- Keep private and confidential information gained in your professional work, (in particular as it pertains to
client lists and client personal information). Not collect, give, sell, or transfer any personal information
(such as name, e-mail address, Social Security number, or other unique identifier) to a third party without
client prior consent.
- Protect the intellectual property of others by relying on your own innovation and efforts, thus ensuring that
all benefits vest with its originator.
- Disclose to appropriate persons or authorities potential dangers to any ecommerce clients, the Internet community,
or the public, that you reasonably believe to be associated with a particular set or type of electronic transactions
or related software or hardware.
- Provide service in your areas of competence, being honest and forthright about any limitations of your experience
and education. Ensure that you are qualified for any project on which you work or propose to work by an appropriate
combination of education, training, and experience.
- Never knowingly use software or process that is obtained or retained either illegally or unethically.
- Not to engage in deceptive financial practices such as bribery, double billing, or other improper financial practices.
- Use the property of a client or employer only in ways properly authorized, and with the owner’s knowledge and
- Disclose to all concerned parties those conflicts of interest that cannot reasonably be avoided or escaped.
- Ensure good management for any project you lead, including effective procedures for promotion of quality and
full disclosure of risk.
- Add to the knowledge of the e-commerce profession by constant study, share the lessons of your experience with
fellow EC-Council members, and promote public awareness of benefits of electronic commerce.
- Conduct oneself in the most ethical and competent manner when soliciting professional service or seeking employment,
thus meriting confidence in your knowledge and integrity.
- Ensure ethical conduct and professional care at all times on all professional assignments without prejudice.
- Not to associate with malicious hackers nor engage in any malicious activities.
- Not to purposefully compromise or allow the client organization’s systems to be compromised in the course of
your professional dealings.
- Ensure all penetration testing activities are authorized and within legal limits.
- Not to take part in any black hat activity or be associated with any black hat community that serves to endanger
- Not to be part of any underground hacking community for purposes of preaching and expanding black hat activities.
- Not to make inappropriate reference to the certification or misleading use of certificates, marks or logos in
publications, catalogues, documents or speeches.
- Not to be in violation of any law of the land or have any previous conviction.