A Decision Framework for What Not to Build

ai risk business ethics

The Problem

There are thousands of resources on how to build things. There are almost none on when not to.

This gap has always existed, but AI tools have made it faster and easier to ignore. When any idea can be prototyped in minutes, the constraint is no longer “can we build this?” — it’s “should we?”

The Questions

Before writing code, launching a scan, or building a tool, these questions are worth asking:

  • Would I want someone doing this to me, my company, or my clients?
  • If this project leaked, could it cause damage beyond my control?
  • Is the goal educational, defensive, or quietly harmful?
  • Am I building something that assumes trust — or abuses it?
  • If someone else found this on my machine, would I be comfortable explaining it?
  • Is this solving a real problem — or just demonstrating that I can break something?

Why This Matters Now

AI coding assistants will eagerly scaffold exploits, scrapers, and surveillance tools without hesitation. Clients will request tools that feel innocent until you examine the actual use case. Perfectly legal builds can have catastrophic ethical consequences.

Intent doesn’t compile. The tool doesn’t know or care what it’s being used for.

The same hammer builds a house and breaks a window. Same tool, same function, completely different outcomes. The difference is the person holding it.

The Framework in Practice

Most security incidents aren’t masterminded by sophisticated attackers. They’re the result of careless builders, naive developers, and people who never paused to ask better questions.

The one-second pause — “what happens if the wrong person uses this, and how can I mitigate that?” — is the cheapest security control that exists.

This doesn’t mean stifling creativity or refusing to experiment. It means developing a clear sense of where your boundaries are before you’re under pressure to decide in the moment.

The Business Case

If clients believe you’ll build anything for the right price, you’ll attract clients who test that assumption. A clear ethical framework isn’t just a moral position — it’s a filter for the kind of work and clients that are worth your time.

The goal isn’t perfection. It’s never becoming the cautionary tale. Build carefully. Ask questions first.

The Big Ask

Over the years of learning more and more about AI, I keep finding two distinct clients. Those who are ambitious and careful. Those who are recklessly using AI tools, cutting corners, and dumping their entire life and business context into these models. I hope one day someone will read my work and research, find some semblance of direction, or maybe even a light tower to strive toward. Until then, I just write it down.