CI professionals have to be very careful to avoid crossing either legal or ethical boundaries when collecting data for any intelligence program. In spite of the print media's frequent failure to see this, there is a distinct and critical difference between competitive intelligence and industrial espionage. Industrial espionage involves violating criminal or civil law to collect data; CI does not. For example, stealing samples at a trade show and illegally accessing (or hacking) computer files both constitute industrial espionage. In some instances, a gray area exists between industrial espionage and legitimate intelligence collection efforts; in these instances, you may face a decision about taking actions that are not illegal, but that still violate your company's policies or ethical standards or even your own.

Always remember that you should never break the law or engage in unethical practices to develop effective CI. One school of thought puts the relative availability and benefit of so-called "open source information," which is data available to everyone (and which is primarily secondary data) as follows: