CEN4020: Software Engineering II up↑

Ethics & Software Engineering

Use "a" key to toggle between slide-at-a-time and single-page modes. Use the space bar or right arrow for next slide,
left arrow to back up, and "c" key for table of contents.

Software Engineering Ethics

Most of the people affected by the devices, systems, and services of professionals do not understand how they work and cannot easily judge their quality and safety. This creates special responsibilities for the professional.

Thus, computer ethics includes ethical issues faced by a computer professional as part of the job. These include relationships and responsibilities toward customers, coworkers, employees, employers, others who use one's products, and others whom they affect Includes people who manage, select, or use computers in a professional setting.

How are these other professions different from computer professionals as far as code of ethics?

Need license to practice (medical, legal, engineering)
  • Need to pass an exam to obtain license
  • Members can be brought up before an ethics board for their profession and be censured or sanctioned for unethical behavior
    • We don't (yet) have that in computer profession, but it may happen within your lifetime.

    Special Responsibilities

    Facing computer professionals and users:

    Example Scenario


    These are practical and legal issues, and also ethical ones.

    Ethics

    A functioning society depends on some consensus about ethical principles.

    Unfortunately, they are culture-specific. Internationalization and "multi-culturalism" can lead to ethical dissonnances.

    Ethical rules are rules to follow in our interactions with other people and in our actions that affect other people.

    Most ethical theories attempt to achieve the same goal: to enhance human dignity, peace, happiness, and well-being.

    Ethical rules apply to all of us and are intended to achieve good results for people in general and for situations in general - not just for ourselves and not just for one situation.

    Reaching the Right Decision

    Ethical theories help to identify important principles or guidelines.

    They do not completely settle difficult, controversial issues.

    They help to identify important principles or guidelines.

    They remind us of things to consider.

    They can help clarify reasoning and values.

    Some Important Distinctions

    1) Right, wrong, and okay:

    In situations with ethical dilemmas, there are often many options that are ethically acceptable, with no specific one ethically required Therefore, it is misleading to divide all acts into ethically right or ethically wrong.

    2) Distinguishing wrong and harm:

    Carelessly and needlessly causing harm is wrong, but it is important to remember that harm alone is not a sufficient criterion to determine that an act is unethical.

    Some acts may cause harm to others but are not necessarily unethical.

    Opening a Walmart may put many small local businesses out of business but it is not unethical.

    Accepting a job offering knowing that someone else wanted the job and needed it more than you do isn't unethical.

    Writing a great program that will put competitors out of business completely and cause many people to lose their jobs isn't unethical.

    Lack of harm is not sufficient to conclude that an act is ethically acceptable.

    A hacker breaking into computer systems without authorization but without doing harm to the computer systems is unethical (even though no harm was done).

    More Important Distinctions

    It can be difficult to draw a line between what we consider ethically wrong and what we personally disapprove of. Suppose a company which advocates some policy you deeply think ethically wrong (example: abortion rights group or an anti-abortion group) wants to hire you to build software (example: membership database, mailing-list program, etc.) The company is acting ethically (based on freedom of speech). If you decline the assignment that is also acting ethically (the company's freedom of speech does not impose an ethical obligation on you to assist them assistance).

    Ethics precedes law in the sense that ethical principles help determine whether or not we should pass specific laws. Some laws enforce ethical rules (e.g., against murder and theft). Some acts are ethical but illegal. Example: Is it ethical to violate a to provide marijuana for use by terminally ill people? Other acts are legal but unethical. Example: Is it ethical to sell mailing lists based on customer purchasing history?

    Computer Professionals

    Be it computer science or medicine, an expert in a field that most customers know little about has certain responsibilities.

    A professional "advertises" (claims) to have expertise. Customer's rely on their knowledge, expertise, and honesty. This creates an obligation fro the professional to provide what is advertised.

    The products and services supplied by many professionals (e.g., bridges, investment advice, surgery, computer systems) profoundly affect large numbers of people. A computer professional's work can affect the life, health, finances, freedom, and future of a client or members of the public. A professional can cause great harm through dishonesty, carelessness, or incompetence. Often the victims have little ability to protect themselves. Many are not the direct customers of the professional, and so have no direct control or decision-making in choosing the product or making decisions about its quality and safety. Thus, computer professionals have special responsibilities not only to their customers, but also to the general public, and to the potential users of their products, regardless of whether they have a direct relationship with the users.

    Codes of Professional Conduct

    Professional Codes for Software Engineers

    These are the two main organizations in the computing field.

    Q: How does a software engineer "learn" to be ethical?

    IEEE CS Principle 1: Public

    Software engineers shall act consistently with the public interest.

    In particular, software engineers shall, as appropriate:

    Principle 2: Client & Employer

    Software engineers shall act in a manner that is in the best interests of their client and employer, consistent with the public interest.

    Principle 3: Product

    Software engineers shall ensure that their products and related modifications meet the highest professional standards possible.

    Principle 4: Judgement

    Software engineers shall maintain integrity and independence in their professional judgment.

    Principle 5: Management

    Software engineering managers and leaders shall subscribe to and promote an ethical approach to the management of software development and maintenance.

    Principle 6: Profession

    Software engineers shall advance the integrity and reputation of the profession consistent with the public interest.

    Principle 7: Colleagues

    Software engineers shall be fair to and supportive of their colleagues.

    Principle 8: Self

    Software engineers shall participate in lifelong learning regarding the practice of their profession and shall promote an ethical approach to the practice of the profession.

    In particular, software engineers shall continually endeavor to:

    Some Ethical Issues for Consideration

    Negative & Positive Impacts

    Negative:

    Positive

    Privacy & Personal Information

    Can We Trust the Computer?

    What can go wrong?

    Increasing reliability and safety

    Perspectives on failures, dependence, risk, and progress

    Freedom of Speech

    Intellectual Property Topics

    Computer Crime Topics

    Analyzing Scenarios

    1. List all the people and organizations affected.
    2. List risks, issues, problems, and consequences.
    3. List possible actions, and consider the impact of each action.
    4. List responsibilities of the decision maker.
    5. Consult a code of professional ethics
    1. List all the people and organizations affected.
      These are the stakeholders.
      Identify their rights.
    2. List risks, issues, problems, and consequences.
    3. List possible actions.
      In cases where there is not a simple yes-or-no decision, but rather one has to choose some action.
      Analyze consequences, risks, benefits, harms, costs, costs for each action considered.
    4. List responsibilities of the decision maker.
      Consider responsibilities of both general ethics and professional ethics.
    5. Look at the related sections of the ACM Code or Software Engineering Code.

    Scenario

    You are a computer system manager.

    An employee is out sick and another employee requests that you copy all files from the sick person's computer to his so he can do some work.

    Invasion of privacy

    The sick employee might have personal files stored on the computer.

    The sick employee could also have files related to secret or proprietary company information to which other employees are not supposed to have access.

    However, the employee making the request and the company might suffer if important work is not completed on time.

    1. Call the sick employee and ask permission to copy the files.
    2. If sick employee is not reachable, request authorization from the manager of the project on which the employees are working.
    3. Only copy specific files, if given the filenames, If you do transfer the file, it is a good idea to make a list of the files copied and give it to the sick employee later Informing the employee acknowledges that copying files may have some privacy implications and alerts the employee in case you copy anything inappropriately.
    4. The right thing to do depends in large part on the policies, practices, and expectations at the particular company. If there is a strong policy against personal use of the computer system, if it is routine practice for employees to share files while working on a project, and if it is reasonable to believe that all the files to be copied are related to the project the employees are working on Then there might be no ethical problem with copying files.

    Scenario

    You are a member of a team working on a computer-controlled crash-avoidance system for automobiles.

    You think the system has a flaw that could endanger people.

    The project manager does not seem concerned and expects to announce completion of the project soon.

    Are you ethically obligated to do something?

    Given the potential consequences: YES.

    1. At a minimum, discuss your concerns with the project manager.
      • Voicing your concerns is admirable and obligatory.
      • It is also good for your company.
        internal "whistle blowing" can help protect the company, as well as the public, from all the negative consequences of releasing a dangerous product.
    2. If the manager decides to proceed as planned with no examination of the problem, your next option is to go to someone higher up in the company.
    3. If no one with authority in the company is willing to investigate your concerns, you have a more difficult dilemma.
      • You have the option of going outside the company (customer, news media, or government agency)
      • Personal risk: might lose your job
      • Also ethical issue of the damage you might do your company if the negative policy kills the project altogether
      • May want to double check your view of the entire situation by talking with other professionals
      • You may conclude that management was correct and drop the issue
      • If you determine it is worth the risk, you go further

    Scenario

    Your company has about 25 licenses for a computer program.

    You discover that it has been copied onto 80 computers.

    One resolution:

    1. The first step is to inform your supervisor that the copies violate the license agreement.
    2. If your supervisor is not willing to take any action, you can bring the problem to the attention of higher level people in the company.
    3. If no one cares, there several possible actions:
      • Give up (you have done your best to correct the problem)
      • However, if your name is on the license and you signed the agreement about the use of the software, you are obligated to honor it.
      • Call the software vendor and report the offense
      • Call the Software and Information Industry Association and report the offense
      • Quit your job