(FORTUNE Magazine) – Before announcing key promotions, a top manager at a mid-sized technology firm decided to run a loyalty check on his subordinates. He persuaded a buddy in IT to forge an e-mail to look like a personalized inquiry from a prestigious consulting firm. The information requested seemed innocuous enough, but the e-mail coyly invited the recipients to attach a "bio" to their response. At least two people bit. Guess who didn't move up?

Sleazy and deceitful? Absolutely. Atypical behavior? Absolutely not. In fact, the techno-tactic was tacitly condoned when it came to the attention of the operating committee. The more Machiavellian types admired the ruse. Everyone in the company is now a lot more circumspect about responding to outside e-mail. Is that such a bad thing?

There has probably never been a better time or technology for management to use guile, deception, and trickery to catch employees in the act of disloyalty or dishonesty. The passive surveillance of e-mail and Net usage has already become a corporate norm. But as matters of both individual practice and institutional policy, companies increasingly must decide whether to resort to more active measures to exorcise bad actors.

In other words, we will see a surge of "cyberstings" as organizations realize that networks make testing human integrity even easier than testing data integrity. Law enforcement agencies already embrace "e-stings" as essential to their crime-fighting initiatives. Cops regularly make markets on eBay to see who is willing to sell or buy illicit and/or stolen goods. The FBI and other agencies have successfully run stings to flush out sexual predators who would use the Internet to seduce underage boys and girls. Is this such a bad thing? Does it truly make criminals out of otherwise honest people? Not bloody likely.

As e-commerce proliferates and evolves, so will the cybersting. The feds and the Interpreneurs will cheerfully collaborate to set traps to catch next-generation perps aspiring to launch the next round of "denial of service" site attacks. Cybercops and binary billionaires are gonna become better buddies.

Is this errant speculation about the future of entrapment? Well, to quote one CEO who obviously believed he was entrapped, it depends on what the meaning of "is" is. The legal and ethical issues surrounding "entrapment" guarantee noisy debate about just what level of deceitfulness is necessary to uncover deceit.

When the New York Times sacked 22 employees for circulating pornographic e-mails in clear violation of company policy, the high-profile terminations provoked global comment about whether the punishment fit the crime. Certainly, no outraged employees had reported the offenders; Times management stumbled across those e-mails by accident.

But suppose a manager had sent--or had caused to be sent--a pornographic e-mail to an employee explicitly to test if she would observe the corporate policy of immediately reporting inappropriate messages. If the employee simply deleted the e-mail without reporting the offense, should she be punished? Does deliberately sending that e-mail constitute a loathsome attempt to entrap, or is it a thoroughly legitimate effort to see if an employee is prepared to honor the rules?

Pro-active management might use their networks to test all manner of legal, ethical and organizational compliance. An employee could receive e-mails containing "humorous" ethnic epithets or a sleazy but legal request from a key supplier or customer. A hard-nosed manager might contrive an outright illegal request to an employee to see what she would do. What should she disclose, and when should she disclose it? Managers can figure out all kinds of creative ways to challenge their employees. Sometimes, testing managerial integrity can be as important as testing managerial skill. No one wants to work for a company with a Stasi-like rat's nest of squealers and informers. On the other hand, one company's ratfink is another firm's whistle blower. And if you think companies don't need to act like law enforcement agencies sometimes, talk to the wealthy lawyers who sue them for harassment, discrimination, and other alleged misconduct on the part of their employees.

So don't bet on too many organizations scrambling to the moralistic high ground by promising never, ever to lead their employees into temptation. It's all too easy to imagine how even the best-intentioned corporate cybersting could be abused to set up employees targeted for dismissal or disrepute. Yet it's understandable why organizations feel they have not only the right but also the obligation to see how rigorously their policies--and the law--are followed.

Ronald Reagan's admonition about nuclear arms control comes to mind: "Trust but verify." The ethical problems arise because active verifications can be so much more effective than passive ones. As organizations become more Net-centric, the aggressiveness of the verification and the strength of that trust are sadly guaranteed to be at odds. The Net truly puts the "e" in entrapment.

MICHAEL SCHRAGE is co-director of the MIT Media Lab's e-markets initiative and the author of Serious Play. Reach him at michael_schrage@fortunemail.com.