After yet another incident of plagiarized content, EC-Council released a statement in response (Archive). This follows both EC-Council and Jay Bavisi personally apologizing after their sexist content earlier this year. In the new apology, EC-Council does not take responsibility for what happened. Instead, they preemptively blame a wide range of people, the failure of tools, and use language that demonstrates they still do not understand the difference between plagiarism and citing a source. This article will break down their reply.
This Blog is supported and maintained by many contributors including our members, volunteers, contractors, staff and SME's who provide meaningful resources and perspective.
Notice that they first attribute their published blogs to their members and volunteers before including their paid contractors and employees. This line also tries to deflect the issue by suggesting that because they publish "meaningful resources and perspective" the offense is still somehow noble.
We have a process to ensure that such blogs have technical accuracy, language proficiency and most importantly are plagiarism free.
Their alleged 'process' is most importantly present for ensuring no plagiarism, yet it keeps happening over and over and over. Back in 2011, Attrition published a brief guide on how we detect plagiarism, but that didn't seem to get worked into their 'process'. It is trivial to find plagiarism if it is there, it just takes the desire and a little bit of time.
Before any blogs are published, we run them by industry accepted, anti-plagiarism tools.
Although the Blog passed plagiarism checks which were done via industry tools...
As members of the industry, let us give our glowing endorsement that the tools you are using are not accepted by us. They have failed you repeatedly. As Deborah Weber-Wulff wrote in Nature these tools are "a crutch, and a problem". She goes on to say "the results are often hard to interpret, difficult to navigate, and sometimes just wrong." After the first article or book you published was found to contain plagiarized content, did EC-Council do a review and test of that software? If not, why?
Recently, a complaint was brought to our attention regarding an EC-Council Blog post that lacked the proper source citation and references by the author.
This is perhaps the most damning line of their insincere apology as they demonstrate that they do not understand the difference between plagiarizing and citing. This is in reference to Alyssa Miller's blog that was clearly plagiarized. Large portions of her blog were taken and altered just enough so it wasn't word-for-word, but it was clear from the order of the content and significant pieces of text being verbatim that it was stolen from her. That isn't a case where EC-Council could have simply provided a citation (Wikipedia) to her blog. In doing so it would have tipped off readers quicker that they had plagiarized and her article simply wasn't "referenced material [supporting] the author's argument in the claimed way". Further, since so much of the content was blatantly stolen, it would not "help the reader gauge the strength and validity of the material the author has used".
Although the Blog passed plagiarism checks which were done via industry tools, our internal investigation revealed that the article was aligned closely to another author's article format and we made the decision to remove the article from the Blog indefinitely.
EC-Council again tries to deflect and take away from the severity of their actions by claiming that their blog "was aligned closely" to Miller's "article format". Content was stolen and used without permission, a specific act done by the EC-Council author, not some coincidence as they imply.
To our dismay, more complaints were brought to our attention regarding other posts on our site, all of which passed the plagiarism checks by industry accepted software (some of which have citations).
Complaints have been brought up for over ten years just by Attrition staff. We even had a thread with their CEO, Jay Bavisi, in which he resorted to unethical behavior toward us. Their repeated cries that they use software to detect plagiarism are difficult to believe when they add "some of which have citations". That implies that they don't understand how plagiarism detection software works, specifically limitations. It also demonstrates that they don't understand simple logic and publishing as anyone can add a lot of citations to a document that look impressive, but ultimately mean nothing.[1] [2] [3] [4]
EC-Council strongly respects the intellectual property rights of authors, SME's and thought leaders, and we pledge that any contributors to the EC-Council blog will be required to follow stricter protocols in order to be considered for publication, and all contributors will be required to attend mandatory formal training of our SOP's to ensure that they provide proper citation and references.
It's amusing that they add "thought leaders" to the list of contributors that have been plagiarizing. It's sad that this paragraph strongly implies that their contributors need mandatory formal training to be ethical and not plagiarize content. What is lacking here is what penalties will be enacted should any of their contributors do it in the future. They prominantly include “There is No Place for Plagiarism in Our Society” in the center of their blog in bold letters. Will they also assure the industry that there is no place for plagiarists in their organization or certification holder body? After all, they "strongly respects the intellectual property rights".
We apologize for any content that was published on the EC-Council blog that was too closely aligned with any previously published articles...
They end the apology by once again refusing to admit they plagiarized content, instead saying it "too closely aligned" to someone else's original work. This is not taking responsibility for what happened. This is not offering a sincere apology. This does not give anyone confidence that they will strive to do better.
Finally, a quick reminder: EC-Council's flagship certification is the "Certified Ethical Hacker". Note that they emphasize 'ethical' while many of their "members, volunteers, contractors, staff and SME’s" who write blogs are not. We wonder if there is an ethics clause attached to the keeping the CEH certification.