ACM Code of Ethics
1. General Moral Imperatives.
As an ACM member I will . . .
1.1 Contribute to society and human well-being
This principle concerning
the quality of life of all people affirms an obligation to protect fundamental
human rights and to respect the diversity of all cultures. An essential aim of
computing professionals is to minimize negative consequences of computing
systems, including threats to health and safety. When designing or implementing
systems, computing professionals must attempt to ensure that the products of
their efforts wil be used in socially responsible ways, wll meet social needs,
and will avoid harmful effects to health and welfare.
In addition to a safe social environment, human well-being includes a safe
natural environment. Therefore, computing professionals who design and develop
systems must be alert to, and make others aware of, any potential damage to the
local or global environment.
1.2 Avoid harm to others
"Harm" means injury or negative consequences,
such as undesirable loss of information, loss of property, property damage, or
unwanted environmental impacts. This principle prohibits use of computing
technology in ways that result in harm to any of the following: users, the
general public, employees, employers. Harmful actions include intentional
destruction or modification of files and programs leading to serious loss of
resources or unnecessary expenditure of human resources such as the time and
effort required to purge systems of computer viruses.
Well-intended actions, including those that accomplish assigned duties, may
lead to harm unexpectedly. in such an event the responsible person or persons
are obligated to undo or mitigate the negative consequencesas much as possible.
One way to avoid unintentional harm is to carefully consider potential impacts
on all those affected by decisions made during design and iimplementation.
To minimizethe possibility of indirectly harming others, computing
professionals must minimize malfunctions by following generally accepted
standards for system design and testing. Furthermore, it is often necessary to
assess the social consequences of systems to project the likelihood of any
serious harm to others. If system features are misrepresented to users,
coworkers, or supervisors, the individual computing professional is responsible
for any resulting injury.
In the work environment the computing professional has the additional
obligation to report any signs of system dangers that might result in serious
personal or social damage. If one's superiors do not act to curtail or mitigate
such dangers, it may be necessary to "blow the whistle" to help correct the
problem or reduce the risk. However, capricious or misguided reporting of
violations can, itself, be harmful. Before reporting violations, all relevant
aspects of the incident must be thoroughly assessed. in particular, the
assessment of risk and responsibility must be credible. it is suggested that
advice be sought from other computing professionals. (See principle 2.5
regarding thorough evaluations.)
1.3 Be honest and trustworthy
Honesty is an essential component of
trust. Without trust an organization cannot function effectively. The honest
computing professional will not make deliberately false or deceptive claims
about a system or system design, but will instead provide full disclosure of all
pertinent system limitations and problems.
A computer professional has a duty to be honest about his or her own
qualifications, and about any circumstances and might lead to conflicts of
interest.
Membership in volunteer organizations such as ACM may at times place
individuals in situations where their statements or actions could be interpreted
as carrying the "weight" of a larger group of professionals. An ACM member will
exercise care to not misrepresent ACM or positions and policies of ACM or any
ACM units.
1.4 Be fair and take action not to discriminate
The values of equality,
tolerance, respect for others, and the principles of equal justice govern this
imperative. Discrimination on the basis of race, sex, religion, age, disability,
national origin, or other such factors is an explicit violation of ACM policy
and will not be tolerated.
Inequities between different groups of people may result from the use misuse
of information and technology. in a fair society all individuals would have
equal opportunity to participate in, or benefit from, the use of computer
resources regardless of race, sex, religion, age, disability, national origin or
other such similar factors. However, these ideals do not justify unauthorized
use of computer resources nor do they provide an adequate basis for violation of
any other ethical imperatives of this code.
1.5 Honor property rights including copyrights and patents
Violation of
copyrights, patents, trade secrets and the terms of license agreements is
prohibited by law in most circumstances. Even when software is not so protected,
such violations are contrary to professional behavior. Copies of software should
be made only with proper authorization. Unauthorized duplication of materials
must not be condoned.
1.6 Give proper credit for intellectual property
Computing professionals
are obligated to protect the integrity of intellectual property. Specifically,
one must not take credit for other's ideas or work, even in cases where the work
has not been explicitly protected, for example by copyright or patent.
1.7 Respet the privacy of others
Computing and communication technology
enables the collection and exchange of personal information on a scale
unprecedented in the history of civilization. Thus there is increased potential
for violating the privacy of individuals and groups. It is the responsibility of
professionals to maintain the privacy and integrity of data describing
individuals. This includes taking precautions to ensure the accuracy of data, as
well as protecting it from unauthorized access or accidental disclosure to
inappropriate individuals. Furthermore, procedures must be established to allow
individuals to review their records and correct inaccuracies.
This imperative implies that only the necessary amount of personal
information be collected in a system, that retention and disposal periods for
that information be clearly defined and enforced, and that personal information
gathered for a specific purpose not be used for other purposes without consent
of the individual(s). These principles apply to electronic communications,
including electronic mail, and prohibit procedures that capture or monitor
electronic user data, including messages, without the permission of users or
bona fide authorization related to system operation and maintenance. User data
observed during the normal duties of system operation and maintenance must be
treated with strictest confidentiality except in cases where it is evidence for
the violation of law, organizational regulations, or this code. in these cases,
the nature or contents of that information must be disclosed only to proper
authorities (See 1.9)
1.8 Honor Confidentiality
The principle of honesty extends to issues of
confidentiality of information whenever one has made an explicit promise to
honor confidentiality or, implicitly, when private information not directly
related to the performance of one's duties becomes available. The ethical
concern is to respect all obligations of confidentiality to employers, clients,
and users unless discharged from such obligations by requirements of the law or
other principles of this Code.
2. More Specific Professional Responsibilities.
As an ACM computing
professional I will . . .
2.1 Strive to achieve the highest quality, effectiveness and dignity in both
the process and products of professional work
Excellence is perhaps the most
important obligation of a professional. The computing professional must strive
to achieve quality and to be cognizant of the serious negative consequences that
may result from poor quality in a system.
2.2 Acquire and maintain professional competence
Excellence depends on
individuals who take responsibility for aquiring and maintaining professional
competence. A professional must participate in setting standards for appropriate
levels of competence, and strive to achieve those standards. upgrading technical
knowledge and competence can be achieved in several ways: doing independent
study; attending seminars, conferences, or courses; and being involved in
professional organizations.
2.3 know and respect existing laws pertaining to professional work
ACM
members must obey existing local, state, province, national, and international
laws unless there is a compeling ethical basis not to do so. Policies and
procedures of the organization in which one participates must also be obeyed.
But compliance must be balanced with the recognition that sometimes existing
laws and rules may be immoral or inappropriate and, therefore, must be
challenged.
violation of a law or regulation may be ethical when that law or rule has
inadequate moral basis or when it conflicts with another law judged to be more
important. If one decides to violate law or rule because it is viewed as
unethical, or for any other reason, one must fully accept responsibility for
one's actions and for the consequences.
2.4 Accept and provide appropriate professional review
Quality
professional work, especially in the computing preofession, depends on
professional reviewing and critiquing. Whenever appropriate, individual members
should seek and utilize peer review as well as provide critical review of the
work of others.
2.5 Give comprehensive and thorough evaluations of computer systems and
their impacts, including analysis of possible risks
Computer professionals
must strive to be perceptive, thorough, and objective when evaluating,
recommending, and presenting system descriptions and alternatives. Computer
professionals are in a position of special trust and therefore have a special
responsibility to provide object, credible evaluations to emplyers, clients,
users, and the public. When providing evaluations the professional must also
identify any relevant conflicts of interest, as stated in imperative 1.3.
As noted in the discussion of principle 1.2 on avoiding harm, any signs of
danger from systems must be reported to those who have opportunity and/or
responsibility to resolve them. See the guidelines for imperative 1.2 for more
detais concerning harm, including the reporting of professional violations.
2.6 Honor contracts, agreements, and assinged responsibilities
Honoring
one's commitments is a matter of integrity and honesty. For the computer
professional this includes ensuring that system elements perform as intended.
Also, when one contracts for work with another party, one has an obligation to
keep that party properly informed about progress toward completing that work.
A computing professional has a responsibility to request a change in any
assignment that he or she feels cannot be completed as defined. Only after
serious consideration and with full disclosure of risks and concerns to the
employer or client, should one accept the assignment. The major underlying
principle here is the obligation to accpet personal accountability for
professional work. On some occasions other ethical principles may tak the
greater priority.
A judgment that a specific assignment should not be performed may not be
accpeted. Having clearly identified one's concerns and reasons for that
judgment, but failing to procure a change in that assignment, one may yet be
obligated, by contract or by law, to proceed as directed. The computing
professional's ethical judgment should be the final guide in deciding whether or
not to proceed. Regardless of the decision, one must accept the responsibility
for the ocnsequences. However, performing assignments "against one's own
judgment" does not relieve the professional of responsiblity for any negative
consequences.
2.7 Improve public understanding of computing and its
consequences
Computing professionals have a responsiblity to share technical
knowledge with the public by encouraging understanding of computing, includng
the impacts of computer systems and their limitations. This imperative implies
an obligation to counter any false views related to computing.
2.8 Access computing and communication resources only when authorized to do
so
Theft or destruction of tangible and electronic property is prohibited by
imperative 1.2 -- "Avoid harm to others." Trespassing includes accessing
communication networks and computer systems or communication system is addressed
by this imperative. Trespassing includes accessing communication networks and
computer systems, or accounts and/or files associated with those systems,
without explicit authorization to do so. Individuals and organizations have the
right to restrict access to their systems so long as they do not violate the
discrimination principle (see 1.4).
No one should enter or use another's computing system, software, or data
files without permission. One must always have appropriate approval before using
system resources, including .rm57 communication prots, file space, other system
peripherals, and computer time.
3. Organizational Leadership Imperatives.
As an ACM member and an
organizational leader, I will . . .
3.1 Articulate social responsibilities of members of an organizational unit
and encourage full acceptance of those responsibilities
Because
organizations of all kinds have impacts on the public, they must accept
responsibilities to society. Organizational procedures and attitudes oriented
toward quality and the wellfare of society will reduce harm to members of the
public, thereby serving public interest and fulfilling social responsibility.
Therefore, organizational leaders must encourage full participation in meeting
social responsibilities as well as quality performance.
3.2 Manage personnel and resources to design and build information systems
that enhance the quality of working life
Organizational leaders are
responsible for ensuring that computer systems enhance, not degrade, the quality
of working life. When implementing a computer system organizations must consider
the personal and professional development, physical safety, and human dignity of
all workers. Appropriate human-computer ergonomic standards should be considered
in system design and in the workplace.
3.3 Acknowledge and support proper and authorized uses of an organization's
computing and communications resources
Because computer systems can become
tools to harm as well to benefit an organization, the leadership has the
responsibility to clearly define appropriate and inappropriate uses of
organizational computing resources. While the number and scope of such rules
should be minimal, they should be fully enforced when established.
3.4 Ensure that users and those who will be affected by a system have their
needs clearly articulated during the assessment and design of requirements.
later the system must be validated to meet requirements
Current system
users, potential users and other persons whose lives may be affected by a system
must have their needs assessed and incorporated in the statement of
requirements. System validation should ensure compliance with those
requirements.
3.5 Articulate and support policies that protect the dignity of users and
others affected by a computing system
Designing or implementing systems that
deliberately or inadvertently demean individuals or groups is ethically
unacceptable. Computer professionals who are in decision-making positions should
verify that systems are designed and implemented to protect personal privacy and
enhance personal dignity.
3.6 Create opportunities for members of the organization to learn the
principles and limitations of computer systems
This complements the
imperative on public understanding (2.7). Educational opportunities are
essential to facilitate optimal poarticipation of all organizational members.
opportunities must be available to all members to help them improve their
knowledge and skills in computing, includng courses that familiarize them with
the consequences and limitataions of particular types of systems. In particular,
professionals must be made aware of the dangers of building systems around
oversimplified models, the improbability of anticipating and designing for every
possible operating condition, and other issues related to the complexity of this
profession.
4. compliance with the Code
As an ACM member i will . . .
4.1 Uphold and promote the principles of this Code
The future of the
computing profession depends on both technical and ethical excellence. Not only
is it important for ACM computin g professionals to adhere to the principles
expressed in this Code, each member should encourage and support adherence by
other members.
4.2 Treat violations of this code as inconsistent with membership in teh
ACM
Adherence of professionals to a code of ethics is largely a voluntary
matter. However, if a member does not follow this code by engagin in gross
misconduct, membership in ACM may be terminated.
From:
Anderson, R.E., Johnson, D.G., Gotterbam, D., Perrolle, J. 1993.
"Using the New ACM code of Ethics in Decisin Making." Communications of the ACM
36(2):98-107