Is it wrong to peek at a colleague's paycheck?












29














As a background story, I am part of the IT personnel at the company.



The company wants to create a system to automate the invoicing and billing process using our internal system, because at the moment we're doing all of those manually by looking at the transaction history on our system and then copy/paste to an online accounting system service.



Obviously I need access to be able to request an API call to that accounting system online to create the invoice/billing from our internal system. Additionally I need full access to the system to do that (the accounting system we're using is not very good to be able to implement a minimum access policy for this, but it is good enough for us so far).



Consequently since we're using the same system and the same account both for our customer and internal accounting stuff (staff paycheck, bills, etc.), I could see literally everything (we're a small company with <20 staff in the office).



Is it ethically wrong to have a peek at staff paychecks?










share|improve this question









New contributor




aries is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 115




    Wait, are you experimenting on the real "production server"? What happens if you mistakenly flush all the data? Usually this kind of job is done on an experimental server, where you (or someone else) has full access and can create users and data quickly, so you can play with some "dummy" data, and not risk damaging the real database
    – frarugi87
    yesterday






  • 38




    Are you breaching any data protection laws in your country by peeking at information for no reason beyond idle curiosity?
    – Kozaky
    yesterday






  • 43




    @Kozaky the OP's profile indicates they are UK based - so what the OP proposes would be a GDPR violation
    – motosubatsu
    yesterday






  • 84




    The fact that you're asking kinda indicates you already know the answer is yes. So, what is your question?
    – rath
    yesterday






  • 13




    To be fair, someone has to administer the live database, and in a small outfit this might very well be a developer on the team, so having access to live data can be a necessity and does not have to be illegal in itself. It always struck me as funny though that my colleagues who are accountants have a code of conduct, a register and are made to swear an oath about this, while us techies who have far more access to sensitive data have none of that. And apparently have to go to stack exchange for advice on this, while it should have been subject 1 of day 1 on the job.
    – Douwe
    yesterday


















29














As a background story, I am part of the IT personnel at the company.



The company wants to create a system to automate the invoicing and billing process using our internal system, because at the moment we're doing all of those manually by looking at the transaction history on our system and then copy/paste to an online accounting system service.



Obviously I need access to be able to request an API call to that accounting system online to create the invoice/billing from our internal system. Additionally I need full access to the system to do that (the accounting system we're using is not very good to be able to implement a minimum access policy for this, but it is good enough for us so far).



Consequently since we're using the same system and the same account both for our customer and internal accounting stuff (staff paycheck, bills, etc.), I could see literally everything (we're a small company with <20 staff in the office).



Is it ethically wrong to have a peek at staff paychecks?










share|improve this question









New contributor




aries is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 115




    Wait, are you experimenting on the real "production server"? What happens if you mistakenly flush all the data? Usually this kind of job is done on an experimental server, where you (or someone else) has full access and can create users and data quickly, so you can play with some "dummy" data, and not risk damaging the real database
    – frarugi87
    yesterday






  • 38




    Are you breaching any data protection laws in your country by peeking at information for no reason beyond idle curiosity?
    – Kozaky
    yesterday






  • 43




    @Kozaky the OP's profile indicates they are UK based - so what the OP proposes would be a GDPR violation
    – motosubatsu
    yesterday






  • 84




    The fact that you're asking kinda indicates you already know the answer is yes. So, what is your question?
    – rath
    yesterday






  • 13




    To be fair, someone has to administer the live database, and in a small outfit this might very well be a developer on the team, so having access to live data can be a necessity and does not have to be illegal in itself. It always struck me as funny though that my colleagues who are accountants have a code of conduct, a register and are made to swear an oath about this, while us techies who have far more access to sensitive data have none of that. And apparently have to go to stack exchange for advice on this, while it should have been subject 1 of day 1 on the job.
    – Douwe
    yesterday
















29












29








29


2





As a background story, I am part of the IT personnel at the company.



The company wants to create a system to automate the invoicing and billing process using our internal system, because at the moment we're doing all of those manually by looking at the transaction history on our system and then copy/paste to an online accounting system service.



Obviously I need access to be able to request an API call to that accounting system online to create the invoice/billing from our internal system. Additionally I need full access to the system to do that (the accounting system we're using is not very good to be able to implement a minimum access policy for this, but it is good enough for us so far).



Consequently since we're using the same system and the same account both for our customer and internal accounting stuff (staff paycheck, bills, etc.), I could see literally everything (we're a small company with <20 staff in the office).



Is it ethically wrong to have a peek at staff paychecks?










share|improve this question









New contributor




aries is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











As a background story, I am part of the IT personnel at the company.



The company wants to create a system to automate the invoicing and billing process using our internal system, because at the moment we're doing all of those manually by looking at the transaction history on our system and then copy/paste to an online accounting system service.



Obviously I need access to be able to request an API call to that accounting system online to create the invoice/billing from our internal system. Additionally I need full access to the system to do that (the accounting system we're using is not very good to be able to implement a minimum access policy for this, but it is good enough for us so far).



Consequently since we're using the same system and the same account both for our customer and internal accounting stuff (staff paycheck, bills, etc.), I could see literally everything (we're a small company with <20 staff in the office).



Is it ethically wrong to have a peek at staff paychecks?







salary ethics united-kingdom






share|improve this question









New contributor




aries is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




aries is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 9 hours ago









RedSonja

2,30021016




2,30021016






New contributor




aries is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked yesterday









aries

26326




26326




New contributor




aries is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





aries is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






aries is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 115




    Wait, are you experimenting on the real "production server"? What happens if you mistakenly flush all the data? Usually this kind of job is done on an experimental server, where you (or someone else) has full access and can create users and data quickly, so you can play with some "dummy" data, and not risk damaging the real database
    – frarugi87
    yesterday






  • 38




    Are you breaching any data protection laws in your country by peeking at information for no reason beyond idle curiosity?
    – Kozaky
    yesterday






  • 43




    @Kozaky the OP's profile indicates they are UK based - so what the OP proposes would be a GDPR violation
    – motosubatsu
    yesterday






  • 84




    The fact that you're asking kinda indicates you already know the answer is yes. So, what is your question?
    – rath
    yesterday






  • 13




    To be fair, someone has to administer the live database, and in a small outfit this might very well be a developer on the team, so having access to live data can be a necessity and does not have to be illegal in itself. It always struck me as funny though that my colleagues who are accountants have a code of conduct, a register and are made to swear an oath about this, while us techies who have far more access to sensitive data have none of that. And apparently have to go to stack exchange for advice on this, while it should have been subject 1 of day 1 on the job.
    – Douwe
    yesterday
















  • 115




    Wait, are you experimenting on the real "production server"? What happens if you mistakenly flush all the data? Usually this kind of job is done on an experimental server, where you (or someone else) has full access and can create users and data quickly, so you can play with some "dummy" data, and not risk damaging the real database
    – frarugi87
    yesterday






  • 38




    Are you breaching any data protection laws in your country by peeking at information for no reason beyond idle curiosity?
    – Kozaky
    yesterday






  • 43




    @Kozaky the OP's profile indicates they are UK based - so what the OP proposes would be a GDPR violation
    – motosubatsu
    yesterday






  • 84




    The fact that you're asking kinda indicates you already know the answer is yes. So, what is your question?
    – rath
    yesterday






  • 13




    To be fair, someone has to administer the live database, and in a small outfit this might very well be a developer on the team, so having access to live data can be a necessity and does not have to be illegal in itself. It always struck me as funny though that my colleagues who are accountants have a code of conduct, a register and are made to swear an oath about this, while us techies who have far more access to sensitive data have none of that. And apparently have to go to stack exchange for advice on this, while it should have been subject 1 of day 1 on the job.
    – Douwe
    yesterday










115




115




Wait, are you experimenting on the real "production server"? What happens if you mistakenly flush all the data? Usually this kind of job is done on an experimental server, where you (or someone else) has full access and can create users and data quickly, so you can play with some "dummy" data, and not risk damaging the real database
– frarugi87
yesterday




Wait, are you experimenting on the real "production server"? What happens if you mistakenly flush all the data? Usually this kind of job is done on an experimental server, where you (or someone else) has full access and can create users and data quickly, so you can play with some "dummy" data, and not risk damaging the real database
– frarugi87
yesterday




38




38




Are you breaching any data protection laws in your country by peeking at information for no reason beyond idle curiosity?
– Kozaky
yesterday




Are you breaching any data protection laws in your country by peeking at information for no reason beyond idle curiosity?
– Kozaky
yesterday




43




43




@Kozaky the OP's profile indicates they are UK based - so what the OP proposes would be a GDPR violation
– motosubatsu
yesterday




@Kozaky the OP's profile indicates they are UK based - so what the OP proposes would be a GDPR violation
– motosubatsu
yesterday




84




84




The fact that you're asking kinda indicates you already know the answer is yes. So, what is your question?
– rath
yesterday




The fact that you're asking kinda indicates you already know the answer is yes. So, what is your question?
– rath
yesterday




13




13




To be fair, someone has to administer the live database, and in a small outfit this might very well be a developer on the team, so having access to live data can be a necessity and does not have to be illegal in itself. It always struck me as funny though that my colleagues who are accountants have a code of conduct, a register and are made to swear an oath about this, while us techies who have far more access to sensitive data have none of that. And apparently have to go to stack exchange for advice on this, while it should have been subject 1 of day 1 on the job.
– Douwe
yesterday






To be fair, someone has to administer the live database, and in a small outfit this might very well be a developer on the team, so having access to live data can be a necessity and does not have to be illegal in itself. It always struck me as funny though that my colleagues who are accountants have a code of conduct, a register and are made to swear an oath about this, while us techies who have far more access to sensitive data have none of that. And apparently have to go to stack exchange for advice on this, while it should have been subject 1 of day 1 on the job.
– Douwe
yesterday












12 Answers
12






active

oldest

votes


















184














Stop what you're doing and think things through.



You're developing APIs that interact with a live finance system. If things go wrong and you write instead of read or do something to corrupt the system, you could wreck people's lives (and the company for that matter).



Don't do that.



Create or request a separate test system to interface with and use that to develop and test against before attaching to the live system. If this is an online (third party) system, then they should be able to provide you with a test system/account to use for the purposes of development.



Even with a small company like yours, this is really really important.



And don't look at people's personal information - it's morally (and potentially legally) wrong - make sure that your test system has test values in it.






share|improve this answer



















  • 3




    The context here is the United Kingdom. The OP didn't specify whether their use of "wrong" in the question was technical/legal/moral, so I addressed all uses here.
    – Snow
    yesterday






  • 13




    In the context of the United Kingdom GDPR is in force, OP should definitely not have access to live financial data.
    – Josh
    yesterday










  • Although this is great advice, it doesn't really answer the question, and certainly is not useful to other people who come here based on the question title.
    – RJFalconer
    yesterday






  • 3




    Regardless of a test environment, somebody is going to have to examine/audit the system on live data. What if there's a slight discrepancy between dev and production? I know somebody who works at a bank and they do test on their own live accounts all the time: assuming staging exactly equals production is asking for disaster.
    – user71659
    yesterday






  • 10




    @Josh GDPR concerns customer data that makes customers personally identifiable (PII). It doesn’t concern all financial data, nor all customer data, nor even necessarily all financial customer data. And lastly, it does not forbid access to customer PII data. It just regulates it.
    – Konrad Rudolph
    yesterday





















49















Is it ethically wrong to have peek at staff paycheck?




Yes, and illegal in a lot of countries. Don't do this, and if you did hope no one will ever know or you risk your job and maybe more.






share|improve this answer

















  • 2




    Note, there are usually exceptions in the law (or company guidelines at least) for people who need to see this data, usually that means just HR. In a small company with blended roles I can see you falling under this exception but it will mean a big responsibility and probably some extra training.
    – Borgh
    yesterday










  • As OP said, he needs to create invoices not to look at other's paychecks. I don't think the exception will help him there.
    – LP154
    yesterday










  • As I read it, he is the one responsible for their accounting software and in most companies you need someone who is able to confirm "yes we transferred (x money) to (y acocunt) on (z date)", ideally the company invoices and paychecks go through a seperate systems but in a smaller company with a single system that might not be realistic. I'd recommend building something where you get a "yes i want to see this" popup before any sensitive information is shown.
    – Borgh
    yesterday



















14














I agree fully with the answer of @Snow. Besides that:




  • Never use administrative access to "peek" at things. In 99% of the cases there is no credible explanation that you actually need to look at a real live document as an IT person, unless you need to give support on a specific case.


  • If you happen to come across such information without being explicitly permitted and asked to by the administration of your company, keep it absolutely confidential and never ever talk about it - but inform your boss that some procedure is not OK (see next point).


  • If you have a support role where you get in touch with personal information and your company has not given you a dedicated training/explanation on it, including introducing the person actually responsible for this, then something is severely wrong in the administration. In a well organized company, there is no way that somebody gets in contact with salary information without that being addressed explicitly, including precise limitations and procedure how to handle things, and a form which you have to sign that you understood what was said.







share|improve this answer

















  • 1




    Regarding your last bullet, I agree that something like that should be the case, but in a small company - especially if also a young one - lots of things that "should" - and in a larger business almost certainly will - have formal policies/procedures/training associated with them don't because there's never been enough time/money to create them.
    – Dan Neely
    22 hours ago










  • Even at a small company, I would expect that the responsible for HR is aware of the situation; it could happen in a less formal way, but I still would expect an explicit handover.
    – Sascha
    12 hours ago



















6














Yes. You should only be accessing the data you need to access to do your job, especially when it comes to financial data.






share|improve this answer





























    4














    Most companies, looking at someone else's paycheck without having a valid business reason is a reason for immediate termination. Also, many companies log such read access, and there are audits about it.

    Because you are in a small company, it seems this isn't tracked or formalized, but there is a good chance that the owner would terminate you anyway if he found out.






    share|improve this answer





























      3














      Other than what all the other answers have said about your question, what do you hope to gain by knowing what a colleague's salary is? Do you hope to feel good because you are paid more? What if he earns more than you? You can't use that information as grounds for requesting/negotiating an increase anyway. That information might very well cause all sorts of problems for you on all sorts of levels. Just be let it be.






      share|improve this answer

















      • 2




        This. Ethics and probably law say it's wrong, but even if you don't get directly blamed for looking at your colleague's salary, I can't imagine any positive outcome from this. Most chances are that this would just lead to demotivation, misunderstandings, regrets, judgmental attitude, etc... Some things are better let unknown, for the benefit of everybody.
        – dim
        8 hours ago





















      2















      Is it ethically wrong to have peek at staff paycheck?




      Yes, and legally.



      I would stop and go to your boss immediately with the following:




      1. You're accessing LIVE data and there's a risk you can break it.

      2. You're able to see pay information. Are you able to see PII information as well? If so, I would immediately stop.


      You risk not only your job but also legal problems. Maybe jail or a heavy fine. It only takes one person to understand what you're doing and they go to the proper authorities or lawyer in your country and begin the process. You need to email this to your boss and save that email with the following:




      Boss, I am accessing an API that shows our staff's PII and pay information. I am able to access this without restriction and modify the data. I need a test bed and not be able to see this data as it is a violation of [insert country's privacy law]







      share|improve this answer





























        1














        Being an IT worker at your company gives you access to data that is confidential, but that does not entitle you to read it. You should treat it no differently than it being a physical file in a cabinet. Just because the filing cabinet is in the same room as you and you have the key, does not mean you should be perusing through it at your leisure. It is morally and ethically wrong, and it may also have legal consequences. Not only would you put your job at risk, but you may be subjecting yourself to prosecution.



        You should only be accessing data that pertains to your job. If you do happen to come across confidential information during your routine duties, you must never disclose this information to others, or use it for personal gain. There may also be controls on this system that you are not aware of. You should treat your access as if someone is always looking over your shoulder. You may never know that someone is watching over you until you are being marched out of the building by security, so please keep that in mind.



        As others have said, you should look into having a separate server instance with fake data to develop against. As a developer, there is no reason to test against a live system. If something ever went wrong, you wouldn't want to be the one that people are pointing fingers at.






        share|improve this answer





























          1














          People get fired for this. I even know someone who got fired for not immediately firing someone who was caught doing what you suggested.



          Accessing records which you're not authorized to access is trouble. And before you ask, having the ability to access data is not at all the same as having the authority. Forget "ethically", your problem is "contractually" and "legally", either of which carry significantly harsher consequences than "ethically".






          share|improve this answer





























            1














            While most answers address the legal and personal ethics, there is also the code of ethics that is established by the relevant professional body/ies in your country or that you may be a member of (personally, I use these despite not being a member).



            In Australia, the relevant body is the Information Technology Professionals Association which is the successor of the System Administrator's Guild of Australia (SAGE-AU). The code of ethics produced by this organisation has been adopted by many professional bodies around the world.



            There is a difference between coming across confidential information in the course of your duties and deliberately accessing confidential information.



            In my opinion, it is unethical to deliberately access information that you haven't been given explicit authority to access. If you are a member of a professional body and they were to find out, then you would have your membership revoked (which could hamper future job applications); if you are not a member then you run the risk of being refused membership if they discover that you have done this (employer or another employee may report you to the body).



            As IT professionals, we are entrusted with confidential information (our privilege) and we must protect that information (our responsibility) from all, including ourselves.






            share|improve this answer










            New contributor




            Aaron is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.


























              0















              Is it ethically wrong to have peek at staff paycheck?




              Of course it's wrong.



              I'm guessing you already know that. But in case you aren't sure, ask your boss first.



              Never use Production. Use a test system with simulated data.






              share|improve this answer





























                -1














                Depends on what you consider ethically wrong. I for one would be curious and do it when no one is watching, not because it's right or ethical, but because I would want to know if I'm getting shafted with the pay. As the answers above pointed out, I would refrain if specifically requested not to or it's illegal to do so.






                share|improve this answer

















                • 5




                  If I find out that you looked at my salary without my permission and without any need I will do my hardest to get you out of the company. I think my boss will agree with this, so I won’t have to work hard. Even more with GDPR.
                  – gnasher729
                  yesterday






                • 5




                  "Depends on what you consider ethically wrong." - spot on; there are some truths people don't like to hear; like ethics is a personal thing. Legal points are not however - and this would be breaking the law. Anyway, what would you do if you did find out you were being paid less - if you say to your boss "I saw everyones pay and I want more" their reply will be with a boot.
                  – UKMonkey
                  yesterday






                • 1




                  @paulj, OP was told to work on billing/invoicing, not payroll. IANAL, but pretty sure this would be a violation of GDPR
                  – cdkMoose
                  yesterday






                • 1




                  @paulj what makes you think he's a wage slave; do you know his income? As for what law it breaks, as almost every answer here says, GDPR. I'd put money that it says it in his contract too. As for ethically, most would argue that spying on your colleagues isn't ethical. I suggest you read answers and comments before commenting.
                  – UKMonkey
                  yesterday






                • 3




                  '"because I would want to know if I'm getting shafted with the pay." - This is not a valid reason to view sensitive information. This is absolutely horrible advice. If the author has a business need to test something on the production server, the author can view his own information, instead of that of a colleague.
                  – Ramhound
                  yesterday











                Your Answer








                StackExchange.ready(function() {
                var channelOptions = {
                tags: "".split(" "),
                id: "423"
                };
                initTagRenderer("".split(" "), "".split(" "), channelOptions);

                StackExchange.using("externalEditor", function() {
                // Have to fire editor after snippets, if snippets enabled
                if (StackExchange.settings.snippets.snippetsEnabled) {
                StackExchange.using("snippets", function() {
                createEditor();
                });
                }
                else {
                createEditor();
                }
                });

                function createEditor() {
                StackExchange.prepareEditor({
                heartbeatType: 'answer',
                autoActivateHeartbeat: false,
                convertImagesToLinks: false,
                noModals: true,
                showLowRepImageUploadWarning: true,
                reputationToPostImages: null,
                bindNavPrevention: true,
                postfix: "",
                imageUploader: {
                brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
                contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
                allowUrls: true
                },
                noCode: true, onDemand: false,
                discardSelector: ".discard-answer"
                ,immediatelyShowMarkdownHelp:true
                });


                }
                });






                aries is a new contributor. Be nice, and check out our Code of Conduct.










                draft saved

                draft discarded


















                StackExchange.ready(
                function () {
                StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f125827%2fis-it-wrong-to-peek-at-a-colleagues-paycheck%23new-answer', 'question_page');
                }
                );

                Post as a guest















                Required, but never shown




















                StackExchange.ready(function () {
                $("#show-editor-button input, #show-editor-button button").click(function () {
                var showEditor = function() {
                $("#show-editor-button").hide();
                $("#post-form").removeClass("dno");
                StackExchange.editor.finallyInit();
                };

                var useFancy = $(this).data('confirm-use-fancy');
                if(useFancy == 'True') {
                var popupTitle = $(this).data('confirm-fancy-title');
                var popupBody = $(this).data('confirm-fancy-body');
                var popupAccept = $(this).data('confirm-fancy-accept-button');

                $(this).loadPopup({
                url: '/post/self-answer-popup',
                loaded: function(popup) {
                var pTitle = $(popup).find('h2');
                var pBody = $(popup).find('.popup-body');
                var pSubmit = $(popup).find('.popup-submit');

                pTitle.text(popupTitle);
                pBody.html(popupBody);
                pSubmit.val(popupAccept).click(showEditor);
                }
                })
                } else{
                var confirmText = $(this).data('confirm-text');
                if (confirmText ? confirm(confirmText) : true) {
                showEditor();
                }
                }
                });
                });






                12 Answers
                12






                active

                oldest

                votes








                12 Answers
                12






                active

                oldest

                votes









                active

                oldest

                votes






                active

                oldest

                votes









                184














                Stop what you're doing and think things through.



                You're developing APIs that interact with a live finance system. If things go wrong and you write instead of read or do something to corrupt the system, you could wreck people's lives (and the company for that matter).



                Don't do that.



                Create or request a separate test system to interface with and use that to develop and test against before attaching to the live system. If this is an online (third party) system, then they should be able to provide you with a test system/account to use for the purposes of development.



                Even with a small company like yours, this is really really important.



                And don't look at people's personal information - it's morally (and potentially legally) wrong - make sure that your test system has test values in it.






                share|improve this answer



















                • 3




                  The context here is the United Kingdom. The OP didn't specify whether their use of "wrong" in the question was technical/legal/moral, so I addressed all uses here.
                  – Snow
                  yesterday






                • 13




                  In the context of the United Kingdom GDPR is in force, OP should definitely not have access to live financial data.
                  – Josh
                  yesterday










                • Although this is great advice, it doesn't really answer the question, and certainly is not useful to other people who come here based on the question title.
                  – RJFalconer
                  yesterday






                • 3




                  Regardless of a test environment, somebody is going to have to examine/audit the system on live data. What if there's a slight discrepancy between dev and production? I know somebody who works at a bank and they do test on their own live accounts all the time: assuming staging exactly equals production is asking for disaster.
                  – user71659
                  yesterday






                • 10




                  @Josh GDPR concerns customer data that makes customers personally identifiable (PII). It doesn’t concern all financial data, nor all customer data, nor even necessarily all financial customer data. And lastly, it does not forbid access to customer PII data. It just regulates it.
                  – Konrad Rudolph
                  yesterday


















                184














                Stop what you're doing and think things through.



                You're developing APIs that interact with a live finance system. If things go wrong and you write instead of read or do something to corrupt the system, you could wreck people's lives (and the company for that matter).



                Don't do that.



                Create or request a separate test system to interface with and use that to develop and test against before attaching to the live system. If this is an online (third party) system, then they should be able to provide you with a test system/account to use for the purposes of development.



                Even with a small company like yours, this is really really important.



                And don't look at people's personal information - it's morally (and potentially legally) wrong - make sure that your test system has test values in it.






                share|improve this answer



















                • 3




                  The context here is the United Kingdom. The OP didn't specify whether their use of "wrong" in the question was technical/legal/moral, so I addressed all uses here.
                  – Snow
                  yesterday






                • 13




                  In the context of the United Kingdom GDPR is in force, OP should definitely not have access to live financial data.
                  – Josh
                  yesterday










                • Although this is great advice, it doesn't really answer the question, and certainly is not useful to other people who come here based on the question title.
                  – RJFalconer
                  yesterday






                • 3




                  Regardless of a test environment, somebody is going to have to examine/audit the system on live data. What if there's a slight discrepancy between dev and production? I know somebody who works at a bank and they do test on their own live accounts all the time: assuming staging exactly equals production is asking for disaster.
                  – user71659
                  yesterday






                • 10




                  @Josh GDPR concerns customer data that makes customers personally identifiable (PII). It doesn’t concern all financial data, nor all customer data, nor even necessarily all financial customer data. And lastly, it does not forbid access to customer PII data. It just regulates it.
                  – Konrad Rudolph
                  yesterday
















                184












                184








                184






                Stop what you're doing and think things through.



                You're developing APIs that interact with a live finance system. If things go wrong and you write instead of read or do something to corrupt the system, you could wreck people's lives (and the company for that matter).



                Don't do that.



                Create or request a separate test system to interface with and use that to develop and test against before attaching to the live system. If this is an online (third party) system, then they should be able to provide you with a test system/account to use for the purposes of development.



                Even with a small company like yours, this is really really important.



                And don't look at people's personal information - it's morally (and potentially legally) wrong - make sure that your test system has test values in it.






                share|improve this answer














                Stop what you're doing and think things through.



                You're developing APIs that interact with a live finance system. If things go wrong and you write instead of read or do something to corrupt the system, you could wreck people's lives (and the company for that matter).



                Don't do that.



                Create or request a separate test system to interface with and use that to develop and test against before attaching to the live system. If this is an online (third party) system, then they should be able to provide you with a test system/account to use for the purposes of development.



                Even with a small company like yours, this is really really important.



                And don't look at people's personal information - it's morally (and potentially legally) wrong - make sure that your test system has test values in it.







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited yesterday

























                answered yesterday









                Snow

                58.3k51188237




                58.3k51188237








                • 3




                  The context here is the United Kingdom. The OP didn't specify whether their use of "wrong" in the question was technical/legal/moral, so I addressed all uses here.
                  – Snow
                  yesterday






                • 13




                  In the context of the United Kingdom GDPR is in force, OP should definitely not have access to live financial data.
                  – Josh
                  yesterday










                • Although this is great advice, it doesn't really answer the question, and certainly is not useful to other people who come here based on the question title.
                  – RJFalconer
                  yesterday






                • 3




                  Regardless of a test environment, somebody is going to have to examine/audit the system on live data. What if there's a slight discrepancy between dev and production? I know somebody who works at a bank and they do test on their own live accounts all the time: assuming staging exactly equals production is asking for disaster.
                  – user71659
                  yesterday






                • 10




                  @Josh GDPR concerns customer data that makes customers personally identifiable (PII). It doesn’t concern all financial data, nor all customer data, nor even necessarily all financial customer data. And lastly, it does not forbid access to customer PII data. It just regulates it.
                  – Konrad Rudolph
                  yesterday
















                • 3




                  The context here is the United Kingdom. The OP didn't specify whether their use of "wrong" in the question was technical/legal/moral, so I addressed all uses here.
                  – Snow
                  yesterday






                • 13




                  In the context of the United Kingdom GDPR is in force, OP should definitely not have access to live financial data.
                  – Josh
                  yesterday










                • Although this is great advice, it doesn't really answer the question, and certainly is not useful to other people who come here based on the question title.
                  – RJFalconer
                  yesterday






                • 3




                  Regardless of a test environment, somebody is going to have to examine/audit the system on live data. What if there's a slight discrepancy between dev and production? I know somebody who works at a bank and they do test on their own live accounts all the time: assuming staging exactly equals production is asking for disaster.
                  – user71659
                  yesterday






                • 10




                  @Josh GDPR concerns customer data that makes customers personally identifiable (PII). It doesn’t concern all financial data, nor all customer data, nor even necessarily all financial customer data. And lastly, it does not forbid access to customer PII data. It just regulates it.
                  – Konrad Rudolph
                  yesterday










                3




                3




                The context here is the United Kingdom. The OP didn't specify whether their use of "wrong" in the question was technical/legal/moral, so I addressed all uses here.
                – Snow
                yesterday




                The context here is the United Kingdom. The OP didn't specify whether their use of "wrong" in the question was technical/legal/moral, so I addressed all uses here.
                – Snow
                yesterday




                13




                13




                In the context of the United Kingdom GDPR is in force, OP should definitely not have access to live financial data.
                – Josh
                yesterday




                In the context of the United Kingdom GDPR is in force, OP should definitely not have access to live financial data.
                – Josh
                yesterday












                Although this is great advice, it doesn't really answer the question, and certainly is not useful to other people who come here based on the question title.
                – RJFalconer
                yesterday




                Although this is great advice, it doesn't really answer the question, and certainly is not useful to other people who come here based on the question title.
                – RJFalconer
                yesterday




                3




                3




                Regardless of a test environment, somebody is going to have to examine/audit the system on live data. What if there's a slight discrepancy between dev and production? I know somebody who works at a bank and they do test on their own live accounts all the time: assuming staging exactly equals production is asking for disaster.
                – user71659
                yesterday




                Regardless of a test environment, somebody is going to have to examine/audit the system on live data. What if there's a slight discrepancy between dev and production? I know somebody who works at a bank and they do test on their own live accounts all the time: assuming staging exactly equals production is asking for disaster.
                – user71659
                yesterday




                10




                10




                @Josh GDPR concerns customer data that makes customers personally identifiable (PII). It doesn’t concern all financial data, nor all customer data, nor even necessarily all financial customer data. And lastly, it does not forbid access to customer PII data. It just regulates it.
                – Konrad Rudolph
                yesterday






                @Josh GDPR concerns customer data that makes customers personally identifiable (PII). It doesn’t concern all financial data, nor all customer data, nor even necessarily all financial customer data. And lastly, it does not forbid access to customer PII data. It just regulates it.
                – Konrad Rudolph
                yesterday















                49















                Is it ethically wrong to have peek at staff paycheck?




                Yes, and illegal in a lot of countries. Don't do this, and if you did hope no one will ever know or you risk your job and maybe more.






                share|improve this answer

















                • 2




                  Note, there are usually exceptions in the law (or company guidelines at least) for people who need to see this data, usually that means just HR. In a small company with blended roles I can see you falling under this exception but it will mean a big responsibility and probably some extra training.
                  – Borgh
                  yesterday










                • As OP said, he needs to create invoices not to look at other's paychecks. I don't think the exception will help him there.
                  – LP154
                  yesterday










                • As I read it, he is the one responsible for their accounting software and in most companies you need someone who is able to confirm "yes we transferred (x money) to (y acocunt) on (z date)", ideally the company invoices and paychecks go through a seperate systems but in a smaller company with a single system that might not be realistic. I'd recommend building something where you get a "yes i want to see this" popup before any sensitive information is shown.
                  – Borgh
                  yesterday
















                49















                Is it ethically wrong to have peek at staff paycheck?




                Yes, and illegal in a lot of countries. Don't do this, and if you did hope no one will ever know or you risk your job and maybe more.






                share|improve this answer

















                • 2




                  Note, there are usually exceptions in the law (or company guidelines at least) for people who need to see this data, usually that means just HR. In a small company with blended roles I can see you falling under this exception but it will mean a big responsibility and probably some extra training.
                  – Borgh
                  yesterday










                • As OP said, he needs to create invoices not to look at other's paychecks. I don't think the exception will help him there.
                  – LP154
                  yesterday










                • As I read it, he is the one responsible for their accounting software and in most companies you need someone who is able to confirm "yes we transferred (x money) to (y acocunt) on (z date)", ideally the company invoices and paychecks go through a seperate systems but in a smaller company with a single system that might not be realistic. I'd recommend building something where you get a "yes i want to see this" popup before any sensitive information is shown.
                  – Borgh
                  yesterday














                49












                49








                49







                Is it ethically wrong to have peek at staff paycheck?




                Yes, and illegal in a lot of countries. Don't do this, and if you did hope no one will ever know or you risk your job and maybe more.






                share|improve this answer













                Is it ethically wrong to have peek at staff paycheck?




                Yes, and illegal in a lot of countries. Don't do this, and if you did hope no one will ever know or you risk your job and maybe more.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered yesterday









                LP154

                1,780617




                1,780617








                • 2




                  Note, there are usually exceptions in the law (or company guidelines at least) for people who need to see this data, usually that means just HR. In a small company with blended roles I can see you falling under this exception but it will mean a big responsibility and probably some extra training.
                  – Borgh
                  yesterday










                • As OP said, he needs to create invoices not to look at other's paychecks. I don't think the exception will help him there.
                  – LP154
                  yesterday










                • As I read it, he is the one responsible for their accounting software and in most companies you need someone who is able to confirm "yes we transferred (x money) to (y acocunt) on (z date)", ideally the company invoices and paychecks go through a seperate systems but in a smaller company with a single system that might not be realistic. I'd recommend building something where you get a "yes i want to see this" popup before any sensitive information is shown.
                  – Borgh
                  yesterday














                • 2




                  Note, there are usually exceptions in the law (or company guidelines at least) for people who need to see this data, usually that means just HR. In a small company with blended roles I can see you falling under this exception but it will mean a big responsibility and probably some extra training.
                  – Borgh
                  yesterday










                • As OP said, he needs to create invoices not to look at other's paychecks. I don't think the exception will help him there.
                  – LP154
                  yesterday










                • As I read it, he is the one responsible for their accounting software and in most companies you need someone who is able to confirm "yes we transferred (x money) to (y acocunt) on (z date)", ideally the company invoices and paychecks go through a seperate systems but in a smaller company with a single system that might not be realistic. I'd recommend building something where you get a "yes i want to see this" popup before any sensitive information is shown.
                  – Borgh
                  yesterday








                2




                2




                Note, there are usually exceptions in the law (or company guidelines at least) for people who need to see this data, usually that means just HR. In a small company with blended roles I can see you falling under this exception but it will mean a big responsibility and probably some extra training.
                – Borgh
                yesterday




                Note, there are usually exceptions in the law (or company guidelines at least) for people who need to see this data, usually that means just HR. In a small company with blended roles I can see you falling under this exception but it will mean a big responsibility and probably some extra training.
                – Borgh
                yesterday












                As OP said, he needs to create invoices not to look at other's paychecks. I don't think the exception will help him there.
                – LP154
                yesterday




                As OP said, he needs to create invoices not to look at other's paychecks. I don't think the exception will help him there.
                – LP154
                yesterday












                As I read it, he is the one responsible for their accounting software and in most companies you need someone who is able to confirm "yes we transferred (x money) to (y acocunt) on (z date)", ideally the company invoices and paychecks go through a seperate systems but in a smaller company with a single system that might not be realistic. I'd recommend building something where you get a "yes i want to see this" popup before any sensitive information is shown.
                – Borgh
                yesterday




                As I read it, he is the one responsible for their accounting software and in most companies you need someone who is able to confirm "yes we transferred (x money) to (y acocunt) on (z date)", ideally the company invoices and paychecks go through a seperate systems but in a smaller company with a single system that might not be realistic. I'd recommend building something where you get a "yes i want to see this" popup before any sensitive information is shown.
                – Borgh
                yesterday











                14














                I agree fully with the answer of @Snow. Besides that:




                • Never use administrative access to "peek" at things. In 99% of the cases there is no credible explanation that you actually need to look at a real live document as an IT person, unless you need to give support on a specific case.


                • If you happen to come across such information without being explicitly permitted and asked to by the administration of your company, keep it absolutely confidential and never ever talk about it - but inform your boss that some procedure is not OK (see next point).


                • If you have a support role where you get in touch with personal information and your company has not given you a dedicated training/explanation on it, including introducing the person actually responsible for this, then something is severely wrong in the administration. In a well organized company, there is no way that somebody gets in contact with salary information without that being addressed explicitly, including precise limitations and procedure how to handle things, and a form which you have to sign that you understood what was said.







                share|improve this answer

















                • 1




                  Regarding your last bullet, I agree that something like that should be the case, but in a small company - especially if also a young one - lots of things that "should" - and in a larger business almost certainly will - have formal policies/procedures/training associated with them don't because there's never been enough time/money to create them.
                  – Dan Neely
                  22 hours ago










                • Even at a small company, I would expect that the responsible for HR is aware of the situation; it could happen in a less formal way, but I still would expect an explicit handover.
                  – Sascha
                  12 hours ago
















                14














                I agree fully with the answer of @Snow. Besides that:




                • Never use administrative access to "peek" at things. In 99% of the cases there is no credible explanation that you actually need to look at a real live document as an IT person, unless you need to give support on a specific case.


                • If you happen to come across such information without being explicitly permitted and asked to by the administration of your company, keep it absolutely confidential and never ever talk about it - but inform your boss that some procedure is not OK (see next point).


                • If you have a support role where you get in touch with personal information and your company has not given you a dedicated training/explanation on it, including introducing the person actually responsible for this, then something is severely wrong in the administration. In a well organized company, there is no way that somebody gets in contact with salary information without that being addressed explicitly, including precise limitations and procedure how to handle things, and a form which you have to sign that you understood what was said.







                share|improve this answer

















                • 1




                  Regarding your last bullet, I agree that something like that should be the case, but in a small company - especially if also a young one - lots of things that "should" - and in a larger business almost certainly will - have formal policies/procedures/training associated with them don't because there's never been enough time/money to create them.
                  – Dan Neely
                  22 hours ago










                • Even at a small company, I would expect that the responsible for HR is aware of the situation; it could happen in a less formal way, but I still would expect an explicit handover.
                  – Sascha
                  12 hours ago














                14












                14








                14






                I agree fully with the answer of @Snow. Besides that:




                • Never use administrative access to "peek" at things. In 99% of the cases there is no credible explanation that you actually need to look at a real live document as an IT person, unless you need to give support on a specific case.


                • If you happen to come across such information without being explicitly permitted and asked to by the administration of your company, keep it absolutely confidential and never ever talk about it - but inform your boss that some procedure is not OK (see next point).


                • If you have a support role where you get in touch with personal information and your company has not given you a dedicated training/explanation on it, including introducing the person actually responsible for this, then something is severely wrong in the administration. In a well organized company, there is no way that somebody gets in contact with salary information without that being addressed explicitly, including precise limitations and procedure how to handle things, and a form which you have to sign that you understood what was said.







                share|improve this answer












                I agree fully with the answer of @Snow. Besides that:




                • Never use administrative access to "peek" at things. In 99% of the cases there is no credible explanation that you actually need to look at a real live document as an IT person, unless you need to give support on a specific case.


                • If you happen to come across such information without being explicitly permitted and asked to by the administration of your company, keep it absolutely confidential and never ever talk about it - but inform your boss that some procedure is not OK (see next point).


                • If you have a support role where you get in touch with personal information and your company has not given you a dedicated training/explanation on it, including introducing the person actually responsible for this, then something is severely wrong in the administration. In a well organized company, there is no way that somebody gets in contact with salary information without that being addressed explicitly, including precise limitations and procedure how to handle things, and a form which you have to sign that you understood what was said.








                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered yesterday









                Sascha

                7,53921536




                7,53921536








                • 1




                  Regarding your last bullet, I agree that something like that should be the case, but in a small company - especially if also a young one - lots of things that "should" - and in a larger business almost certainly will - have formal policies/procedures/training associated with them don't because there's never been enough time/money to create them.
                  – Dan Neely
                  22 hours ago










                • Even at a small company, I would expect that the responsible for HR is aware of the situation; it could happen in a less formal way, but I still would expect an explicit handover.
                  – Sascha
                  12 hours ago














                • 1




                  Regarding your last bullet, I agree that something like that should be the case, but in a small company - especially if also a young one - lots of things that "should" - and in a larger business almost certainly will - have formal policies/procedures/training associated with them don't because there's never been enough time/money to create them.
                  – Dan Neely
                  22 hours ago










                • Even at a small company, I would expect that the responsible for HR is aware of the situation; it could happen in a less formal way, but I still would expect an explicit handover.
                  – Sascha
                  12 hours ago








                1




                1




                Regarding your last bullet, I agree that something like that should be the case, but in a small company - especially if also a young one - lots of things that "should" - and in a larger business almost certainly will - have formal policies/procedures/training associated with them don't because there's never been enough time/money to create them.
                – Dan Neely
                22 hours ago




                Regarding your last bullet, I agree that something like that should be the case, but in a small company - especially if also a young one - lots of things that "should" - and in a larger business almost certainly will - have formal policies/procedures/training associated with them don't because there's never been enough time/money to create them.
                – Dan Neely
                22 hours ago












                Even at a small company, I would expect that the responsible for HR is aware of the situation; it could happen in a less formal way, but I still would expect an explicit handover.
                – Sascha
                12 hours ago




                Even at a small company, I would expect that the responsible for HR is aware of the situation; it could happen in a less formal way, but I still would expect an explicit handover.
                – Sascha
                12 hours ago











                6














                Yes. You should only be accessing the data you need to access to do your job, especially when it comes to financial data.






                share|improve this answer


























                  6














                  Yes. You should only be accessing the data you need to access to do your job, especially when it comes to financial data.






                  share|improve this answer
























                    6












                    6








                    6






                    Yes. You should only be accessing the data you need to access to do your job, especially when it comes to financial data.






                    share|improve this answer












                    Yes. You should only be accessing the data you need to access to do your job, especially when it comes to financial data.







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered yesterday









                    Robert Dundon

                    1,655189




                    1,655189























                        4














                        Most companies, looking at someone else's paycheck without having a valid business reason is a reason for immediate termination. Also, many companies log such read access, and there are audits about it.

                        Because you are in a small company, it seems this isn't tracked or formalized, but there is a good chance that the owner would terminate you anyway if he found out.






                        share|improve this answer


























                          4














                          Most companies, looking at someone else's paycheck without having a valid business reason is a reason for immediate termination. Also, many companies log such read access, and there are audits about it.

                          Because you are in a small company, it seems this isn't tracked or formalized, but there is a good chance that the owner would terminate you anyway if he found out.






                          share|improve this answer
























                            4












                            4








                            4






                            Most companies, looking at someone else's paycheck without having a valid business reason is a reason for immediate termination. Also, many companies log such read access, and there are audits about it.

                            Because you are in a small company, it seems this isn't tracked or formalized, but there is a good chance that the owner would terminate you anyway if he found out.






                            share|improve this answer












                            Most companies, looking at someone else's paycheck without having a valid business reason is a reason for immediate termination. Also, many companies log such read access, and there are audits about it.

                            Because you are in a small company, it seems this isn't tracked or formalized, but there is a good chance that the owner would terminate you anyway if he found out.







                            share|improve this answer












                            share|improve this answer



                            share|improve this answer










                            answered yesterday









                            Aganju

                            1,03329




                            1,03329























                                3














                                Other than what all the other answers have said about your question, what do you hope to gain by knowing what a colleague's salary is? Do you hope to feel good because you are paid more? What if he earns more than you? You can't use that information as grounds for requesting/negotiating an increase anyway. That information might very well cause all sorts of problems for you on all sorts of levels. Just be let it be.






                                share|improve this answer

















                                • 2




                                  This. Ethics and probably law say it's wrong, but even if you don't get directly blamed for looking at your colleague's salary, I can't imagine any positive outcome from this. Most chances are that this would just lead to demotivation, misunderstandings, regrets, judgmental attitude, etc... Some things are better let unknown, for the benefit of everybody.
                                  – dim
                                  8 hours ago


















                                3














                                Other than what all the other answers have said about your question, what do you hope to gain by knowing what a colleague's salary is? Do you hope to feel good because you are paid more? What if he earns more than you? You can't use that information as grounds for requesting/negotiating an increase anyway. That information might very well cause all sorts of problems for you on all sorts of levels. Just be let it be.






                                share|improve this answer

















                                • 2




                                  This. Ethics and probably law say it's wrong, but even if you don't get directly blamed for looking at your colleague's salary, I can't imagine any positive outcome from this. Most chances are that this would just lead to demotivation, misunderstandings, regrets, judgmental attitude, etc... Some things are better let unknown, for the benefit of everybody.
                                  – dim
                                  8 hours ago
















                                3












                                3








                                3






                                Other than what all the other answers have said about your question, what do you hope to gain by knowing what a colleague's salary is? Do you hope to feel good because you are paid more? What if he earns more than you? You can't use that information as grounds for requesting/negotiating an increase anyway. That information might very well cause all sorts of problems for you on all sorts of levels. Just be let it be.






                                share|improve this answer












                                Other than what all the other answers have said about your question, what do you hope to gain by knowing what a colleague's salary is? Do you hope to feel good because you are paid more? What if he earns more than you? You can't use that information as grounds for requesting/negotiating an increase anyway. That information might very well cause all sorts of problems for you on all sorts of levels. Just be let it be.







                                share|improve this answer












                                share|improve this answer



                                share|improve this answer










                                answered yesterday









                                The White Wolf

                                631316




                                631316








                                • 2




                                  This. Ethics and probably law say it's wrong, but even if you don't get directly blamed for looking at your colleague's salary, I can't imagine any positive outcome from this. Most chances are that this would just lead to demotivation, misunderstandings, regrets, judgmental attitude, etc... Some things are better let unknown, for the benefit of everybody.
                                  – dim
                                  8 hours ago
















                                • 2




                                  This. Ethics and probably law say it's wrong, but even if you don't get directly blamed for looking at your colleague's salary, I can't imagine any positive outcome from this. Most chances are that this would just lead to demotivation, misunderstandings, regrets, judgmental attitude, etc... Some things are better let unknown, for the benefit of everybody.
                                  – dim
                                  8 hours ago










                                2




                                2




                                This. Ethics and probably law say it's wrong, but even if you don't get directly blamed for looking at your colleague's salary, I can't imagine any positive outcome from this. Most chances are that this would just lead to demotivation, misunderstandings, regrets, judgmental attitude, etc... Some things are better let unknown, for the benefit of everybody.
                                – dim
                                8 hours ago






                                This. Ethics and probably law say it's wrong, but even if you don't get directly blamed for looking at your colleague's salary, I can't imagine any positive outcome from this. Most chances are that this would just lead to demotivation, misunderstandings, regrets, judgmental attitude, etc... Some things are better let unknown, for the benefit of everybody.
                                – dim
                                8 hours ago













                                2















                                Is it ethically wrong to have peek at staff paycheck?




                                Yes, and legally.



                                I would stop and go to your boss immediately with the following:




                                1. You're accessing LIVE data and there's a risk you can break it.

                                2. You're able to see pay information. Are you able to see PII information as well? If so, I would immediately stop.


                                You risk not only your job but also legal problems. Maybe jail or a heavy fine. It only takes one person to understand what you're doing and they go to the proper authorities or lawyer in your country and begin the process. You need to email this to your boss and save that email with the following:




                                Boss, I am accessing an API that shows our staff's PII and pay information. I am able to access this without restriction and modify the data. I need a test bed and not be able to see this data as it is a violation of [insert country's privacy law]







                                share|improve this answer


























                                  2















                                  Is it ethically wrong to have peek at staff paycheck?




                                  Yes, and legally.



                                  I would stop and go to your boss immediately with the following:




                                  1. You're accessing LIVE data and there's a risk you can break it.

                                  2. You're able to see pay information. Are you able to see PII information as well? If so, I would immediately stop.


                                  You risk not only your job but also legal problems. Maybe jail or a heavy fine. It only takes one person to understand what you're doing and they go to the proper authorities or lawyer in your country and begin the process. You need to email this to your boss and save that email with the following:




                                  Boss, I am accessing an API that shows our staff's PII and pay information. I am able to access this without restriction and modify the data. I need a test bed and not be able to see this data as it is a violation of [insert country's privacy law]







                                  share|improve this answer
























                                    2












                                    2








                                    2







                                    Is it ethically wrong to have peek at staff paycheck?




                                    Yes, and legally.



                                    I would stop and go to your boss immediately with the following:




                                    1. You're accessing LIVE data and there's a risk you can break it.

                                    2. You're able to see pay information. Are you able to see PII information as well? If so, I would immediately stop.


                                    You risk not only your job but also legal problems. Maybe jail or a heavy fine. It only takes one person to understand what you're doing and they go to the proper authorities or lawyer in your country and begin the process. You need to email this to your boss and save that email with the following:




                                    Boss, I am accessing an API that shows our staff's PII and pay information. I am able to access this without restriction and modify the data. I need a test bed and not be able to see this data as it is a violation of [insert country's privacy law]







                                    share|improve this answer













                                    Is it ethically wrong to have peek at staff paycheck?




                                    Yes, and legally.



                                    I would stop and go to your boss immediately with the following:




                                    1. You're accessing LIVE data and there's a risk you can break it.

                                    2. You're able to see pay information. Are you able to see PII information as well? If so, I would immediately stop.


                                    You risk not only your job but also legal problems. Maybe jail or a heavy fine. It only takes one person to understand what you're doing and they go to the proper authorities or lawyer in your country and begin the process. You need to email this to your boss and save that email with the following:




                                    Boss, I am accessing an API that shows our staff's PII and pay information. I am able to access this without restriction and modify the data. I need a test bed and not be able to see this data as it is a violation of [insert country's privacy law]








                                    share|improve this answer












                                    share|improve this answer



                                    share|improve this answer










                                    answered yesterday









                                    Dan

                                    7,05821325




                                    7,05821325























                                        1














                                        Being an IT worker at your company gives you access to data that is confidential, but that does not entitle you to read it. You should treat it no differently than it being a physical file in a cabinet. Just because the filing cabinet is in the same room as you and you have the key, does not mean you should be perusing through it at your leisure. It is morally and ethically wrong, and it may also have legal consequences. Not only would you put your job at risk, but you may be subjecting yourself to prosecution.



                                        You should only be accessing data that pertains to your job. If you do happen to come across confidential information during your routine duties, you must never disclose this information to others, or use it for personal gain. There may also be controls on this system that you are not aware of. You should treat your access as if someone is always looking over your shoulder. You may never know that someone is watching over you until you are being marched out of the building by security, so please keep that in mind.



                                        As others have said, you should look into having a separate server instance with fake data to develop against. As a developer, there is no reason to test against a live system. If something ever went wrong, you wouldn't want to be the one that people are pointing fingers at.






                                        share|improve this answer


























                                          1














                                          Being an IT worker at your company gives you access to data that is confidential, but that does not entitle you to read it. You should treat it no differently than it being a physical file in a cabinet. Just because the filing cabinet is in the same room as you and you have the key, does not mean you should be perusing through it at your leisure. It is morally and ethically wrong, and it may also have legal consequences. Not only would you put your job at risk, but you may be subjecting yourself to prosecution.



                                          You should only be accessing data that pertains to your job. If you do happen to come across confidential information during your routine duties, you must never disclose this information to others, or use it for personal gain. There may also be controls on this system that you are not aware of. You should treat your access as if someone is always looking over your shoulder. You may never know that someone is watching over you until you are being marched out of the building by security, so please keep that in mind.



                                          As others have said, you should look into having a separate server instance with fake data to develop against. As a developer, there is no reason to test against a live system. If something ever went wrong, you wouldn't want to be the one that people are pointing fingers at.






                                          share|improve this answer
























                                            1












                                            1








                                            1






                                            Being an IT worker at your company gives you access to data that is confidential, but that does not entitle you to read it. You should treat it no differently than it being a physical file in a cabinet. Just because the filing cabinet is in the same room as you and you have the key, does not mean you should be perusing through it at your leisure. It is morally and ethically wrong, and it may also have legal consequences. Not only would you put your job at risk, but you may be subjecting yourself to prosecution.



                                            You should only be accessing data that pertains to your job. If you do happen to come across confidential information during your routine duties, you must never disclose this information to others, or use it for personal gain. There may also be controls on this system that you are not aware of. You should treat your access as if someone is always looking over your shoulder. You may never know that someone is watching over you until you are being marched out of the building by security, so please keep that in mind.



                                            As others have said, you should look into having a separate server instance with fake data to develop against. As a developer, there is no reason to test against a live system. If something ever went wrong, you wouldn't want to be the one that people are pointing fingers at.






                                            share|improve this answer












                                            Being an IT worker at your company gives you access to data that is confidential, but that does not entitle you to read it. You should treat it no differently than it being a physical file in a cabinet. Just because the filing cabinet is in the same room as you and you have the key, does not mean you should be perusing through it at your leisure. It is morally and ethically wrong, and it may also have legal consequences. Not only would you put your job at risk, but you may be subjecting yourself to prosecution.



                                            You should only be accessing data that pertains to your job. If you do happen to come across confidential information during your routine duties, you must never disclose this information to others, or use it for personal gain. There may also be controls on this system that you are not aware of. You should treat your access as if someone is always looking over your shoulder. You may never know that someone is watching over you until you are being marched out of the building by security, so please keep that in mind.



                                            As others have said, you should look into having a separate server instance with fake data to develop against. As a developer, there is no reason to test against a live system. If something ever went wrong, you wouldn't want to be the one that people are pointing fingers at.







                                            share|improve this answer












                                            share|improve this answer



                                            share|improve this answer










                                            answered yesterday









                                            Jason Hutchinson

                                            1294




                                            1294























                                                1














                                                People get fired for this. I even know someone who got fired for not immediately firing someone who was caught doing what you suggested.



                                                Accessing records which you're not authorized to access is trouble. And before you ask, having the ability to access data is not at all the same as having the authority. Forget "ethically", your problem is "contractually" and "legally", either of which carry significantly harsher consequences than "ethically".






                                                share|improve this answer


























                                                  1














                                                  People get fired for this. I even know someone who got fired for not immediately firing someone who was caught doing what you suggested.



                                                  Accessing records which you're not authorized to access is trouble. And before you ask, having the ability to access data is not at all the same as having the authority. Forget "ethically", your problem is "contractually" and "legally", either of which carry significantly harsher consequences than "ethically".






                                                  share|improve this answer
























                                                    1












                                                    1








                                                    1






                                                    People get fired for this. I even know someone who got fired for not immediately firing someone who was caught doing what you suggested.



                                                    Accessing records which you're not authorized to access is trouble. And before you ask, having the ability to access data is not at all the same as having the authority. Forget "ethically", your problem is "contractually" and "legally", either of which carry significantly harsher consequences than "ethically".






                                                    share|improve this answer












                                                    People get fired for this. I even know someone who got fired for not immediately firing someone who was caught doing what you suggested.



                                                    Accessing records which you're not authorized to access is trouble. And before you ask, having the ability to access data is not at all the same as having the authority. Forget "ethically", your problem is "contractually" and "legally", either of which carry significantly harsher consequences than "ethically".







                                                    share|improve this answer












                                                    share|improve this answer



                                                    share|improve this answer










                                                    answered 7 hours ago









                                                    Peter

                                                    11.4k22139




                                                    11.4k22139























                                                        1














                                                        While most answers address the legal and personal ethics, there is also the code of ethics that is established by the relevant professional body/ies in your country or that you may be a member of (personally, I use these despite not being a member).



                                                        In Australia, the relevant body is the Information Technology Professionals Association which is the successor of the System Administrator's Guild of Australia (SAGE-AU). The code of ethics produced by this organisation has been adopted by many professional bodies around the world.



                                                        There is a difference between coming across confidential information in the course of your duties and deliberately accessing confidential information.



                                                        In my opinion, it is unethical to deliberately access information that you haven't been given explicit authority to access. If you are a member of a professional body and they were to find out, then you would have your membership revoked (which could hamper future job applications); if you are not a member then you run the risk of being refused membership if they discover that you have done this (employer or another employee may report you to the body).



                                                        As IT professionals, we are entrusted with confidential information (our privilege) and we must protect that information (our responsibility) from all, including ourselves.






                                                        share|improve this answer










                                                        New contributor




                                                        Aaron is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                                        Check out our Code of Conduct.























                                                          1














                                                          While most answers address the legal and personal ethics, there is also the code of ethics that is established by the relevant professional body/ies in your country or that you may be a member of (personally, I use these despite not being a member).



                                                          In Australia, the relevant body is the Information Technology Professionals Association which is the successor of the System Administrator's Guild of Australia (SAGE-AU). The code of ethics produced by this organisation has been adopted by many professional bodies around the world.



                                                          There is a difference between coming across confidential information in the course of your duties and deliberately accessing confidential information.



                                                          In my opinion, it is unethical to deliberately access information that you haven't been given explicit authority to access. If you are a member of a professional body and they were to find out, then you would have your membership revoked (which could hamper future job applications); if you are not a member then you run the risk of being refused membership if they discover that you have done this (employer or another employee may report you to the body).



                                                          As IT professionals, we are entrusted with confidential information (our privilege) and we must protect that information (our responsibility) from all, including ourselves.






                                                          share|improve this answer










                                                          New contributor




                                                          Aaron is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                                          Check out our Code of Conduct.





















                                                            1












                                                            1








                                                            1






                                                            While most answers address the legal and personal ethics, there is also the code of ethics that is established by the relevant professional body/ies in your country or that you may be a member of (personally, I use these despite not being a member).



                                                            In Australia, the relevant body is the Information Technology Professionals Association which is the successor of the System Administrator's Guild of Australia (SAGE-AU). The code of ethics produced by this organisation has been adopted by many professional bodies around the world.



                                                            There is a difference between coming across confidential information in the course of your duties and deliberately accessing confidential information.



                                                            In my opinion, it is unethical to deliberately access information that you haven't been given explicit authority to access. If you are a member of a professional body and they were to find out, then you would have your membership revoked (which could hamper future job applications); if you are not a member then you run the risk of being refused membership if they discover that you have done this (employer or another employee may report you to the body).



                                                            As IT professionals, we are entrusted with confidential information (our privilege) and we must protect that information (our responsibility) from all, including ourselves.






                                                            share|improve this answer










                                                            New contributor




                                                            Aaron is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                                            Check out our Code of Conduct.









                                                            While most answers address the legal and personal ethics, there is also the code of ethics that is established by the relevant professional body/ies in your country or that you may be a member of (personally, I use these despite not being a member).



                                                            In Australia, the relevant body is the Information Technology Professionals Association which is the successor of the System Administrator's Guild of Australia (SAGE-AU). The code of ethics produced by this organisation has been adopted by many professional bodies around the world.



                                                            There is a difference between coming across confidential information in the course of your duties and deliberately accessing confidential information.



                                                            In my opinion, it is unethical to deliberately access information that you haven't been given explicit authority to access. If you are a member of a professional body and they were to find out, then you would have your membership revoked (which could hamper future job applications); if you are not a member then you run the risk of being refused membership if they discover that you have done this (employer or another employee may report you to the body).



                                                            As IT professionals, we are entrusted with confidential information (our privilege) and we must protect that information (our responsibility) from all, including ourselves.







                                                            share|improve this answer










                                                            New contributor




                                                            Aaron is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                                            Check out our Code of Conduct.









                                                            share|improve this answer



                                                            share|improve this answer








                                                            edited 2 hours ago









                                                            Peter Mortensen

                                                            51347




                                                            51347






                                                            New contributor




                                                            Aaron is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                                            Check out our Code of Conduct.









                                                            answered 21 hours ago









                                                            Aaron

                                                            192




                                                            192




                                                            New contributor




                                                            Aaron is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                                            Check out our Code of Conduct.





                                                            New contributor





                                                            Aaron is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                                            Check out our Code of Conduct.






                                                            Aaron is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                                            Check out our Code of Conduct.























                                                                0















                                                                Is it ethically wrong to have peek at staff paycheck?




                                                                Of course it's wrong.



                                                                I'm guessing you already know that. But in case you aren't sure, ask your boss first.



                                                                Never use Production. Use a test system with simulated data.






                                                                share|improve this answer


























                                                                  0















                                                                  Is it ethically wrong to have peek at staff paycheck?




                                                                  Of course it's wrong.



                                                                  I'm guessing you already know that. But in case you aren't sure, ask your boss first.



                                                                  Never use Production. Use a test system with simulated data.






                                                                  share|improve this answer
























                                                                    0












                                                                    0








                                                                    0







                                                                    Is it ethically wrong to have peek at staff paycheck?




                                                                    Of course it's wrong.



                                                                    I'm guessing you already know that. But in case you aren't sure, ask your boss first.



                                                                    Never use Production. Use a test system with simulated data.






                                                                    share|improve this answer













                                                                    Is it ethically wrong to have peek at staff paycheck?




                                                                    Of course it's wrong.



                                                                    I'm guessing you already know that. But in case you aren't sure, ask your boss first.



                                                                    Never use Production. Use a test system with simulated data.







                                                                    share|improve this answer












                                                                    share|improve this answer



                                                                    share|improve this answer










                                                                    answered yesterday









                                                                    Joe Strazzere

                                                                    243k1187091006




                                                                    243k1187091006























                                                                        -1














                                                                        Depends on what you consider ethically wrong. I for one would be curious and do it when no one is watching, not because it's right or ethical, but because I would want to know if I'm getting shafted with the pay. As the answers above pointed out, I would refrain if specifically requested not to or it's illegal to do so.






                                                                        share|improve this answer

















                                                                        • 5




                                                                          If I find out that you looked at my salary without my permission and without any need I will do my hardest to get you out of the company. I think my boss will agree with this, so I won’t have to work hard. Even more with GDPR.
                                                                          – gnasher729
                                                                          yesterday






                                                                        • 5




                                                                          "Depends on what you consider ethically wrong." - spot on; there are some truths people don't like to hear; like ethics is a personal thing. Legal points are not however - and this would be breaking the law. Anyway, what would you do if you did find out you were being paid less - if you say to your boss "I saw everyones pay and I want more" their reply will be with a boot.
                                                                          – UKMonkey
                                                                          yesterday






                                                                        • 1




                                                                          @paulj, OP was told to work on billing/invoicing, not payroll. IANAL, but pretty sure this would be a violation of GDPR
                                                                          – cdkMoose
                                                                          yesterday






                                                                        • 1




                                                                          @paulj what makes you think he's a wage slave; do you know his income? As for what law it breaks, as almost every answer here says, GDPR. I'd put money that it says it in his contract too. As for ethically, most would argue that spying on your colleagues isn't ethical. I suggest you read answers and comments before commenting.
                                                                          – UKMonkey
                                                                          yesterday






                                                                        • 3




                                                                          '"because I would want to know if I'm getting shafted with the pay." - This is not a valid reason to view sensitive information. This is absolutely horrible advice. If the author has a business need to test something on the production server, the author can view his own information, instead of that of a colleague.
                                                                          – Ramhound
                                                                          yesterday
















                                                                        -1














                                                                        Depends on what you consider ethically wrong. I for one would be curious and do it when no one is watching, not because it's right or ethical, but because I would want to know if I'm getting shafted with the pay. As the answers above pointed out, I would refrain if specifically requested not to or it's illegal to do so.






                                                                        share|improve this answer

















                                                                        • 5




                                                                          If I find out that you looked at my salary without my permission and without any need I will do my hardest to get you out of the company. I think my boss will agree with this, so I won’t have to work hard. Even more with GDPR.
                                                                          – gnasher729
                                                                          yesterday






                                                                        • 5




                                                                          "Depends on what you consider ethically wrong." - spot on; there are some truths people don't like to hear; like ethics is a personal thing. Legal points are not however - and this would be breaking the law. Anyway, what would you do if you did find out you were being paid less - if you say to your boss "I saw everyones pay and I want more" their reply will be with a boot.
                                                                          – UKMonkey
                                                                          yesterday






                                                                        • 1




                                                                          @paulj, OP was told to work on billing/invoicing, not payroll. IANAL, but pretty sure this would be a violation of GDPR
                                                                          – cdkMoose
                                                                          yesterday






                                                                        • 1




                                                                          @paulj what makes you think he's a wage slave; do you know his income? As for what law it breaks, as almost every answer here says, GDPR. I'd put money that it says it in his contract too. As for ethically, most would argue that spying on your colleagues isn't ethical. I suggest you read answers and comments before commenting.
                                                                          – UKMonkey
                                                                          yesterday






                                                                        • 3




                                                                          '"because I would want to know if I'm getting shafted with the pay." - This is not a valid reason to view sensitive information. This is absolutely horrible advice. If the author has a business need to test something on the production server, the author can view his own information, instead of that of a colleague.
                                                                          – Ramhound
                                                                          yesterday














                                                                        -1












                                                                        -1








                                                                        -1






                                                                        Depends on what you consider ethically wrong. I for one would be curious and do it when no one is watching, not because it's right or ethical, but because I would want to know if I'm getting shafted with the pay. As the answers above pointed out, I would refrain if specifically requested not to or it's illegal to do so.






                                                                        share|improve this answer












                                                                        Depends on what you consider ethically wrong. I for one would be curious and do it when no one is watching, not because it's right or ethical, but because I would want to know if I'm getting shafted with the pay. As the answers above pointed out, I would refrain if specifically requested not to or it's illegal to do so.







                                                                        share|improve this answer












                                                                        share|improve this answer



                                                                        share|improve this answer










                                                                        answered yesterday









                                                                        BoboDarph

                                                                        2,7771516




                                                                        2,7771516








                                                                        • 5




                                                                          If I find out that you looked at my salary without my permission and without any need I will do my hardest to get you out of the company. I think my boss will agree with this, so I won’t have to work hard. Even more with GDPR.
                                                                          – gnasher729
                                                                          yesterday






                                                                        • 5




                                                                          "Depends on what you consider ethically wrong." - spot on; there are some truths people don't like to hear; like ethics is a personal thing. Legal points are not however - and this would be breaking the law. Anyway, what would you do if you did find out you were being paid less - if you say to your boss "I saw everyones pay and I want more" their reply will be with a boot.
                                                                          – UKMonkey
                                                                          yesterday






                                                                        • 1




                                                                          @paulj, OP was told to work on billing/invoicing, not payroll. IANAL, but pretty sure this would be a violation of GDPR
                                                                          – cdkMoose
                                                                          yesterday






                                                                        • 1




                                                                          @paulj what makes you think he's a wage slave; do you know his income? As for what law it breaks, as almost every answer here says, GDPR. I'd put money that it says it in his contract too. As for ethically, most would argue that spying on your colleagues isn't ethical. I suggest you read answers and comments before commenting.
                                                                          – UKMonkey
                                                                          yesterday






                                                                        • 3




                                                                          '"because I would want to know if I'm getting shafted with the pay." - This is not a valid reason to view sensitive information. This is absolutely horrible advice. If the author has a business need to test something on the production server, the author can view his own information, instead of that of a colleague.
                                                                          – Ramhound
                                                                          yesterday














                                                                        • 5




                                                                          If I find out that you looked at my salary without my permission and without any need I will do my hardest to get you out of the company. I think my boss will agree with this, so I won’t have to work hard. Even more with GDPR.
                                                                          – gnasher729
                                                                          yesterday






                                                                        • 5




                                                                          "Depends on what you consider ethically wrong." - spot on; there are some truths people don't like to hear; like ethics is a personal thing. Legal points are not however - and this would be breaking the law. Anyway, what would you do if you did find out you were being paid less - if you say to your boss "I saw everyones pay and I want more" their reply will be with a boot.
                                                                          – UKMonkey
                                                                          yesterday






                                                                        • 1




                                                                          @paulj, OP was told to work on billing/invoicing, not payroll. IANAL, but pretty sure this would be a violation of GDPR
                                                                          – cdkMoose
                                                                          yesterday






                                                                        • 1




                                                                          @paulj what makes you think he's a wage slave; do you know his income? As for what law it breaks, as almost every answer here says, GDPR. I'd put money that it says it in his contract too. As for ethically, most would argue that spying on your colleagues isn't ethical. I suggest you read answers and comments before commenting.
                                                                          – UKMonkey
                                                                          yesterday






                                                                        • 3




                                                                          '"because I would want to know if I'm getting shafted with the pay." - This is not a valid reason to view sensitive information. This is absolutely horrible advice. If the author has a business need to test something on the production server, the author can view his own information, instead of that of a colleague.
                                                                          – Ramhound
                                                                          yesterday








                                                                        5




                                                                        5




                                                                        If I find out that you looked at my salary without my permission and without any need I will do my hardest to get you out of the company. I think my boss will agree with this, so I won’t have to work hard. Even more with GDPR.
                                                                        – gnasher729
                                                                        yesterday




                                                                        If I find out that you looked at my salary without my permission and without any need I will do my hardest to get you out of the company. I think my boss will agree with this, so I won’t have to work hard. Even more with GDPR.
                                                                        – gnasher729
                                                                        yesterday




                                                                        5




                                                                        5




                                                                        "Depends on what you consider ethically wrong." - spot on; there are some truths people don't like to hear; like ethics is a personal thing. Legal points are not however - and this would be breaking the law. Anyway, what would you do if you did find out you were being paid less - if you say to your boss "I saw everyones pay and I want more" their reply will be with a boot.
                                                                        – UKMonkey
                                                                        yesterday




                                                                        "Depends on what you consider ethically wrong." - spot on; there are some truths people don't like to hear; like ethics is a personal thing. Legal points are not however - and this would be breaking the law. Anyway, what would you do if you did find out you were being paid less - if you say to your boss "I saw everyones pay and I want more" their reply will be with a boot.
                                                                        – UKMonkey
                                                                        yesterday




                                                                        1




                                                                        1




                                                                        @paulj, OP was told to work on billing/invoicing, not payroll. IANAL, but pretty sure this would be a violation of GDPR
                                                                        – cdkMoose
                                                                        yesterday




                                                                        @paulj, OP was told to work on billing/invoicing, not payroll. IANAL, but pretty sure this would be a violation of GDPR
                                                                        – cdkMoose
                                                                        yesterday




                                                                        1




                                                                        1




                                                                        @paulj what makes you think he's a wage slave; do you know his income? As for what law it breaks, as almost every answer here says, GDPR. I'd put money that it says it in his contract too. As for ethically, most would argue that spying on your colleagues isn't ethical. I suggest you read answers and comments before commenting.
                                                                        – UKMonkey
                                                                        yesterday




                                                                        @paulj what makes you think he's a wage slave; do you know his income? As for what law it breaks, as almost every answer here says, GDPR. I'd put money that it says it in his contract too. As for ethically, most would argue that spying on your colleagues isn't ethical. I suggest you read answers and comments before commenting.
                                                                        – UKMonkey
                                                                        yesterday




                                                                        3




                                                                        3




                                                                        '"because I would want to know if I'm getting shafted with the pay." - This is not a valid reason to view sensitive information. This is absolutely horrible advice. If the author has a business need to test something on the production server, the author can view his own information, instead of that of a colleague.
                                                                        – Ramhound
                                                                        yesterday




                                                                        '"because I would want to know if I'm getting shafted with the pay." - This is not a valid reason to view sensitive information. This is absolutely horrible advice. If the author has a business need to test something on the production server, the author can view his own information, instead of that of a colleague.
                                                                        – Ramhound
                                                                        yesterday










                                                                        aries is a new contributor. Be nice, and check out our Code of Conduct.










                                                                        draft saved

                                                                        draft discarded


















                                                                        aries is a new contributor. Be nice, and check out our Code of Conduct.













                                                                        aries is a new contributor. Be nice, and check out our Code of Conduct.












                                                                        aries is a new contributor. Be nice, and check out our Code of Conduct.
















                                                                        Thanks for contributing an answer to The Workplace Stack Exchange!


                                                                        • Please be sure to answer the question. Provide details and share your research!

                                                                        But avoid



                                                                        • Asking for help, clarification, or responding to other answers.

                                                                        • Making statements based on opinion; back them up with references or personal experience.


                                                                        To learn more, see our tips on writing great answers.





                                                                        Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                                                                        Please pay close attention to the following guidance:


                                                                        • Please be sure to answer the question. Provide details and share your research!

                                                                        But avoid



                                                                        • Asking for help, clarification, or responding to other answers.

                                                                        • Making statements based on opinion; back them up with references or personal experience.


                                                                        To learn more, see our tips on writing great answers.




                                                                        draft saved


                                                                        draft discarded














                                                                        StackExchange.ready(
                                                                        function () {
                                                                        StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f125827%2fis-it-wrong-to-peek-at-a-colleagues-paycheck%23new-answer', 'question_page');
                                                                        }
                                                                        );

                                                                        Post as a guest















                                                                        Required, but never shown





















































                                                                        Required, but never shown














                                                                        Required, but never shown












                                                                        Required, but never shown







                                                                        Required, but never shown

































                                                                        Required, but never shown














                                                                        Required, but never shown












                                                                        Required, but never shown







                                                                        Required, but never shown











                                                                        Popular posts from this blog

                                                                        1300-talet

                                                                        1300-talet

                                                                        Display a custom attribute below product name in the front-end Magento 1.9.3.8