge sensitive information with a 3rd party when your boss tells you to.






share|improve this answer























  • Does not change my answer but is the govt classified information and do you a govt clearance?
    – paparazzo
    Jul 6 '16 at 15:37










  • Down vote I hope you don't have access to sensitive information.
    – paparazzo
    Jul 6 '16 at 15:38










  • Not downvoter, but wouldn't OP have the obligation to the party who wrote the article, to make sure it was ok to disclose? For instance, if you have a clearance and come across something that is or should be classified, you are obliged to report it to the government so they can take appropriate action.
    – whrrgarbl
    Jul 6 '16 at 16:25






  • 1




    @whrrgarbl Comments are not for discussion but I don't get your logic. No it is not ok to disclose sensitive information (even if someone else has). The party that wrote the article attempted to anonymize. It may just be by chance. You cannot discuss or acknowledge sensitive data with B with disclosing sensitive information. If they had legit access to the sensitive information does not change that. Now company A where you actually have the security clearance is another story. Take the report to them and say there may be a leak is fair play.
    – paparazzo
    Jul 6 '16 at 16:39











  • My comment was intended for clarification; I didn't understand which entities "A" and "B" were your answer. Your answer only discusses not disclosing to "B", but does not address "A" (your reply has clarified that, thanks).
    – whrrgarbl
    Jul 6 '16 at 16:50

















up vote
2
down vote













Is there an actual problem that you discovered



The first step in determining of whether to disclose or not to disclose is if you found something that has an impact. Would the information you found have an impact on your current employer (tech company) if the media came to the same conclusion as you and decided to broadcast it to the world? If not then there is no point in reading any further you have no obligations in anyway. Let it go and look forward to your new job.



Types of obligations



Per the wording of your question you do not have a moral or ethical obligation to let your current employer know, even if it has the potential to hurt the company. If you signed any document like what people sign when they get a government clearance then you would be legally obligated to report this information (this likely does not apply to you, but you should know what you signed when you started working for them). If your job description included things like security, public relations, or interacting with the security company in question, then you would be obligated to act upon it since that would be part of your job (again I am assuming this does not apply to you).



I could only think of one reason to share it with your current employer despite not being obligated to which is: You don't want to risk your current company getting damaged. If your company gets damaged it can mean downsizing which could mean loss of employment or the work place becoming toxic.



Sharing can be dangerous



Lastly note that if you do share this with your current employer there is a slim chance that this can go far differently then you would expect. For example it could turn out that it was your company that produced the document and the security company has no responsibility or knowledge of this. As a result they (tech company) could try to react by suppressing all information on it, discrediting those who know of it, and/or retaliating against the person who exposed it (which in this case would be you).






share|improve this answer






























    up vote
    1
    down vote













    Assuming you're dealing with government classified information. Check with your company's security department.



    One of the classification considerations is whether unclassified information can be combined to discover classified information.



    The company likely has a strong security policy (you likely should have been briefed on it during an orientation). Check any resource or self-help documents related to security and ethics.



    I know that I am encouraged to report any potential violation. As someone uncleared, if I learn something classified, it is my responsibility to report it ASAP. If I don't, I am responsible for a security breach.



    There is no down side here. You demonstrate that you care about company security, and potentially save the company a HUGE problem. Go talk to security right now.






    share|improve this answer

















    • 2




      At no point in the question does it even mention government, let alone classified information. So despite having good information in your answer it does not address the moral/ethical obligation part of the question.
      – Anketam
      Jul 6 '16 at 19:36

















    up vote
    0
    down vote













    First off, you got the information through legitimate means, so no moral quandary there.



    Second, I'd hire you on the spot for being that clever and maintaining such high legal and ethical standards.



    Third, you've got one heck of an answer to the old "Why should we hire you" question.



    That said, you should not reveal the information unless you are doing so to advance your career.



    You may want to approach the management and show them how their obfuscation failed, but only if you have a way to demonstrate how you would have done better.



    You have a real opportunity here that you can put on your resume that will make you shine like a star:



    -Discovered security vulnerability in public documentation linking collaboration between two companies. Reported to superiors, protecting company from X dollars in potential losses.



    EDITED to say:



    You're clever, but keep this close to the vest.



    Here's the question you need to ask yourself before proceeding: "If I were not employed by this company, could I have discovered this on my own" If it's "yes", then you may want to approach the company. If no, then keep it to yourself, you've breeched security, though unintentionally, and it could be an embarrassment to the company.






    share|improve this answer























    • Or the OP might just come across as a smart ass know it all. Remember, he's just an intern, so he's pretty low on the totem pole.
      – AndreiROM
      Jul 6 '16 at 13:49










    • Pascal's wager. The risk of being wrong is far lower than the reward for being right in this instance. Having read the evil overlord's list, I'd want the kid, let the other company keep the genius.
      – Richard U
      Jul 6 '16 at 13:52










    • Thank you for thinking highly of me, but feel I needed to clarify the question: Consultancy helped tech company, it was not independent lines of thought.
      – Peter Smith
      Jul 6 '16 at 14:18










    • Not going to vote you down but no way I reward a person that disclosed sensitive information. The connection was made based on sensitive information. That would be a leak of sensitive and really frowned upon.
      – paparazzo
      Jul 6 '16 at 14:35










    • @Paparazzi ah, yeah, I see that now. going to revise...
      – Richard U
      Jul 6 '16 at 14:46










    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "423"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    noCode: true, onDemand: false,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );








     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f70939%2fshould-i-disclose-i-know-sensitive-information-about-a-company-relation-that-i-w%23new-answer', 'question_page');

    );

    Post as a guest

























    StackExchange.ready(function ()
    $("#show-editor-button input, #show-editor-button button").click(function ()
    var showEditor = function()
    $("#show-editor-button").hide();
    $("#post-form").removeClass("dno");
    StackExchange.editor.finallyInit();
    ;

    var useFancy = $(this).data('confirm-use-fancy');
    if(useFancy == 'True')
    var popupTitle = $(this).data('confirm-fancy-title');
    var popupBody = $(this).data('confirm-fancy-body');
    var popupAccept = $(this).data('confirm-fancy-accept-button');

    $(this).loadPopup(
    url: '/post/self-answer-popup',
    loaded: function(popup)
    var pTitle = $(popup).find('h2');
    var pBody = $(popup).find('.popup-body');
    var pSubmit = $(popup).find('.popup-submit');

    pTitle.text(popupTitle);
    pBody.html(popupBody);
    pSubmit.val(popupAccept).click(showEditor);

    )
    else
    var confirmText = $(this).data('confirm-text');
    if (confirmText ? confirm(confirmText) : true)
    showEditor();


    );
    );






    5 Answers
    5






    active

    oldest

    votes








    5 Answers
    5






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    25
    down vote













    Here's the way it is:




    If no one asks you whether you know anything about it all, don't volunteer the information.




    Most likely if the information was that sensitive no reference would be made to it in public materials, so for all you know you're blowing it all out of proportion anyway.



    But asuming that it is super secret, why would you walk up to your potential employer and basically say "I know what you did last summer."



    Leave well enough alone, and congrats on the new job.






    share|improve this answer

















    • 8




      @ChrisG - give me a break. It's not as if the OP wrote those documents, or has any personal responsibility, especially as an intern who's there for a few months.
      – AndreiROM
      Jul 6 '16 at 15:38






    • 3




      If you've ever worked around classified information, you actually do have that responsibility. I likely would have had your same reaction before exposure to the defense industry.
      – Chris G
      Jul 6 '16 at 15:42






    • 2




      That is an irresponsible view of security. I can tell you that is not the US federal government view of security. Leaked/published information (intentional or unintentional) is still sensitive. If you have knowledge it is sensitive then you have to treat it as such. Adding inference to published information based on sensitive information is a security beach.
      – paparazzo
      Jul 6 '16 at 16:09







    • 2




      The OP was asking about whether or not to tell his current employer not whether or not to tell his potential employer. Good answer, but wrong question.
      – Anketam
      Jul 6 '16 at 19:14






    • 4




      @ChrisG Why would an intern have classified clearance from either company? This seems obviously confidential information and not classified information with very high probability.
      – Nate Diamond
      Jul 6 '16 at 20:42














    up vote
    25
    down vote













    Here's the way it is:




    If no one asks you whether you know anything about it all, don't volunteer the information.




    Most likely if the information was that sensitive no reference would be made to it in public materials, so for all you know you're blowing it all out of proportion anyway.



    But asuming that it is super secret, why would you walk up to your potential employer and basically say "I know what you did last summer."



    Leave well enough alone, and congrats on the new job.






    share|improve this answer

















    • 8




      @ChrisG - give me a break. It's not as if the OP wrote those documents, or has any personal responsibility, especially as an intern who's there for a few months.
      – AndreiROM
      Jul 6 '16 at 15:38






    • 3




      If you've ever worked around classified information, you actually do have that responsibility. I likely would have had your same reaction before exposure to the defense industry.
      – Chris G
      Jul 6 '16 at 15:42






    • 2




      That is an irresponsible view of security. I can tell you that is not the US federal government view of security. Leaked/published information (intentional or unintentional) is still sensitive. If you have knowledge it is sensitive then you have to treat it as such. Adding inference to published information based on sensitive information is a security beach.
      – paparazzo
      Jul 6 '16 at 16:09







    • 2




      The OP was asking about whether or not to tell his current employer not whether or not to tell his potential employer. Good answer, but wrong question.
      – Anketam
      Jul 6 '16 at 19:14






    • 4




      @ChrisG Why would an intern have classified clearance from either company? This seems obviously confidential information and not classified information with very high probability.
      – Nate Diamond
      Jul 6 '16 at 20:42












    up vote
    25
    down vote










    up vote
    25
    down vote









    Here's the way it is:




    If no one asks you whether you know anything about it all, don't volunteer the information.




    Most likely if the information was that sensitive no reference would be made to it in public materials, so for all you know you're blowing it all out of proportion anyway.



    But asuming that it is super secret, why would you walk up to your potential employer and basically say "I know what you did last summer."



    Leave well enough alone, and congrats on the new job.






    share|improve this answer













    Here's the way it is:




    If no one asks you whether you know anything about it all, don't volunteer the information.




    Most likely if the information was that sensitive no reference would be made to it in public materials, so for all you know you're blowing it all out of proportion anyway.



    But asuming that it is super secret, why would you walk up to your potential employer and basically say "I know what you did last summer."



    Leave well enough alone, and congrats on the new job.







    share|improve this answer













    share|improve this answer



    share|improve this answer











    answered Jul 6 '16 at 13:41









    AndreiROM

    44k21101173




    44k21101173







    • 8




      @ChrisG - give me a break. It's not as if the OP wrote those documents, or has any personal responsibility, especially as an intern who's there for a few months.
      – AndreiROM
      Jul 6 '16 at 15:38






    • 3




      If you've ever worked around classified information, you actually do have that responsibility. I likely would have had your same reaction before exposure to the defense industry.
      – Chris G
      Jul 6 '16 at 15:42






    • 2




      That is an irresponsible view of security. I can tell you that is not the US federal government view of security. Leaked/published information (intentional or unintentional) is still sensitive. If you have knowledge it is sensitive then you have to treat it as such. Adding inference to published information based on sensitive information is a security beach.
      – paparazzo
      Jul 6 '16 at 16:09







    • 2




      The OP was asking about whether or not to tell his current employer not whether or not to tell his potential employer. Good answer, but wrong question.
      – Anketam
      Jul 6 '16 at 19:14






    • 4




      @ChrisG Why would an intern have classified clearance from either company? This seems obviously confidential information and not classified information with very high probability.
      – Nate Diamond
      Jul 6 '16 at 20:42












    • 8




      @ChrisG - give me a break. It's not as if the OP wrote those documents, or has any personal responsibility, especially as an intern who's there for a few months.
      – AndreiROM
      Jul 6 '16 at 15:38






    • 3




      If you've ever worked around classified information, you actually do have that responsibility. I likely would have had your same reaction before exposure to the defense industry.
      – Chris G
      Jul 6 '16 at 15:42






    • 2




      That is an irresponsible view of security. I can tell you that is not the US federal government view of security. Leaked/published information (intentional or unintentional) is still sensitive. If you have knowledge it is sensitive then you have to treat it as such. Adding inference to published information based on sensitive information is a security beach.
      – paparazzo
      Jul 6 '16 at 16:09







    • 2




      The OP was asking about whether or not to tell his current employer not whether or not to tell his potential employer. Good answer, but wrong question.
      – Anketam
      Jul 6 '16 at 19:14






    • 4




      @ChrisG Why would an intern have classified clearance from either company? This seems obviously confidential information and not classified information with very high probability.
      – Nate Diamond
      Jul 6 '16 at 20:42







    8




    8




    @ChrisG - give me a break. It's not as if the OP wrote those documents, or has any personal responsibility, especially as an intern who's there for a few months.
    – AndreiROM
    Jul 6 '16 at 15:38




    @ChrisG - give me a break. It's not as if the OP wrote those documents, or has any personal responsibility, especially as an intern who's there for a few months.
    – AndreiROM
    Jul 6 '16 at 15:38




    3




    3




    If you've ever worked around classified information, you actually do have that responsibility. I likely would have had your same reaction before exposure to the defense industry.
    – Chris G
    Jul 6 '16 at 15:42




    If you've ever worked around classified information, you actually do have that responsibility. I likely would have had your same reaction before exposure to the defense industry.
    – Chris G
    Jul 6 '16 at 15:42




    2




    2




    That is an irresponsible view of security. I can tell you that is not the US federal government view of security. Leaked/published information (intentional or unintentional) is still sensitive. If you have knowledge it is sensitive then you have to treat it as such. Adding inference to published information based on sensitive information is a security beach.
    – paparazzo
    Jul 6 '16 at 16:09





    That is an irresponsible view of security. I can tell you that is not the US federal government view of security. Leaked/published information (intentional or unintentional) is still sensitive. If you have knowledge it is sensitive then you have to treat it as such. Adding inference to published information based on sensitive information is a security beach.
    – paparazzo
    Jul 6 '16 at 16:09





    2




    2




    The OP was asking about whether or not to tell his current employer not whether or not to tell his potential employer. Good answer, but wrong question.
    – Anketam
    Jul 6 '16 at 19:14




    The OP was asking about whether or not to tell his current employer not whether or not to tell his potential employer. Good answer, but wrong question.
    – Anketam
    Jul 6 '16 at 19:14




    4




    4




    @ChrisG Why would an intern have classified clearance from either company? This seems obviously confidential information and not classified information with very high probability.
    – Nate Diamond
    Jul 6 '16 at 20:42




    @ChrisG Why would an intern have classified clearance from either company? This seems obviously confidential information and not classified information with very high probability.
    – Nate Diamond
    Jul 6 '16 at 20:42












    up vote
    8
    down vote













    Hold your horses - I may have read the question incorrectly and it will would change my answer.

    It is not clear on later / former. Not clear on which company released the report.



    Question:



    Do I have an (moral/ethical) obligation to reveal to my current employer that I (probably) know stuff that I shouldn't know between them and the company I might intern with?



    Going to assume you have the NDA with you current company.



    You read some public information and attached that to some sensitive information. Disclosing ANYTHING about the sensitive information is disclosing sensitive information. Even if you don't disclose the information directly saying I know this company is really X based on access I had to sensitive information is a breach of security. A leak (intentional or not) does not make the information public. If you know the information (or anything about it) to be sensitive then you have an obligation to treat it as sensitive.



    If the sensitive information is about your current company then you are not disclosing anything sensitive to you current company.



    You read a public report. That is not something you shouldn't know. Give a copy of the report to your current company and tell them it may be disclosing more than they want.



    Cannot go the security company and say I think you are talking about my current company as then you would be violating you NDA (in my opinion).



    If you disclose to the security company you suspect a prior relationship based on knowledge of sensitive information then the security companay will think this guy is not very good at keeping sensitive information to himself.



    I work in IT and have had security clearance. Many times I have had to pretend I don't know. You only discuss or acknowledge sensitive information with a 3rd party when your boss tells you to.






    share|improve this answer























    • Does not change my answer but is the govt classified information and do you a govt clearance?
      – paparazzo
      Jul 6 '16 at 15:37










    • Down vote I hope you don't have access to sensitive information.
      – paparazzo
      Jul 6 '16 at 15:38










    • Not downvoter, but wouldn't OP have the obligation to the party who wrote the article, to make sure it was ok to disclose? For instance, if you have a clearance and come across something that is or should be classified, you are obliged to report it to the government so they can take appropriate action.
      – whrrgarbl
      Jul 6 '16 at 16:25






    • 1




      @whrrgarbl Comments are not for discussion but I don't get your logic. No it is not ok to disclose sensitive information (even if someone else has). The party that wrote the article attempted to anonymize. It may just be by chance. You cannot discuss or acknowledge sensitive data with B with disclosing sensitive information. If they had legit access to the sensitive information does not change that. Now company A where you actually have the security clearance is another story. Take the report to them and say there may be a leak is fair play.
      – paparazzo
      Jul 6 '16 at 16:39











    • My comment was intended for clarification; I didn't understand which entities "A" and "B" were your answer. Your answer only discusses not disclosing to "B", but does not address "A" (your reply has clarified that, thanks).
      – whrrgarbl
      Jul 6 '16 at 16:50














    up vote
    8
    down vote













    Hold your horses - I may have read the question incorrectly and it will would change my answer.

    It is not clear on later / former. Not clear on which company released the report.



    Question:



    Do I have an (moral/ethical) obligation to reveal to my current employer that I (probably) know stuff that I shouldn't know between them and the company I might intern with?



    Going to assume you have the NDA with you current company.



    You read some public information and attached that to some sensitive information. Disclosing ANYTHING about the sensitive information is disclosing sensitive information. Even if you don't disclose the information directly saying I know this company is really X based on access I had to sensitive information is a breach of security. A leak (intentional or not) does not make the information public. If you know the information (or anything about it) to be sensitive then you have an obligation to treat it as sensitive.



    If the sensitive information is about your current company then you are not disclosing anything sensitive to you current company.



    You read a public report. That is not something you shouldn't know. Give a copy of the report to your current company and tell them it may be disclosing more than they want.



    Cannot go the security company and say I think you are talking about my current company as then you would be violating you NDA (in my opinion).



    If you disclose to the security company you suspect a prior relationship based on knowledge of sensitive information then the security companay will think this guy is not very good at keeping sensitive information to himself.



    I work in IT and have had security clearance. Many times I have had to pretend I don't know. You only discuss or acknowledge sensitive information with a 3rd party when your boss tells you to.






    share|improve this answer























    • Does not change my answer but is the govt classified information and do you a govt clearance?
      – paparazzo
      Jul 6 '16 at 15:37










    • Down vote I hope you don't have access to sensitive information.
      – paparazzo
      Jul 6 '16 at 15:38










    • Not downvoter, but wouldn't OP have the obligation to the party who wrote the article, to make sure it was ok to disclose? For instance, if you have a clearance and come across something that is or should be classified, you are obliged to report it to the government so they can take appropriate action.
      – whrrgarbl
      Jul 6 '16 at 16:25






    • 1




      @whrrgarbl Comments are not for discussion but I don't get your logic. No it is not ok to disclose sensitive information (even if someone else has). The party that wrote the article attempted to anonymize. It may just be by chance. You cannot discuss or acknowledge sensitive data with B with disclosing sensitive information. If they had legit access to the sensitive information does not change that. Now company A where you actually have the security clearance is another story. Take the report to them and say there may be a leak is fair play.
      – paparazzo
      Jul 6 '16 at 16:39











    • My comment was intended for clarification; I didn't understand which entities "A" and "B" were your answer. Your answer only discusses not disclosing to "B", but does not address "A" (your reply has clarified that, thanks).
      – whrrgarbl
      Jul 6 '16 at 16:50












    up vote
    8
    down vote










    up vote
    8
    down vote









    Hold your horses - I may have read the question incorrectly and it will would change my answer.

    It is not clear on later / former. Not clear on which company released the report.



    Question:



    Do I have an (moral/ethical) obligation to reveal to my current employer that I (probably) know stuff that I shouldn't know between them and the company I might intern with?



    Going to assume you have the NDA with you current company.



    You read some public information and attached that to some sensitive information. Disclosing ANYTHING about the sensitive information is disclosing sensitive information. Even if you don't disclose the information directly saying I know this company is really X based on access I had to sensitive information is a breach of security. A leak (intentional or not) does not make the information public. If you know the information (or anything about it) to be sensitive then you have an obligation to treat it as sensitive.



    If the sensitive information is about your current company then you are not disclosing anything sensitive to you current company.



    You read a public report. That is not something you shouldn't know. Give a copy of the report to your current company and tell them it may be disclosing more than they want.



    Cannot go the security company and say I think you are talking about my current company as then you would be violating you NDA (in my opinion).



    If you disclose to the security company you suspect a prior relationship based on knowledge of sensitive information then the security companay will think this guy is not very good at keeping sensitive information to himself.



    I work in IT and have had security clearance. Many times I have had to pretend I don't know. You only discuss or acknowledge sensitive information with a 3rd party when your boss tells you to.






    share|improve this answer















    Hold your horses - I may have read the question incorrectly and it will would change my answer.

    It is not clear on later / former. Not clear on which company released the report.



    Question:



    Do I have an (moral/ethical) obligation to reveal to my current employer that I (probably) know stuff that I shouldn't know between them and the company I might intern with?



    Going to assume you have the NDA with you current company.



    You read some public information and attached that to some sensitive information. Disclosing ANYTHING about the sensitive information is disclosing sensitive information. Even if you don't disclose the information directly saying I know this company is really X based on access I had to sensitive information is a breach of security. A leak (intentional or not) does not make the information public. If you know the information (or anything about it) to be sensitive then you have an obligation to treat it as sensitive.



    If the sensitive information is about your current company then you are not disclosing anything sensitive to you current company.



    You read a public report. That is not something you shouldn't know. Give a copy of the report to your current company and tell them it may be disclosing more than they want.



    Cannot go the security company and say I think you are talking about my current company as then you would be violating you NDA (in my opinion).



    If you disclose to the security company you suspect a prior relationship based on knowledge of sensitive information then the security companay will think this guy is not very good at keeping sensitive information to himself.



    I work in IT and have had security clearance. Many times I have had to pretend I don't know. You only discuss or acknowledge sensitive information with a 3rd party when your boss tells you to.







    share|improve this answer















    share|improve this answer



    share|improve this answer








    edited Jul 11 '16 at 18:22


























    answered Jul 6 '16 at 14:17









    paparazzo

    33.3k657106




    33.3k657106











    • Does not change my answer but is the govt classified information and do you a govt clearance?
      – paparazzo
      Jul 6 '16 at 15:37










    • Down vote I hope you don't have access to sensitive information.
      – paparazzo
      Jul 6 '16 at 15:38










    • Not downvoter, but wouldn't OP have the obligation to the party who wrote the article, to make sure it was ok to disclose? For instance, if you have a clearance and come across something that is or should be classified, you are obliged to report it to the government so they can take appropriate action.
      – whrrgarbl
      Jul 6 '16 at 16:25






    • 1




      @whrrgarbl Comments are not for discussion but I don't get your logic. No it is not ok to disclose sensitive information (even if someone else has). The party that wrote the article attempted to anonymize. It may just be by chance. You cannot discuss or acknowledge sensitive data with B with disclosing sensitive information. If they had legit access to the sensitive information does not change that. Now company A where you actually have the security clearance is another story. Take the report to them and say there may be a leak is fair play.
      – paparazzo
      Jul 6 '16 at 16:39











    • My comment was intended for clarification; I didn't understand which entities "A" and "B" were your answer. Your answer only discusses not disclosing to "B", but does not address "A" (your reply has clarified that, thanks).
      – whrrgarbl
      Jul 6 '16 at 16:50
















    • Does not change my answer but is the govt classified information and do you a govt clearance?
      – paparazzo
      Jul 6 '16 at 15:37










    • Down vote I hope you don't have access to sensitive information.
      – paparazzo
      Jul 6 '16 at 15:38










    • Not downvoter, but wouldn't OP have the obligation to the party who wrote the article, to make sure it was ok to disclose? For instance, if you have a clearance and come across something that is or should be classified, you are obliged to report it to the government so they can take appropriate action.
      – whrrgarbl
      Jul 6 '16 at 16:25






    • 1




      @whrrgarbl Comments are not for discussion but I don't get your logic. No it is not ok to disclose sensitive information (even if someone else has). The party that wrote the article attempted to anonymize. It may just be by chance. You cannot discuss or acknowledge sensitive data with B with disclosing sensitive information. If they had legit access to the sensitive information does not change that. Now company A where you actually have the security clearance is another story. Take the report to them and say there may be a leak is fair play.
      – paparazzo
      Jul 6 '16 at 16:39











    • My comment was intended for clarification; I didn't understand which entities "A" and "B" were your answer. Your answer only discusses not disclosing to "B", but does not address "A" (your reply has clarified that, thanks).
      – whrrgarbl
      Jul 6 '16 at 16:50















    Does not change my answer but is the govt classified information and do you a govt clearance?
    – paparazzo
    Jul 6 '16 at 15:37




    Does not change my answer but is the govt classified information and do you a govt clearance?
    – paparazzo
    Jul 6 '16 at 15:37












    Down vote I hope you don't have access to sensitive information.
    – paparazzo
    Jul 6 '16 at 15:38




    Down vote I hope you don't have access to sensitive information.
    – paparazzo
    Jul 6 '16 at 15:38












    Not downvoter, but wouldn't OP have the obligation to the party who wrote the article, to make sure it was ok to disclose? For instance, if you have a clearance and come across something that is or should be classified, you are obliged to report it to the government so they can take appropriate action.
    – whrrgarbl
    Jul 6 '16 at 16:25




    Not downvoter, but wouldn't OP have the obligation to the party who wrote the article, to make sure it was ok to disclose? For instance, if you have a clearance and come across something that is or should be classified, you are obliged to report it to the government so they can take appropriate action.
    – whrrgarbl
    Jul 6 '16 at 16:25




    1




    1




    @whrrgarbl Comments are not for discussion but I don't get your logic. No it is not ok to disclose sensitive information (even if someone else has). The party that wrote the article attempted to anonymize. It may just be by chance. You cannot discuss or acknowledge sensitive data with B with disclosing sensitive information. If they had legit access to the sensitive information does not change that. Now company A where you actually have the security clearance is another story. Take the report to them and say there may be a leak is fair play.
    – paparazzo
    Jul 6 '16 at 16:39





    @whrrgarbl Comments are not for discussion but I don't get your logic. No it is not ok to disclose sensitive information (even if someone else has). The party that wrote the article attempted to anonymize. It may just be by chance. You cannot discuss or acknowledge sensitive data with B with disclosing sensitive information. If they had legit access to the sensitive information does not change that. Now company A where you actually have the security clearance is another story. Take the report to them and say there may be a leak is fair play.
    – paparazzo
    Jul 6 '16 at 16:39













    My comment was intended for clarification; I didn't understand which entities "A" and "B" were your answer. Your answer only discusses not disclosing to "B", but does not address "A" (your reply has clarified that, thanks).
    – whrrgarbl
    Jul 6 '16 at 16:50




    My comment was intended for clarification; I didn't understand which entities "A" and "B" were your answer. Your answer only discusses not disclosing to "B", but does not address "A" (your reply has clarified that, thanks).
    – whrrgarbl
    Jul 6 '16 at 16:50










    up vote
    2
    down vote













    Is there an actual problem that you discovered



    The first step in determining of whether to disclose or not to disclose is if you found something that has an impact. Would the information you found have an impact on your current employer (tech company) if the media came to the same conclusion as you and decided to broadcast it to the world? If not then there is no point in reading any further you have no obligations in anyway. Let it go and look forward to your new job.



    Types of obligations



    Per the wording of your question you do not have a moral or ethical obligation to let your current employer know, even if it has the potential to hurt the company. If you signed any document like what people sign when they get a government clearance then you would be legally obligated to report this information (this likely does not apply to you, but you should know what you signed when you started working for them). If your job description included things like security, public relations, or interacting with the security company in question, then you would be obligated to act upon it since that would be part of your job (again I am assuming this does not apply to you).



    I could only think of one reason to share it with your current employer despite not being obligated to which is: You don't want to risk your current company getting damaged. If your company gets damaged it can mean downsizing which could mean loss of employment or the work place becoming toxic.



    Sharing can be dangerous



    Lastly note that if you do share this with your current employer there is a slim chance that this can go far differently then you would expect. For example it could turn out that it was your company that produced the document and the security company has no responsibility or knowledge of this. As a result they (tech company) could try to react by suppressing all information on it, discrediting those who know of it, and/or retaliating against the person who exposed it (which in this case would be you).






    share|improve this answer



























      up vote
      2
      down vote













      Is there an actual problem that you discovered



      The first step in determining of whether to disclose or not to disclose is if you found something that has an impact. Would the information you found have an impact on your current employer (tech company) if the media came to the same conclusion as you and decided to broadcast it to the world? If not then there is no point in reading any further you have no obligations in anyway. Let it go and look forward to your new job.



      Types of obligations



      Per the wording of your question you do not have a moral or ethical obligation to let your current employer know, even if it has the potential to hurt the company. If you signed any document like what people sign when they get a government clearance then you would be legally obligated to report this information (this likely does not apply to you, but you should know what you signed when you started working for them). If your job description included things like security, public relations, or interacting with the security company in question, then you would be obligated to act upon it since that would be part of your job (again I am assuming this does not apply to you).



      I could only think of one reason to share it with your current employer despite not being obligated to which is: You don't want to risk your current company getting damaged. If your company gets damaged it can mean downsizing which could mean loss of employment or the work place becoming toxic.



      Sharing can be dangerous



      Lastly note that if you do share this with your current employer there is a slim chance that this can go far differently then you would expect. For example it could turn out that it was your company that produced the document and the security company has no responsibility or knowledge of this. As a result they (tech company) could try to react by suppressing all information on it, discrediting those who know of it, and/or retaliating against the person who exposed it (which in this case would be you).






      share|improve this answer

























        up vote
        2
        down vote










        up vote
        2
        down vote









        Is there an actual problem that you discovered



        The first step in determining of whether to disclose or not to disclose is if you found something that has an impact. Would the information you found have an impact on your current employer (tech company) if the media came to the same conclusion as you and decided to broadcast it to the world? If not then there is no point in reading any further you have no obligations in anyway. Let it go and look forward to your new job.



        Types of obligations



        Per the wording of your question you do not have a moral or ethical obligation to let your current employer know, even if it has the potential to hurt the company. If you signed any document like what people sign when they get a government clearance then you would be legally obligated to report this information (this likely does not apply to you, but you should know what you signed when you started working for them). If your job description included things like security, public relations, or interacting with the security company in question, then you would be obligated to act upon it since that would be part of your job (again I am assuming this does not apply to you).



        I could only think of one reason to share it with your current employer despite not being obligated to which is: You don't want to risk your current company getting damaged. If your company gets damaged it can mean downsizing which could mean loss of employment or the work place becoming toxic.



        Sharing can be dangerous



        Lastly note that if you do share this with your current employer there is a slim chance that this can go far differently then you would expect. For example it could turn out that it was your company that produced the document and the security company has no responsibility or knowledge of this. As a result they (tech company) could try to react by suppressing all information on it, discrediting those who know of it, and/or retaliating against the person who exposed it (which in this case would be you).






        share|improve this answer















        Is there an actual problem that you discovered



        The first step in determining of whether to disclose or not to disclose is if you found something that has an impact. Would the information you found have an impact on your current employer (tech company) if the media came to the same conclusion as you and decided to broadcast it to the world? If not then there is no point in reading any further you have no obligations in anyway. Let it go and look forward to your new job.



        Types of obligations



        Per the wording of your question you do not have a moral or ethical obligation to let your current employer know, even if it has the potential to hurt the company. If you signed any document like what people sign when they get a government clearance then you would be legally obligated to report this information (this likely does not apply to you, but you should know what you signed when you started working for them). If your job description included things like security, public relations, or interacting with the security company in question, then you would be obligated to act upon it since that would be part of your job (again I am assuming this does not apply to you).



        I could only think of one reason to share it with your current employer despite not being obligated to which is: You don't want to risk your current company getting damaged. If your company gets damaged it can mean downsizing which could mean loss of employment or the work place becoming toxic.



        Sharing can be dangerous



        Lastly note that if you do share this with your current employer there is a slim chance that this can go far differently then you would expect. For example it could turn out that it was your company that produced the document and the security company has no responsibility or knowledge of this. As a result they (tech company) could try to react by suppressing all information on it, discrediting those who know of it, and/or retaliating against the person who exposed it (which in this case would be you).







        share|improve this answer















        share|improve this answer



        share|improve this answer








        edited Jul 6 '16 at 19:38


























        answered Jul 6 '16 at 19:33









        Anketam

        3,75321134




        3,75321134




















            up vote
            1
            down vote













            Assuming you're dealing with government classified information. Check with your company's security department.



            One of the classification considerations is whether unclassified information can be combined to discover classified information.



            The company likely has a strong security policy (you likely should have been briefed on it during an orientation). Check any resource or self-help documents related to security and ethics.



            I know that I am encouraged to report any potential violation. As someone uncleared, if I learn something classified, it is my responsibility to report it ASAP. If I don't, I am responsible for a security breach.



            There is no down side here. You demonstrate that you care about company security, and potentially save the company a HUGE problem. Go talk to security right now.






            share|improve this answer

















            • 2




              At no point in the question does it even mention government, let alone classified information. So despite having good information in your answer it does not address the moral/ethical obligation part of the question.
              – Anketam
              Jul 6 '16 at 19:36














            up vote
            1
            down vote













            Assuming you're dealing with government classified information. Check with your company's security department.



            One of the classification considerations is whether unclassified information can be combined to discover classified information.



            The company likely has a strong security policy (you likely should have been briefed on it during an orientation). Check any resource or self-help documents related to security and ethics.



            I know that I am encouraged to report any potential violation. As someone uncleared, if I learn something classified, it is my responsibility to report it ASAP. If I don't, I am responsible for a security breach.



            There is no down side here. You demonstrate that you care about company security, and potentially save the company a HUGE problem. Go talk to security right now.






            share|improve this answer

















            • 2




              At no point in the question does it even mention government, let alone classified information. So despite having good information in your answer it does not address the moral/ethical obligation part of the question.
              – Anketam
              Jul 6 '16 at 19:36












            up vote
            1
            down vote










            up vote
            1
            down vote









            Assuming you're dealing with government classified information. Check with your company's security department.



            One of the classification considerations is whether unclassified information can be combined to discover classified information.



            The company likely has a strong security policy (you likely should have been briefed on it during an orientation). Check any resource or self-help documents related to security and ethics.



            I know that I am encouraged to report any potential violation. As someone uncleared, if I learn something classified, it is my responsibility to report it ASAP. If I don't, I am responsible for a security breach.



            There is no down side here. You demonstrate that you care about company security, and potentially save the company a HUGE problem. Go talk to security right now.






            share|improve this answer













            Assuming you're dealing with government classified information. Check with your company's security department.



            One of the classification considerations is whether unclassified information can be combined to discover classified information.



            The company likely has a strong security policy (you likely should have been briefed on it during an orientation). Check any resource or self-help documents related to security and ethics.



            I know that I am encouraged to report any potential violation. As someone uncleared, if I learn something classified, it is my responsibility to report it ASAP. If I don't, I am responsible for a security breach.



            There is no down side here. You demonstrate that you care about company security, and potentially save the company a HUGE problem. Go talk to security right now.







            share|improve this answer













            share|improve this answer



            share|improve this answer











            answered Jul 6 '16 at 15:25









            Chris G

            10.8k22549




            10.8k22549







            • 2




              At no point in the question does it even mention government, let alone classified information. So despite having good information in your answer it does not address the moral/ethical obligation part of the question.
              – Anketam
              Jul 6 '16 at 19:36












            • 2




              At no point in the question does it even mention government, let alone classified information. So despite having good information in your answer it does not address the moral/ethical obligation part of the question.
              – Anketam
              Jul 6 '16 at 19:36







            2




            2




            At no point in the question does it even mention government, let alone classified information. So despite having good information in your answer it does not address the moral/ethical obligation part of the question.
            – Anketam
            Jul 6 '16 at 19:36




            At no point in the question does it even mention government, let alone classified information. So despite having good information in your answer it does not address the moral/ethical obligation part of the question.
            – Anketam
            Jul 6 '16 at 19:36










            up vote
            0
            down vote













            First off, you got the information through legitimate means, so no moral quandary there.



            Second, I'd hire you on the spot for being that clever and maintaining such high legal and ethical standards.



            Third, you've got one heck of an answer to the old "Why should we hire you" question.



            That said, you should not reveal the information unless you are doing so to advance your career.



            You may want to approach the management and show them how their obfuscation failed, but only if you have a way to demonstrate how you would have done better.



            You have a real opportunity here that you can put on your resume that will make you shine like a star:



            -Discovered security vulnerability in public documentation linking collaboration between two companies. Reported to superiors, protecting company from X dollars in potential losses.



            EDITED to say:



            You're clever, but keep this close to the vest.



            Here's the question you need to ask yourself before proceeding: "If I were not employed by this company, could I have discovered this on my own" If it's "yes", then you may want to approach the company. If no, then keep it to yourself, you've breeched security, though unintentionally, and it could be an embarrassment to the company.






            share|improve this answer























            • Or the OP might just come across as a smart ass know it all. Remember, he's just an intern, so he's pretty low on the totem pole.
              – AndreiROM
              Jul 6 '16 at 13:49










            • Pascal's wager. The risk of being wrong is far lower than the reward for being right in this instance. Having read the evil overlord's list, I'd want the kid, let the other company keep the genius.
              – Richard U
              Jul 6 '16 at 13:52










            • Thank you for thinking highly of me, but feel I needed to clarify the question: Consultancy helped tech company, it was not independent lines of thought.
              – Peter Smith
              Jul 6 '16 at 14:18










            • Not going to vote you down but no way I reward a person that disclosed sensitive information. The connection was made based on sensitive information. That would be a leak of sensitive and really frowned upon.
              – paparazzo
              Jul 6 '16 at 14:35










            • @Paparazzi ah, yeah, I see that now. going to revise...
              – Richard U
              Jul 6 '16 at 14:46














            up vote
            0
            down vote













            First off, you got the information through legitimate means, so no moral quandary there.



            Second, I'd hire you on the spot for being that clever and maintaining such high legal and ethical standards.



            Third, you've got one heck of an answer to the old "Why should we hire you" question.



            That said, you should not reveal the information unless you are doing so to advance your career.



            You may want to approach the management and show them how their obfuscation failed, but only if you have a way to demonstrate how you would have done better.



            You have a real opportunity here that you can put on your resume that will make you shine like a star:



            -Discovered security vulnerability in public documentation linking collaboration between two companies. Reported to superiors, protecting company from X dollars in potential losses.



            EDITED to say:



            You're clever, but keep this close to the vest.



            Here's the question you need to ask yourself before proceeding: "If I were not employed by this company, could I have discovered this on my own" If it's "yes", then you may want to approach the company. If no, then keep it to yourself, you've breeched security, though unintentionally, and it could be an embarrassment to the company.






            share|improve this answer























            • Or the OP might just come across as a smart ass know it all. Remember, he's just an intern, so he's pretty low on the totem pole.
              – AndreiROM
              Jul 6 '16 at 13:49










            • Pascal's wager. The risk of being wrong is far lower than the reward for being right in this instance. Having read the evil overlord's list, I'd want the kid, let the other company keep the genius.
              – Richard U
              Jul 6 '16 at 13:52










            • Thank you for thinking highly of me, but feel I needed to clarify the question: Consultancy helped tech company, it was not independent lines of thought.
              – Peter Smith
              Jul 6 '16 at 14:18










            • Not going to vote you down but no way I reward a person that disclosed sensitive information. The connection was made based on sensitive information. That would be a leak of sensitive and really frowned upon.
              – paparazzo
              Jul 6 '16 at 14:35










            • @Paparazzi ah, yeah, I see that now. going to revise...
              – Richard U
              Jul 6 '16 at 14:46












            up vote
            0
            down vote










            up vote
            0
            down vote









            First off, you got the information through legitimate means, so no moral quandary there.



            Second, I'd hire you on the spot for being that clever and maintaining such high legal and ethical standards.



            Third, you've got one heck of an answer to the old "Why should we hire you" question.



            That said, you should not reveal the information unless you are doing so to advance your career.



            You may want to approach the management and show them how their obfuscation failed, but only if you have a way to demonstrate how you would have done better.



            You have a real opportunity here that you can put on your resume that will make you shine like a star:



            -Discovered security vulnerability in public documentation linking collaboration between two companies. Reported to superiors, protecting company from X dollars in potential losses.



            EDITED to say:



            You're clever, but keep this close to the vest.



            Here's the question you need to ask yourself before proceeding: "If I were not employed by this company, could I have discovered this on my own" If it's "yes", then you may want to approach the company. If no, then keep it to yourself, you've breeched security, though unintentionally, and it could be an embarrassment to the company.






            share|improve this answer















            First off, you got the information through legitimate means, so no moral quandary there.



            Second, I'd hire you on the spot for being that clever and maintaining such high legal and ethical standards.



            Third, you've got one heck of an answer to the old "Why should we hire you" question.



            That said, you should not reveal the information unless you are doing so to advance your career.



            You may want to approach the management and show them how their obfuscation failed, but only if you have a way to demonstrate how you would have done better.



            You have a real opportunity here that you can put on your resume that will make you shine like a star:



            -Discovered security vulnerability in public documentation linking collaboration between two companies. Reported to superiors, protecting company from X dollars in potential losses.



            EDITED to say:



            You're clever, but keep this close to the vest.



            Here's the question you need to ask yourself before proceeding: "If I were not employed by this company, could I have discovered this on my own" If it's "yes", then you may want to approach the company. If no, then keep it to yourself, you've breeched security, though unintentionally, and it could be an embarrassment to the company.







            share|improve this answer















            share|improve this answer



            share|improve this answer








            edited Jul 6 '16 at 14:50


























            answered Jul 6 '16 at 13:45









            Richard U

            77.2k56200307




            77.2k56200307











            • Or the OP might just come across as a smart ass know it all. Remember, he's just an intern, so he's pretty low on the totem pole.
              – AndreiROM
              Jul 6 '16 at 13:49










            • Pascal's wager. The risk of being wrong is far lower than the reward for being right in this instance. Having read the evil overlord's list, I'd want the kid, let the other company keep the genius.
              – Richard U
              Jul 6 '16 at 13:52










            • Thank you for thinking highly of me, but feel I needed to clarify the question: Consultancy helped tech company, it was not independent lines of thought.
              – Peter Smith
              Jul 6 '16 at 14:18










            • Not going to vote you down but no way I reward a person that disclosed sensitive information. The connection was made based on sensitive information. That would be a leak of sensitive and really frowned upon.
              – paparazzo
              Jul 6 '16 at 14:35










            • @Paparazzi ah, yeah, I see that now. going to revise...
              – Richard U
              Jul 6 '16 at 14:46
















            • Or the OP might just come across as a smart ass know it all. Remember, he's just an intern, so he's pretty low on the totem pole.
              – AndreiROM
              Jul 6 '16 at 13:49










            • Pascal's wager. The risk of being wrong is far lower than the reward for being right in this instance. Having read the evil overlord's list, I'd want the kid, let the other company keep the genius.
              – Richard U
              Jul 6 '16 at 13:52










            • Thank you for thinking highly of me, but feel I needed to clarify the question: Consultancy helped tech company, it was not independent lines of thought.
              – Peter Smith
              Jul 6 '16 at 14:18










            • Not going to vote you down but no way I reward a person that disclosed sensitive information. The connection was made based on sensitive information. That would be a leak of sensitive and really frowned upon.
              – paparazzo
              Jul 6 '16 at 14:35










            • @Paparazzi ah, yeah, I see that now. going to revise...
              – Richard U
              Jul 6 '16 at 14:46















            Or the OP might just come across as a smart ass know it all. Remember, he's just an intern, so he's pretty low on the totem pole.
            – AndreiROM
            Jul 6 '16 at 13:49




            Or the OP might just come across as a smart ass know it all. Remember, he's just an intern, so he's pretty low on the totem pole.
            – AndreiROM
            Jul 6 '16 at 13:49












            Pascal's wager. The risk of being wrong is far lower than the reward for being right in this instance. Having read the evil overlord's list, I'd want the kid, let the other company keep the genius.
            – Richard U
            Jul 6 '16 at 13:52




            Pascal's wager. The risk of being wrong is far lower than the reward for being right in this instance. Having read the evil overlord's list, I'd want the kid, let the other company keep the genius.
            – Richard U
            Jul 6 '16 at 13:52












            Thank you for thinking highly of me, but feel I needed to clarify the question: Consultancy helped tech company, it was not independent lines of thought.
            – Peter Smith
            Jul 6 '16 at 14:18




            Thank you for thinking highly of me, but feel I needed to clarify the question: Consultancy helped tech company, it was not independent lines of thought.
            – Peter Smith
            Jul 6 '16 at 14:18












            Not going to vote you down but no way I reward a person that disclosed sensitive information. The connection was made based on sensitive information. That would be a leak of sensitive and really frowned upon.
            – paparazzo
            Jul 6 '16 at 14:35




            Not going to vote you down but no way I reward a person that disclosed sensitive information. The connection was made based on sensitive information. That would be a leak of sensitive and really frowned upon.
            – paparazzo
            Jul 6 '16 at 14:35












            @Paparazzi ah, yeah, I see that now. going to revise...
            – Richard U
            Jul 6 '16 at 14:46




            @Paparazzi ah, yeah, I see that now. going to revise...
            – Richard U
            Jul 6 '16 at 14:46












             

            draft saved


            draft discarded


























             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f70939%2fshould-i-disclose-i-know-sensitive-information-about-a-company-relation-that-i-w%23new-answer', 'question_page');

            );

            Post as a guest

















































































            Comments

            Popular posts from this blog

            What does second last employer means? [closed]

            Installing NextGIS Connect into QGIS 3?

            One-line joke