The web is a shoddy piece of work, as any real information professional will tell you. The two incidents I’m about to relate are pretty typical — and in my opinion they’re also clear examples of unprofessional behaviour bordering on the unethical.
So why are web designers allowed to get away with dodgy work which in other industries would get you driven out of business?
Incident 1: “The guy who knows how to do that left, sorry”
A “design and marketing” company was building a database-driven website for one of my business clients. I wasn’t involved until the time came to set up the site on the web server. But as soon as I saw the code I noticed fundamental security flaws — real beginner’s stuff that meant the site was trivial to hack.
It turns out that the programmer who’d written this code had left the company, leaving the site to be finished by a “web designer” who didn’t know programming. In his defence, the flaws were there from the beginning and weren’t his work. Web designers don’t get security training — and indeed it’s possible to get a Bachelor of IT without being exposed to security issues at all.
But what astounds me is that the company thought it was OK to continue on this project when no-one had the expertise to deliver a professional result — and that “the programmer left” was seen to be a reasonable excuse for delivering flawed code.
I was appalled to see that the company’s website listed “online applications” as one of their skills, because secure programming is fundamental to that. And they said they “pride[d] themselves” on their “business integrity”.
To give an analog from the physical world:
We’re building a bridge. Half-way through the job, the civil engineer resigns. But that’s OK, we’ll finish the bridge with the painter in charge. We claim to be bridge-builders of integrity, but we don’t have anyone on staff with engineering qualifications.
In my opinion, this company is guilty of misleading conduct, and of delivering a product (the website code) which is not fit for purpose (since it cannot withstand the most basic of hacker attacks it would face on the Internet).
Incident 2: “We don’t have the skills for that, but we’ll do it anyway”
There’s another client for whom I’ve been doing the odd bit of website work — just basic website maintenance for their clients — and I work directly in HTML code. But the latest project is for a government agency, and their requirement is that the site is to be maintained in software called Dreamweaver and Contribute. Without going into technical details, this means the site should be built using those tools.
As it happens, I don’t use Dreamweaver. I’ve never even launched the program, and I have no knowledge whatsoever of the “best practices” for building a website to be maintained in Contribute. I’ve got nothing against Dreamweaver per se, it’s just that I don’t know how to use it.
So I told the client, saying “I think I am the wrong choice here,” and “My recommendation would be to use someone who’s already proficient with Dreamweaver and preparing sites for Contribute.”
But now I find myself under pressure to do it anyway — even though I don’t have the skills for the job. Can’t we just build the site, I’m being asked, and then figure out how it’ll be maintained later?
Physical world analogy:
We build houses from brick, and we have an experienced bricklayer. But a new client wants their house built from wood so it can be maintained by their carpenters. We don’t have a carpenter. Still, our bricklayer is smart, perhaps he can figure it out? Let’s just build it out of brick and worry about the carpenter thing later.
Needless to say, this approach is almost guaranteed to deliver a dodgy result.
What’s particularly galling is that I’d pointed out this issue a fortnight ago.
I’ll admit it’s flattering that the client thinks I’m smart enough to figure out how to use a completely unknown tool and deliver a working website in just a few days. But if you were the end client, would you be happy that your website was built by someone who didn’t actually have the right skills?
As long as it looks OK…
I reckon there’s two problems here:
- Most designers don’t know how websites work “under the hood”. They figure that if it looks OK, and the client thinks it looks OK, then all’s well. But this is like saying that as long as the car looks OK and goes fast, it doesn’t matter whether it’s safe or reliable — just as long as it’s out the door and the client pays then what happens after that isn’t our problem.
- There are no professional standards. Even though I’m not a builder, I know that an apartment building has to conform to local building codes, and that if a builder fails to meet those codes then it’s a problem — no matter how good the paintwork or how shiny the kitchen appliances.
Wow, I seem to be making a case for “building standards” for websites.
But maybe that’s what we need. When the world is flooded with “web designers” who spent a few weeks making “cool animations” in Flash, clients do have trouble understanding why they should spend more on someone who actually knows about usability, testing and bug-fixing, security and accessibility.
But is it unethical?
To go back to my original question… My feeling is that both of the incidents I’ve described are unprofessional behaviour, perhaps even unethical. Am I right?
Most professional codes of ethics, such as those of the Australian Computer Society of which I’m a member, talk about honestly representing your skills. I don’t think either of these companies are honestly representing their skills to their clients. And that’s not good enough.