I think that’s right, although I would distinguish between corporate and personal exposure here to some extent:
I’m most hesitant to criticize people for not personally taking actions that could increase their personal legal exposure.
I’m most willing to criticize people and organizations for not taking actions that could increase organizational legal exposure. Non-profit organizations are supposed to exist in the public interest, while individuals do not carry any above-average obligations in that way. Organizations are not moral persons whose welfare is important to me. Moreover, organizations are better able to manage risk than individuals. For purposes of the norm that s/he who benefits from an action should also generally expect to bear the attendant costs, I am more willing to ascribe the benefits of action to an organization than to an individual doing their job.[1]
Organizational decisions to remain silent to avoid risk to individuals pose thornier questions for me. I’d have to think more about that intuition after my lunch break, but some of it relate to reasonable expectations of privacy. For example, disclosure of the contents of an organizational e-mail account (where the employee had notice that it belonged to the employer without a reasonable expectation of privacy) strikes me as less problematic than asking people to divulge their personal records, information about off-work activities, and the like.
Personal liability regimes are often pernicious to people doing their jobs in a socially desirable and optimal way. The reason is that the benefit of doing the job properly / taking risks is socialized, while the costs / risks are privatized. Thus, the actor fearful of personal liability will undervalue the social benefits of proper performance / risk acceptance.
I think that’s right, although I would distinguish between corporate and personal exposure here to some extent:
I’m most hesitant to criticize people for not personally taking actions that could increase their personal legal exposure.
I’m most willing to criticize people and organizations for not taking actions that could increase organizational legal exposure. Non-profit organizations are supposed to exist in the public interest, while individuals do not carry any above-average obligations in that way. Organizations are not moral persons whose welfare is important to me. Moreover, organizations are better able to manage risk than individuals. For purposes of the norm that s/he who benefits from an action should also generally expect to bear the attendant costs, I am more willing to ascribe the benefits of action to an organization than to an individual doing their job.[1]
Organizational decisions to remain silent to avoid risk to individuals pose thornier questions for me. I’d have to think more about that intuition after my lunch break, but some of it relate to reasonable expectations of privacy. For example, disclosure of the contents of an organizational e-mail account (where the employee had notice that it belonged to the employer without a reasonable expectation of privacy) strikes me as less problematic than asking people to divulge their personal records, information about off-work activities, and the like.
Personal liability regimes are often pernicious to people doing their jobs in a socially desirable and optimal way. The reason is that the benefit of doing the job properly / taking risks is socialized, while the costs / risks are privatized. Thus, the actor fearful of personal liability will undervalue the social benefits of proper performance / risk acceptance.