Definitely - and the intent of the business model and the business itself. I've worked on products before that on the surface (and even what I was told by the folks running it) could have done good. But the company had no intention of using it for good. They had every intention of lying about where they were really making their money though.

I feel like all the justification we see in our industry of "it's just a tool, it's not our fault if it's used poorly" can often end up being a variant of the banality of evil. What if its most obvious use case is the malicious one? What if the company paying you to make it has the malicious use case of the tool in mind? Would the company and the product exist/be sustainable without the malicious use case? Are there ways to curb the malicious use case that are being ignored - intentionally or not? We've got to start asking ourselves these questions. The ACM and IEEE would insist that it is part of our core duty to be asking these questions.