Bo Dahlbom Department of Information Lars Mathiassen Institute for Science University of Göteborg 412 96 Electronic Systems University of Göteborg Sweden firstname.lastname@example.org Aalborg Fredrik Bajers Vej 7, 9220 Aalborg Ø Denmark email@example.com
Our American colleagues, we think, have good reasons for envying us this widespread and deep, professional self-understanding. But unlike the Americans, we have not really been concerned with codifying our self-understanding, turning it into a set of rules to guide the conduct of our profession and educate its members. Already in 1972, ACM adopted a Code of Ethics and Professional Conduct. Twenty years later, in May 1992, they published a proposal for a revised and extended version. In October of that year, this proposal--with only minor modifications--was adopted by ACM's executive council as ACM's new official code. We invite you to examine these codes carefully and reflect upon the role of codes of ethics in professionalizing our field.
A number of books on ethics for computer professionals have recently been published, indicating a growing awareness for and interest in this issue. In the references, we have listed the key literature. Bergin (1991) contains a useful review and comparison of a number of these books: Johnson (1985), Johnson & Snapper (1985), Erman, Williams & Gutierrez (1990), Deloie, Fowler & Paradice (1991), Parker, Swope & Baker (1990) and Forester & Morrison (1990).
In the United States, ACM has had its official code of professional conduct since 1972; IEEE has adopted a code of ethics; and the Data Processing Management Association also has a code of ethics. The British Computer society agreed upon codes of practice and conduct in 1983, while the Australian Computer Society adopted a code of ethics in 1987. More specific information about these different codes can be found in Johnson & Snapper (1985) and Martin & Martin (1990).
There is an ongoing discussion about ethics and professional conduct within IFIP. A special task group is trying to develop a set of guidelines which should be observed by any member society when developing their respective code of ethics. The task group has announced the publication of a reader on the topic, including major national and international codes of ethics relevant to information technology. A draft IFIP Code of Ethics has been developed by Hal Sackman (1990) and this proposal have created a lot of debate between individuals and member societies.
In Scandinavia, ethics (especially when compared to politics) has played a minor role in our professional discussions. There are, however, a few examples of codes of ethics formulated by specific organizations. The next page shows such a code agreed upon in 1991 by three Swedish trade unions organizing computing personnel ("Etik för datafolk" by SIF, SBmf and FTF; our translation). On a more general level, codes of ethics have not played any significant role in the education of computer professionals in Scandinavia, and the national computing societies have not adopted codes of professional conduct.
Swedish Ethical Rules for Computer Professionals
1. Computer professionals only perform tasks that acknowledge legitimate integrity claims and are in accordance with common understanding of law.
2. Computer professionals only participate in development tasks, the objectives and context of which have been made explicit.
3. Computer professionals only take part in projects with the time and resources assigned that make it possible to do a good job.
4. Computer professionals only develop systems in close collaboration with the user.
5. Computer professionals show respect for, and contribute to the development of, the professional competence of the users .
6. Computer professionals develop systems that use technology in such a way as to satisfy the interests of the users.
7. Computer professionals develop systems that bring about good work environments.
8. Computer professionals refrain from tasks aiming at control in ways that can be of harm to individuals.
9. Computer professionals keep themselves informed about laws and agreements related to their work and they participate actively in disseminating knowledge about computing activities violating such laws and agreements.
10. Computer professionals only access data required to perform their job.
11. Computer professionals feel responsible for ensuring that computer technology is not used in ways that harm people, the environment, or society.
The New ACM Code of Ethics and Professional Conduct
1. General Moral Imperatives
As an ACM member I will ...
1.1 Contribute to society and human well-being. (5)
1.2 Avoid harm to others. (5)
1.3 Be honest and trustworthy. (1)
1.4 Be fair and take action not to discriminate.
1.5 Honor property rights including copy rights and patents.
1.6 Give proper credit for intellectual property. (4)
1.7 Respect the privacy of others. (5)
1.8 Honor confidentiality. (1)
2. More Specific Professional Responsibilities
As an ACM Computing Professional I will ...
2.1 Strive to achieve the highest quality, effectiveness and dignity in both the process and products of professional work. (4)
2.2 Acquire and maintain professional competence. (2)
2.3 Know and respect existing laws pertaining to professional work.
2.4 Accept and provide appropriate professional review.
2.5 Give comprehensive and thorough evaluations of computer systems and their impacts, including analysis of possible risks.
2.6 Honor contracts, agreements, and assigned responsibilities. (3)
2.7 Improve public understanding of computing and its consequences.
2.8 Access computing and communication resources only when authorized to do so.
3. Organizational Leadership Imperatives
As an ACM member and an organizational leader, I will ...
3.1 Articulate social responsibilities of members of an organizational unit and encourage full acceptance of those responsibilities.
3.2 Manage personnel and resources to design and build information systems that enhance the quality of working life.
3.3 Acknowledge and support proper and authorized uses of an organization's computing and communication resources.
3.4 Ensure that users and those who will be affected by a system have their needs clearly articulated during the assessment and design of requirements. Later the system must be validated to meet requirements.
3.5 Articulate and support policies that protect the dignity of users and others affected by a computing system.
3.6 Create opportunities for members of the organization to learn the principles and limitations of computer systems.
4. Compliance with the Code
As an ACM member I will ...
4.1 Uphold and promote the principles of this code. (4)
4.2 Treat violations of this code as inconsistent with membership in the ACM. (4)
According to Anderson et al. (1993) the 1972 ACM code was established together with a review board as instruments to deter ACM members from unethical behavior. The aim was to introduce means to regulate membership and thereby convince the public that the profession deserved to be self-regulating. The code emphasized possible violations and threatened sanctions for such violations. More specifically, the code of 1972 is given in the form of five canons (e.g. canon 1: An ACM member shall act at all times with integrity), each followed by a number of ethical considerations (e.g. EC1.3: An ACM member shall act faithfully on behalf of his employers or clients) and a number of disciplinary rules (e.g. DR1.3.3: An ACM member shall not use any confidential information from any employer or client, past or present, without prior permission).
Like many other organizations, ACM has had difficulties implementing an effective ethical review system. And the new ACM code is an expression of the principle that self-regulation in a mature professional organization depends mostly on the consensus and commitment of its members to ethical behavior (Anderson et al. 1993). This shift in paradigm makes it rather difficult to compare the two versions of the code. But we can make the following rough observations:
* Most of the general moral imperatives of the new code were part of the 1972 code as well. Exceptions are rules 1.4 and 1.5.
* There is an increased emphasis on specific professional responsibilities in the new code. Specifically, rules 2.3, 2.4, 2.5, 2.7, and 2.8 state new ethical rules.
* The organizational leadership imperatives of the new code adds a whole new dimension missing in the 1972 code.
* The rules of compliance with the code are covered in a much more elaborate form in the 1972 code.
In addition to the codes, ACM has published two self-assessment procedures related to ethics and professional conduct, see Weiss (1982) and Weiss (1990). Both these procedures are based on the 1972 code. They offer a number of scenarios to be considered and evaluated by the reader. They also include a number of proposed opinions on the scenarios. These procedures are effective means to challenge one's own professional perceptions and attitudes, and they can easily be included in the education of computer professionals.
Historically, professional associations have viewed codes of ethics as mechanisms to establish their status as a profession or as a means to regulate their membership and thereby convince the public that they deserve to be self-regulating. (p. 98)
Our understanding of the strategies used by doctors, lawyers, engineers, nurses, librarians, and so on, in trying to establish themselves as professions can help us see the role played by the ACM codes of ethics. Viewed in this light, we will ask how the codes manage to demarcate computer professionals from the rest of society, including clients and employers. The ACM 1972 code pays a great deal of attention to regulating the internal relations between computer professionals, and in this respect resembles the internal statutes of a social club or association. To the extent that the code comments on relations to people outside the club they seem to promote the independence of the profession. Rather than reaching out towards society, encouraging discussion and debate, the code attempts to close the border, saying something like "we are the experts and we will take care of computerizing society without any advice from you, so don't worry."
Viewed in this way, as a professionalization strategy, a code of ethics seems to be technocratic by definition, and thus abhorrent to major trends in the Scandinavian information systems community. In the US, some would argue that computer professionals fail to make a profession in the traditional sense because they work as employees in teams rather than in their own right, i.e. because they are not independent in the same way as doctors and lawyers (Johnson 1985). In Scandinavia, we have argued for dependence, we have argued that computer professionals need to collaborate with users and clients to develop quality systems. From a traditional professionalization point of view, there is a surprising paradox at the heart of the Scandinavian approach: Trying to define a professional ideal based on giving up your authority to the user, thus losing your independence as a professional.
This paradox will be resolved, we think, by questioning traditional ways of thinking about professions and professionalization. Reducing the question of professionalization to formal criteria like independence, self-regulation and status, one misses the chance to examine codes of ethics as expressions of ideas about the nature and content of the profession, its goals and means, its long term ideals and strategies. In Computers in Context (chap. 9) we distinguish three different ideas about the computer profession, called engineering, facilitation, and emancipation, the last two being our attempt to formulate Scandinavian alternatives to mainstream software engineering.
Engineers want to increase the efficiency of computing and computer use. Facilitators strive to increase the understanding of how technology could be made to serve people rather than the other way around. Emancipators worry about injustice, blaming most everything on an unequal distribution of power, often supported by the use of advanced technology. None of these positions need to be less moral than the others, less socially concerned. The difference between them lies rather in what they consider to be the most important factor to attend to if we want to improve the world: wealth, understanding, or equality. We see no difficulties in developing a profession on the basis of each of these, but the nature of these professions will be very different and so will, of course, their positions in ethics.
The Scandinavian countries differ from the US and the rest of Europe in the way we favor means-ends thinking and consequentialist ethics at the expense of rights and ethical duties. To means-ends thinking, the very idea of making lists of duties and rights makes little sense, since such duties and rights must be derived from the ends defined by a society and the means available to reach those ends, and both ends and means will change as the society develops.
Means-ends thinking and rights-duties thinking both emphasize moral action and show little interest in motives and moral character. There are, of course, many examples of ethical positions that do the opposite. As observed by Anderson et al. (1993:98), the new ACM code differs from the old one in emphasizing "socialization and education rather than enforced compliance," thus being less action oriented and more interested in moral character. Moreover, it is evident that the new ACM code represents a shift from rights-duties thinking in favor of means-end thinking as compared to the 1972 code.
Aristotle distinguished between politics and ethics as both concerned with the question of attaining the good life, but one attending to the organization of society and the other to the actions and character of individuals. Aristotle stressed the interdependence of the two, but modern philosophy, in consonance with an increasing individualization of Europeans, has tended to keep the two separated from one another. A recent revitalization of the philosophical discussion was achieved by John Rawls' (1971) attempt to shift the subject matter of ethics from the individual to the institutions of a modern welfare state, thus including in ethics what Aristotle would have called politics. The good life in a modern society, Rawls argued, is more dependent on the institutions of that society than on the actions of its individuals. The new ACM code is fundamentally concerned with the behavior of individual members, even if the code in some respects reflects this change, especially in the new third section.
These questions all concern the level of concrete detail that one is willing to admit, and it is possible to attain, in a code like this. Too much concrete detail will soon make the code seem old-fashioned and in need of revision. The more specific the code is, the more difficult it will be for a large, democratic association such as the ACM to agree. But making the code general enough to last and to be generally accepted, will mean losing its professional identity, making it more like any old general ethical code.
Of course, the fact that concrete details have such difficulty getting accepted into a professional code like this, makes it all the more interesting to examine the ones that do. They, surely, must express widely shared and deeply felt ideas and values. Thus, it is quite remarkable, for instance, that the new ACM code contains a rather clear formulation of an idea of quality in computing going well beyond technical functionality, efficiency, competitiveness, and the like, in the direction of both usability and what we have called ethical and political dimensions of quality (Dahlbom & Mathiassen 1993, chap. 8).
Computer professionals are people and a code of ethics will speak to them both as professionals and as people. Before they became members of the profession they had acquired ethical intuitions and conflicts will arise if the professional code in some way contradicts these ethical intuitions. In formulating the code one will, therefore, take pains to express and be consistent with the more general ethical intuitions of the membership. To the extent that ethical intuitions vary between nations, the professional codes will vary in their general moral imperatives, if not in their more specific professional commitments. (Thus, when asking for comments on the new proposal, the ACM specifically welcomed "suggestions to express the code in less USA-centric terms...since the issues are equally important for all ACM members," ACM 1992, p. 94).
Codes of ethics and professional conduct express ideas about the ambitions, ideals and strategies of the profession. To the extent that the members of the profession perceive themselves to play an important role in society, those ambitions and ideals will be more emphasized. If computer professionals think of their technology as a powerful force in changing society, organizations, work, people's lives, they will tend to build that vision into their code of ethics, thus making themselves responsible for the changes brought by computer technology. (Compare rule 11 of the Swedish code quoted above.)
But should that responsibility not fall equally on all people rather than on computer professionals in particular? Would it not be undemocratic to give to a profession such a role in changing society and people's lives? Aren't computer professionals as engineers responsible for the technical quality of their technology rather than for the social changes brought by that technology? Depending on your views on this issue, the code of ethics and professional conduct will be very different. In one case the code will deal seriously with the social and cultural power of information technology, while in the other the code will say next to nothing on this issue.
As computer professionals, we can take the position that we are responsible for developing good systems that satisfy the needs of their users. Or we can take the position that the use of computers is the responsibility of the users themselves, and that, as computer professionals, we should support them in developing their competence so that they can make their own choices. But this is an academic way of putting the issue, relying as it does on an unanalyzed use of the notion of user. Before we can decide whether we or the users should be responsible, or rather, how we should divide responsibility between us, we must identify the user. As long as we ask only who is responsible, the user or I, we presuppose that there is fundamental consensus among the users of the system, not to say among all the people affected by the use of the system. When we realize that this is not the case, we also see that another question is more pressing: In whose interests should I develop computer systems?
There is often something paradoxical about how this issue of responsibility is handled. Engineers tend to be technological determinists. Not giving too much thought to the conditions of use, they develop their artifacts as if their use were determined by their functional properties. Unwittingly they accept a formidable responsibility for the social consequences of their technology while at the same time refusing to consider those consequences. What we have called "facilitators" see more clearly the complexity of the interplay between society and technology, but in doing so they distribute the responsibility more widely, really making it possible for themselves to stick to their role as experts. (Compare our discussion of these questions of responsibility in Computers in Context, chap. 9).
(1) What is the role of codes of ethics and professional conduct in professionalizing our field and how do they relate to other strategies for professionalization?
(2) To what extent and how should we develop the independent professional status of our profession? To what extent and how should we develop relations and dependencies to other professions, people in general, and society at large?
(3) What are the ethical roles of individuals and institutions or, to phrase it differently, what is the relation between politics and ethics in computing?
(4) Should we restrict our professional ethical concerns to general issues, or should we strive to be specific and provide guidelines to support practical use of ethical rules?
Anderson, R. E. et al. (1993) Using the New ACM Code of Ethics in Decision Making, CACM, Vol. 36, No. 2.
Bergin, T. J. (1991) Teaching Ethics, Teaching Ethically, Computers & Society, Vol. 21, Nos. 2, 3 and 4.
Cameron, J. et al. (1992) Ethics, Vulnerability and Information Technology, in R. Alken (ed.) Education and Society, North-Holland, Amsterdam.
Dahlbom, B. & Mathiassen, L. (1993) Computers in Context. The Philosophy and Practice of Systems Design, Blackwell, Cambridge, MA.
Dejoie, R., Fowler, G. & Paradice, D. (1991) Ethical Issues in Information Systems: A Book of Readings, Southwestern Publishing, Cincinnati, OH.
Erman, M. D., Williams, M. B. & Gutierrez, C. (eds) (1990) Computer Ethics & Society, Oxford University Press, New York.
Forester, T. & Morrison, P. (1990) Computer Ethics. Cautionary Tales and Ethical Dilemmas in Computing, MIT Press, Cambridge, MA.
Holvast, J. (1992), Codes of Ethics: Discussion Paper, in J. Berleur & J. Holvast, Letter of the Editors to the IFIP Community, IFIP, 1992.
Johnson, D. G. (1985) Computer Ethics, Prentice-Hall, Englewood Cliffs, NJ.
Johnson, D. G. & Snapper, J. W. (eds) (1985) Ethical Issues in the Use of Computers, Wadsworth, Belmont, CA.
Martin, C. D. & Martin, D. H. (1990) Professional Codes of Conduct and Computer Ethics Education, Computers & Society, Vol. 20, No. 2.
Parker, D. B., Swope, S. & Baker, B. N. (1990) Ethical conflicts in Information and Computer Science, Technology and Business, Q.E.D. Information Sciences, Wellesley, MA.
Rawls, J. (1971) A Theory of Justice, Harvard University Press, Cambridge, MA.
Sackman, H. (1991) Toward an IFIP Code of Ethics Based on Participative International Consensus, in R. Clarke & J. Cameron (eds), Managing IT's Organizational Impact, North-Holland, Amsterdam.
Sackman, H. (1990) Draft IFIP Code of Ethics (1990), in J. Berleur & J. Holvast, Letter of the Editors to the IFIP Community, IFIP, 1992.
Weiss, E. A. (1982) Self-Assessment Procedure IX, CACM, Vol. 25, No. 3.
Weiss, E. A. (1990) Self-Assessment Procedure XXII, CACM, Vol. 33, No. 11.