1. Professional Ethics
In Chapter 1 we described "professional ethics" as one of the three main perspectives through which computer ethics issues can be identified and analyzed.
When applied to computing, professional ethics is a field of applied ethics concerned with moral issues that impact computer professionals.

2. Why a Separate Category of Professional Ethics?
The same ethical rules involving honesty, fairness, and so forth should apply to professionals as well as to ordinary individuals.
So, if it is wrong for ordinary people to steal, cheat, lie, and so forth, then it is wrong for professionals to do so as well.
Thus, one might conclude that a separate field of study called "professional ethics" is not really needed.

3. Separate Category of Professional Ethics (continued)
Ethicists argue that some moral issues affect- ing professionals are sufficiently distinct and specialized to warrant a separate field of study.
Some also argue that professionals can have special moral obligations that exceed those of ordinary individuals.
To grasp the arguments for this view, it is useful first to understand what is meant by the terms profession and professional.

4. What Exactly is a Profession?
A profession can be understood in terms of the attributes and requirements of a professional practice, such as "calling in which special knowledge and skill are used in...the service of mankind." (Firmage, 1991)
Greenwood (1991) believes that professions are occupational fields distinguishable in terms of five characteristics: (i) systematic theory, (ii) authority, (iii) community sanction, (iv) ethical codes, and (v) a culture.

5. Who is a Professional?
Professionals who comprise a given profession also tend to have certain defining attributes and requirements.
Medical doctors, lawyers, accountants, etc. find themselves in situations in which their decisions and actions can have significant social effects, and have roles and responsibili- ties that exceed those of ordinary individuals.
Sometimes these roles and responsibilities differentiate professionals from others.

6. Who is a Computer Professional?
A computer professional might be interpreted to mean anyone who is employed in the computer, information-technology, or information/communications fields.
Or a computer professional might be thought of in more narrow terms, in which case only software engineers would be included.
There are various gradients in between the two ends of this spectrum.

7. Definition of a Computer Professional (Continued)
A computer professional could be defined in such a way that, in addition to software engineers, software quality analysts, software technical writers, and software managers and supervisors.
A software engineering team includes those who contribute by direct participation to the analysis, specification, design, development, certification, maintenance, and testing of software systems.

8. Do Computer Professionals Have Special Responsibilities?
Gotterbarn (1999) believes that because software engineers and their teams are have significant opportunities to:
(i) do good or cause harm
(ii) enable others to do good or cause harm
(iii) influence others to do good or cause harm.

9. Critical-Safety Software
Gotterbarn suggests that the roles and responsibilities involved in the development of safety-critical systems is a differentiating factor.
A "safety-critical system" is often used to refer to computer systems that can have a direct life-threatening impact.

10. Safety-Critical Software (Continued)
Examples of safety-critical software systems and applications typically include:
 aircraft and air traffic control systems
mass transportation systems
nuclear reactors missile systems
medical treatment systems.

11. Additional Safety-Critical Systems
Bowyer (2002) extends the range of safety-critical applications to include software used in the:
design of bridges and buildings;
election of water disposal sites;
development of analytical models for medical treatment.

12. Professional Codes of Ethics
Many professions have established professional societies, which in turn have adopted codes of conduct.
The medical profession established the AMA (American Medical Association),
The legal profession established the ABA (American Bar Association).
Both associations have formal codes of ethics/conduct for their members.

13. Professional Codes for Computer Societies
The computing profession has also has professional societies.
The two largest are:
The Association for Computing Machinery (ACM);
The Institute for Electrical and Electronics Engineers – Computer Society (IEEE-CS).
Both organizations have adopted professional codes of ethics.

14. Purpose of Professional Codes
Professional codes of ethics are often designed to motivate members of an association to behave in certain ways.
Four primary functions of codes are to:
inspire
guide
educate
discipline the members.

15. Criticisms of Ethical Codes
Ladd (1995) argues that ethical codes rest on a series of confusions that are both "intellectual and moral."
His argument has three main points.
First, ethics is basically an "open-ended, reflective, and critical intellectual activity."
Second, codes introduce confusions with respect to micro-ethics vs. macro-ethics.
Third, giving codes a disciplinary function makes them more like legal than ethical rules.

16. In Defense of Professional Codes
Gotterbarn argues that we need to distinguish between:
codes of ethics;
codes of conduct;
codes of practice.

17. In Defense of Professional Codes (Continued)
Codes of ethics as "aspirational," because they often serve as mission statements for the profession and thus can provide vision and objectives.
Codes of conduct are oriented more toward the professional and the professional's attitude and behavior.
Codes of practice relate to operational activities within a profession.

18. Table 4-1: Some Strengths and Weaknesses of Professional Codes
Codes inspire the members of a profession to behave ethically.
Directives included in many codes tend to be too general and too vague.
Codes guide the members of a profession in ethical choices.
Codes are not always helpful when two or more directives conflict.
Codes educate the members of a profession about their professional obligations.
A professional code’s directives are never complete or exhaustive.
Codes discipline members when they violate one or more of the code’s directives.
Codes are ineffective (have no “teeth”) in disciplinary matters.
Codes “sensitize” members of a profession to ethical issues and alert them to ethical aspects they otherwise might overlook.
Codes do not help us distinguish between micro-ethics issues and macro-ethics issues.
Codes inform the public about the nature and roles of the profession.
Directives in codes are sometimes inconsistent with one another.
Codes enhance the profession in the eyes of the public.
Codes can be self-serving for the profession.

19. Conflicts of Professional Responsibility: Employee Loyalty and Whistle-blowing
What exactly is employee loyalty?
Do employees and employers have a special obligation of loyalty to each other?
Should loyalty to one’s employer ever preclude an employee’s "blowing the whistle" in critical situations?
In which cases can whistle-blowing be justified?

20. Do Employees Have a Special Obligation to Employers?
Some believe we have a prima facie obligation of loyalty in employment contexts.
In other words, all things being equal, an employee should be loyal to his or her employer and visa versa.

21. Does employee loyalty still make sense in the context of a large computer corporation?
Duska (1991) argues that in employment contexts, loyalty only arises in special relationships based on a notion that he calls "mutual enrichment."
So in relationships in which parties are pursuing their self-interests, the notion of loyalty would not be applicable.

22. Duska’s Argument (continued)
Duska believes that employer-employee relationships – at least where corporations are concerned – are based on self-interest and not on mutual enrichment.
He concludes that employees should not necessarily feel any sense of obligation of loyalty to corporate employers.
Corporations like employees to believe that they have an obligation of loyalty to their employers because believing that serves the corporation’s interests.

23. Ladd’s Criticism of Employee Loyalty
Ladd also believes that in the context of corp- orations, loyalty can only be in one direction.
He argues that a corporation cannot be loyal to an employee in the same sense that employees are supposed to be loyal to it.
A corporation's goals are competitively linked to the benefits employees bring to the corp.
A corporation can be good to employees only because it is good for business, i.e., it is in the company's own self interest.

24. Ladd’s and Duska’s Criticisms (Continued)
Both Duska and Ladd cite corporate self-interest as an obstacle for a balanced employer-employee relationship that is required for mutual loyalty.
Consider that corporations often go through downsizing phases in which loyal employees who have served a company faithfully for several years are dismissed as part of restructuring plans.

25. Sometimes Employers Have Been Loyal
Consider a case in which an employer continues to keep an employee on the payroll even though that employee has a chronic illness, which causes her to miss several months of work.
Also consider a case in which several employees are kept on by a company despite the fact that their medical conditions have caused the corporation's health insurance costs to increase significantly, thereby reducing the company's overall earnings.

26. Employer Loyalty (continued)
Consider a recent case involving the owner of Malden Mills, whose physical plant in Massachusetts was destroyed by fire.
The mill's proprietor, Aaron Feurestein, could have chosen to rebuild his facility in a different state or country where employees would work for lower wages.
Instead, Feurestein continued to pay and provide benefits for his employees while a new facility was being built in Mass.

27. Do Computer Professionals Have Special obligations of Loyalty to Their Employers?
They have to balance their obligation of loyalty owed to an employer against other obligations of loyalty they also may have?
Loyalty is not something that an employee must give exclusively or blindly to one’s employer.
Loyalty should also be seen as an obligation that individuals have to society as a whole, especially where safety and health issues are at stake.

28. Divided Loyalties
Divided loyalties can result in serious conflicts for employees.
In certain cases, the moral dilemmas they generate are so profound that an employee must determine whether to "blow the whistle."

29. Whistle-blowing
Bowie (1982) defines whistle-blowing as "the act of an employee informing the public on the immoral or illegal behavior of an employee or supervisor."
Bok (1997) defines whistle blowing as an act in which one "makes revelations meant to call attention to negligence, abuses, or dangers that threaten the public interest."

30. Whistle-blowing (continued)
Whistle-blowing situations can arise in cases of overt wrongdoing (i.e., involving specific acts that are either illegal or immoral).
They can also arise in instances of negligence where one or more individuals have failed to act.

31. When Should an Employee “Blow the Whistle”?
Colleen Rowley, an FBI employee, came forth to describe the way in which critical messages had failed to be sent up the Federal Bureau's chain of command in the days immediately preceding the tragic events of September 11, 2001.
Was it appropriate for this individual to blow the whistle on her supervisor?
Was she also possibly being disloyal to her supervisor and fellow employees in doing so?

32. When Should an Employee “Blow the Whistle” (continued)
Should individuals in positions of authority in corporations such as Enron and WorldCom have blown the corporate whistle about the illegal accounting practices in those firms?
One could argue that failing to blow the whistle in the Enron case resulted in thousands of individuals losing their retirement savings, and in some cases their entire life savings.

33. Cases Where Whistle-blowing Could Have Saved Lives
Three cases:
Challenger Space Shuttle (O-rings);
Ford Pinto (faulty gas tank);
BART case (controversial).

34. Controversial Political Issues in Whistle-blowing
SDI (“Star Wars”) Case
Parnas blew the whistle on Star Wars because of three factors:
1. The specifications for the software could not be known with any confidence.
2. The software could not undergo realistic testing.
3. There would not be sufficient time during an attack to repair and reinstall failing software (no "real-time" debugging).

35. Criteria for Blowing the Whis- tle in an Engineering Context
De George (1981) offers some specific conditions for when an engineer is:
(a) permitted to blow the whistle;
(b) obligated to do so.

36. When an Engineer is Permitted to Blow the Whistle
1) The harm that will be done by the product to the public is serious and considerable.
2) The engineers (or employees) have made their concerns known to their superiors.
3) The engineers (or employees) have received no satisfaction from their immediate supervisors and they have exhausted the channels available within the corporation, including going to the board of directors.

37. When an Engineer is Required to Blow the Whistle
De George claims that two additional criteria are needed for requiring an engineer to blow the whistle.
4) The engineer has documented evidence that would convince a reasonable, impartial observer that his/her view of the situation is correct and the company policy wrong.
5) There is strong evidence that making the information public will in fact prevent the threatened serious harm.

38. Evaluating De George’s Criteria
James (1991) believes that De George's conditions are too lenient.
An individual has a moral obligation to blow the whistle when the first three conditions are met, as well.
We have a prima facie obligation to "disclose organizational wrongdoing" that we are unable to prevent, which could also occur when De George's first three conditions are satisfied.

39. James’ Critique of De George’s Criteria (continued)
For James, the degree of the obligation depends on the extent to which we are capable of foreseeing the severity and the consequences of the wrongdoing.
He worries that De George's model leaves us with no guidance when we are confronted with cases involving sexual harassment, violations of privacy, industrial espionage, and so forth.
Also there is a problem with the word “harm.”

40. Alpern’s Criticism of De George’s Criteria
Alpern (1991) argues that De George's model lets engineers off too easily from their whistle-blowing responsibilities.
Alpern believes that engineers must be willing to make greater sacrifices than others because they are in a greater position to do certain kinds of social harm.
He believes that these obligations come from a fundamental principle of "ordinary morality" – viz., we must do no harm.

41. Ladd’s Defense of De George’s Criteria
Ladd (1991) believes that requiring engineers to blow the whistle in non-extraordinary cases (such as in De George's conditions 1-3) can be undesirable from an ethical point of view because it demands that these individuals be "moral heroes."
Engineers should not have to be heroes or "saints."

42. An Alternative Strategy
De George and Ladd seem correct in claiming that engineers should not be required to be moral heroes or saints.
James and Alpern also seem to be correct in noting that engineers, because of the positions of responsibility they hold, should be expected to make greater sacrifices.

43. A Compromise View
McFarland (1991) argues that, collectively, engineers might be held to a higher standard of social responsibility than ordinary individuals.
However, the onus of responsibility should not fall directly on engineers as individual engineers.
Rather, it should be shouldered by engineers as members of the engineering profession.

44. McFarland’s View (Continued)
McFarland's model is based on the assumption that, as moral agents, we have a prima facie obligation to come to the aid of others.
In describing the nature of this obligation, he uses a non-engineering analogy involving the infamous Kitty Genovese case.

45. McFarland’s Argument (continued)
The analogy for engineers, McFarland draws from the Genovese case is that when no other sources of help are available, engineers should take responsibility by banning together.
If engineers act as individuals, they might not always have the ability to help.
If they act collectively, however, they might be able to accomplish goals that would otherwise not be possible.

46. McFarland’s Argument (continued)
McFarland believes that an engineer's work must be seen in a wider social context, i.e., in its relation to society.
Without that context, an adequate account of moral responsibility for engineers can’t be given.
Unless engineers work collaboratively on ethical matters, they will not be able to meet all of their responsibilities.

47. McFarland’s Argument (continued)
McFarland's model encourages engineers to shift their thinking about responsibility issues from:
the level of individual responsibility (at the micro-ethical level), to responsibility at the broader level of the profession itself (i.e., the macro-ethical level).

48. Responsibility, Liability, and Accountability
Responsibility requires that two conditions must be satisfied:
causality
intent.
Some agent, X, is held morally responsible for an act, Y, if X caused Y.

49. Responsibility (Continued)
A person could be held responsible even if he or she did not intend the outcome.
Robert Morris, who launched the "Internet worm" in 1988, claimed that he did not intend for the Internet to be brought to a standstill.
Morris was held responsible for the outcome caused by his act of unleashing the computer worm.

50. Responsibility (continued)
Agents can also be held responsible when they intend for something to happen, even if they ultimately fail to cause (or bring about) the intended outcome.
Suppose a disgruntled student intends to blow up a computer lab, but is discovered at the last minute and prevented from doing so.
Even though the student failed to carry out his objective, we hold the student morally culpable because of his intentions.

51. Liability vs. Responsibility
Liability is a legal concept.
It is sometimes used in the narrow sense of "strict liability."
To be strictly liable for harm is to be liable to compensate for it even though one did not necessarily bring it about through faulty action (e.g., when a someone is injured on a person’s property).
The moral notion of "blame" may be left out.

52. Accountability (vs. Liability and Responsibility)
Responsibility is only part of what is covered by the notion of accountability. (Nissenbaum)
Accountability means that someone, or some group of individuals, or perhaps even an entire organization is answerable.  
...there will be someone, or several people to answer not only for malfunctions in life-critical systems that cause or risk grave injuries and cause infrastructure and large monetary losses, but even for the malfunctions that cause individual losses of time, convenience, and contentment.

53. Table 4-2: Responsibility, Liability, and Accountability
Moral Responsibility
Legal Liability
Accountability
Attributes of blame (or praise) to individuals.
________________________Usually attributed to individuals rather than "collectivities" or groups.
___________________
Notions of guilt and shame apply, but no legal punishment or compensation need result.
Does not attribute blame or fault to those held liable. ___________________
Typically applies in the case of corporations and property owners.
Compensation can be required even when responsibility in a formal sense is not admitted.
Does not necessarily attribute blame (in a moral sense). ___________________
Can apply to individuals, groups of individuals, and corporations.
_____________________________
Someone or some group is answerable (I.e., it goes beyond mere liability).

54. The Problem of “Many Hands” in a computing Context
Computer systems are the products of engineering teams or of corporations, as opposed to the products of a single programmer working in isolation.
So "many hands" are involved in their development.
It is difficult to determine who exactly is accountable whenever one of these safety-critical systems results in personal injury or harm to individuals.

55. The Problem of “Many Hands” (continued)
Two problems for assigning accountability (e.g., Therac 25 Case):
(a) we tend to think of responsibility as something that applies to individuals but not to groups (or collectivities);
(b) we tend to think of responsibility in exclusionary terms: If X is responsible, then Y is not, and vice versa.

56. Assessing Risk
Gotterbarn (2001) argues that "ethical risks" associated with the entire "software development life cycle" must also be taken into consideration.
The life cycle of software includes the maintenance phase, as well as the design and development stages.

57. Risk Assessment (continued)
Gotterbarn worries that the concept of risk has typically been understood in terms of three conditions, where software is either:
(i) behind schedule;
(ii) over budget;
(iii) fails to meet a system's specified requirements.
Software can satisfy all three conditions and still fail to meet an acceptable standard of risk assessment (e.g. Aegis Radar System).

58. Risk Assessment (continued)
Gotterbarn believes that failures like the Aegis System are due to:
(1) an overly narrow conception of risk;
(2) a limited notion of "system stakeholders."

59. Risk Assessment (continued)
Gotterbarn argues that a model of risk assessment based solely on cost effectiveness, i.e., in terms of criteria such as budget and schedule, is not adequate.
Instead, the notion of risk analysis must be enlarged to include social, political, and ethical issues.

60. Risk Assessment (continued)
Gotterbarn also notes that the stakeholders who are typically given consideration in risk assessment models for software development are limited to: (a) the software developers and (b) the customers.
This limited notion of "system stakeholders" leads to developing systems that have unanticipated negative effects (Aegis case).
We need a more robust model of risk assessment for software development.