Keep private and confidential information gained professional work, (in particular as it pertains to client lists and client personal information). Not collect, give, sell, or transfer any personal information (such as name, e-mail address, Social Security number, or other unique identifier) to a third party without client prior consent.
Protect the intellectual property of others by relying on her/his own innovation and efforts, thus ensuring that all benefits vest with its originator.
Disclose to appropriate persons or authorities potential dangers to any e-commerce clients, the Internet community, or the public, that she/he reasonably believes to be associated with a particular set or type of electronic transactions or related software or hardware.
Areas of Expertise:
Provide service in their areas of competence, being honest and forthright about any limitations of her/his experience and education. Ensure that she/he is qualified for any project on which he/she works or proposes to work by an appropriate combination of education, training, and experience.
Never knowingly use software or process that is obtained or retained either illegally or unethically.
Not engage in deceptive financial practices such as bribery, double billing, or other improper financial practices.
Use the property of a client or employer only in ways properly authorized, and with the owner’s knowledge and consent.
Disclose to all concerned parties those conflicts of interest that cannot reasonably be avoided or escaped.
Ensure good management for any project he/she leads, including effective procedures for promotion of quality and full disclosure of risk.
Add to the knowledge of the e-commerce profession by constant study, share the lessons of her/his experience with fellow EC-Council members, and promote public awareness of benefits of electronic commerce.
Conduct herself/himself in the most ethical and competent manner when soliciting professional service or seeking employment, thus meriting confidence in her/his knowledge and integrity.
Ensure ethical conduct and professional care at all times on all professional assignments without prejudice.
Not associate with malicious hackers nor engage in any malicious activities.
Not purposefully compromise or cause to be compromised the client organization’s systems in the course of your professional dealings.
Ensure all penetration testing activities are authorized and within legal limits.
Not partake in any black hat activity or be associated with any black hat community that serves to endanger networks.
Not be part of any underground hacking community for purposes of preaching and expanding black hat activities.