Professional Ethics & Codes of Conduct
Last lecture
- Professionalism
- Traits of a Professional
- IEEE Code of Ethics
Motivation for “code of ethics”
-
Historical
–professional associations use mechanism to establish status as a profession
–regulate their membership
–convince public that associate deserves to be self-regulated
-
Self-regulation: one solution
–apply code of ethics
–ethics review board
–deter unethical behavior of members
Code of ethics
- Lists possible violations
- Threaten sanctions for such violations
- Association of Computing Machinery (ACM)
–One of the two most important professional associations for computer scientists / IT professionals
–1972: Code of Professional conduct
–1992: Code of Ethics and Professional Conduct
- Difficulties implementing ethics review system
–1972’s goal was “carrots and sticks”
–1992’s goal: major shift towards socialization and education
–Clarifies professionals’ responsibility to society
Most important goal
- Provides an aid to individual decision making
- Presentation addresses nine different cases (with some overlap)
–intellectual property
–privacy
–confidentiality
–professional quality
–fairness or discrimination
–liability
–software risks
–conflicts of interest
–unauthorized access to computer systems
ACM Code of Ethics (1)
- General moral imperatives: “As an ACM member I will…”
1.Contribute to society and human well-being.
2.Avoid harm to others.
3.Be honest and trustworthy.
4.Be fair and take action not to discriminate.
5.Honour property rights including copyrights and patents.
6.Give proper credit for intellectual property.
7.Respect the privacy of others.
8.Honour confidentiality.
ACM Code of Ethics (2)
- Specific professional responsibilities: “As an ACM computing professional I will”:
1.Strive to achieve the highest quality, effectiveness and dignity in both the process and products of professional work.
2.Acquire and maintain professional competence.
3.Know and respect existing laws pertaining to professional work.
4.Accept and provide appropriate professional review.
5.Give comprehensive and thorough evaluations of computer system and their impacts, including analysis of possible risks.
6.Honour contracts, agreements, and assigned responsibilities.
7.Improve public understanding of computing and its consequences.
8.Access computing and communication resources only when authorized to do so.
ACM Code of Ethics (3)
- Organization leadership imperatives: “As an ACM member and an organizational leader, I will:”
1.Articulate social responsibilities of members of an organizational unit and encourage full acceptance of those responsibilities.
2.Manage personnel and resources to design and build information systems that enhance the quality of working life.
3.Acknowledge and support proper and authorized uses of an organization’s computing and communication resources.
4.Ensure that users and those who will be affected by a design have their needs clearly articulated during the assessment and design of requirements; later the system must be validated to meet requirements.
5.Articulate and support policies that protect the dignity of users and others affected by a computing system.
6.Create opportunities for members of the organization to learn the principles and limitations of computer systems.
ACM Code of Ethics (4)
- Compliance with the Code: “As an ACM member, I will:”
1.Uphold and promote the principles of this Code.
2.Treat violations of this code as inconsistent with membership in the ACM.
Ethical decision making: Case 1
- Ali is a database programmer
–large statistical program needed by his company (actuarial requirements)
–company programmers are encouraged to publicize their work
- Ali has found himself stuck on a problem
–Has persisted at this for several months.
–His manager does not recognize complexity of problem.
–She insists job be completed in the few days.
- Ali remembers:
–co-worker had given him source listings of their current work
–he also has an early version of commercial software developed at another company
Ethical decision making: Case 1
- Ali studies these programs
–Sees two areas of code which could be directly incorporated into his own program
–He uses segments of code both from his coworker and from the commercial software
–He does not tell anyone or mention it in the documentation.
- He completes the project and turns it in a day ahead of time.
- How does the Code of Ethics help us understand this case?
Applying the code: Case 1
- This case highlights issues involving intellectual property
–1.6: “Give proper credit for intellectual property”
–Specifically, do not take credit for other’s ideas or work.
- Property rights principle (1.5)
–copyrights, patents, trade secrets, license agreements
- Restrictions also ground in:
–integrity (1.3)
–complying with existing laws (2.3)
Applying the code: Case 1
- Ali violated professional ethics in two areas:
–Failure to give credit for another’s work.
–Using code from a commercial package that (presumably) was copyrighted.
- If Ali only “looked” at co-worker’s source code:
–Could he then write his own program and still have an obligation to give credit?
- Yes:
–He should have acknowledged credit in documentation.
–(Some professional discretion possible here, especially if intellectual material is trivial.)
- Use of commercial software code was also not appropriate:
–Ali should have checked to determine whether or not company was authorized to use source code before using it.
- In general:
–Desirable to share and exchange intellectual materials
–But using bootlegged software is definitely a violation of code.
Ethical decision making: Case 2
- Three years ago, Aisha started her own consulting business
–She is so successful she now has several people working for her.
–Has many clients.
–Includes work such as advising on network architectures, designing DBMSes, security.
- Presently designing a DBMS for the personnel office a medium-sized (100 person) company.
–Aisha has involved client in design process
–Informs CEO, CTO and human resources head about system progress
- Now it is time to make decisions about the kind and degree of security to build into system.
- Aisha has described several options.
- Because of cost overruns, client has decided to opt for a less secure system.
–Aisha believes information they will store is extremely sensitive (performance evaluations, medical records for insurance claims, salaries, etc.)
- With weak security:
–Employees on workstations could figure out how to access this data.
–Online intruders would also have access
- Aisha feels strongly that system should be much more secure.
–She has tried to explain the risk.
–CEO, CTO and HR all agree that less security will do.
- What should Aisha so?
–Should she refuse to build the system as they request?
Applying the Code: Case 2
- This case highlights issues involving privacy
–Principle 1.7 deals with privacy
–Principle 1.8 deals with confidentiality
- Code guidelines state that:
–“computer professionals are obligated to preserve the integrity of data about individuals…”
–“… from unauthorized access or accidental disclosure to inappropriate individuals”
- Code also specifies for organizational leaders:
–Principle 3.5 (enhance personal dignity)
–Principle 3.4 (assess needs of all those affected by system)
-
- Company officials:
–Have an obligation to protect privacy of their employees.
–Therefore they should not accept inadequate security.
- Aisha’s first obligation:
–Attempt to educate company officials (implied by principle 2.7)
- If that fails, she needs to consider her contractual obligations (principle 2.6) in honouring assigned responsibilities.
- We don’t have Aisha’s contract, but she may have to choose between her contract and her obligation to honour privacy and security.