Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Programming

The Ethical Dilemmas Today's Programmers Face 183

snydeq (1272828) writes "As software takes over more of our lives, the ethical ramifications of decisions made by programmers only become greater. Unfortunately, the tech world has always been long on power and short on thinking about the long-reaching effects of this power. More troubling: While ethics courses have become a staple of physical-world engineering degrees, they remain a begrudging anomaly in computer science pedagogy. Now that our code is in refrigerators, thermostats, smoke alarms, and more, the wrong moves, a lack of foresight, or downright dubious decision-making can haunt humanity everywhere it goes. Peter Wayner offers a look at just a few of the ethical quandaries confronting developers every day. 'Consider this less of a guidebook for making your decisions and more of a starting point for the kind of ethical contemplation we should be doing as a daily part of our jobs.'"
This discussion has been archived. No new comments can be posted.

The Ethical Dilemmas Today's Programmers Face

Comments Filter:
  • by Hentai ( 165906 ) on Monday April 21, 2014 @05:18PM (#46810181) Homepage Journal

    And every employer I've developed code for has told me the same thing: shut up and get back to work.

    Ultimately, in order to address the ethical considerations of programming, we would need a work culture that supports it. Otherwise it simply becomes another "know which side your bread is buttered on" lesson.

    • by Tablizer ( 95088 ) on Monday April 21, 2014 @05:34PM (#46810313) Journal

      I've been in a situation where I pretty much had to lie or lose my job. This was just after the dot-com crash in California and new gigs were hard to find and I had a family to support. If I were single, I'd tell them to shove it and find a gig in the north east, which still had "legacy" openings at the time. But that wasn't a real option.

      I had knots in my stomach over that conundrum; it's not pleasant. I could relate a little bit with the dude in Les Miserables who had to choose between theft or starvation.

      Even now I have to often live with foolish choices by PHB's simply because they are the boss. It may not be "unethical", but often it's bone-headed unprofessionalism. I try to CYA as much as possible, but sometimes you just have to shut up and play the game if you want the rewards of the game. The work world is messy Dilbertism in most orgs.

      • by musth ( 901919 ) on Monday April 21, 2014 @05:59PM (#46810529)

        ...but sometimes you just have to shut up and play the game if you want the rewards of the game.

        Basically, you chose to shut up and do unethical things, to keep getting your hands on those $$$$ greasy paychecks. So quit rationalizing.

        You had and have options.

        • by Tablizer ( 95088 ) on Monday April 21, 2014 @06:07PM (#46810627) Journal

          Those options don't scale. Honest people will receive less resources and have less influence and perhaps have less children, leaving the world full of slimebags and enablers of slimebags.

          It's probably why so many slimebags exist today. If you want to solve the issue on a large scale, you need to find a way to change the system(s) to not reward slimebags, not rely on futile individual volunteerism.

          • by rk ( 6314 )

            Honest people becoming dishonest doesn't scale either.

            • Honest people becoming dishonest doesn't scale either.

              I don't know, it seems to be scaling remarkably well, unfortunately.

          • by musth ( 901919 )

            That's convenient, isn't it? Because in your worldview individuals are exempt from making moral choices - they need just point out some other person or entity which has a lot of influence.

            • by gweihir ( 88907 )

              Making moral choices is not an absolute business. In the real world, you have to balance different, often contradictory things, take into account how big your influence actually is, etc. Those that require absolute morality from everybody (such as you do) are just authoritarian morons. They are likely lying to themselves on a daily basis, because nobody can sustain absolute morality. Also, quite a few of these assholes are something even worse: They do require absolute morality from _others_ but do not even

          • by gweihir ( 88907 )

            Indeed. It is actually pretty problematic putting children into this world, when you think about it. Things are grim (not that they have been any better before...).

        • by gweihir ( 88907 )

          Oh those with simple models of the world and simple minds....

          You do realize that you are part of the problem, right?

      • by amck ( 34780 )

        This is Engineering. This dilemma has been faced before by other Engineers, and its time for software engineers to step up to the mark and earn the title.

        Basically, professionalize. Join an industry body like IEEE, create and get standards like C.Eng, lobby for critical software to be signed off by Licensed Engineers. Wrestle control from the PHBs.

      • You think that's bad? I sent spam for N'SYNC.

    • by khasim ( 1285 )

      It's worse because while YOUR post actually reflects an ethical/moral issue, TFA does not.

      Here's their #1 item:

      Ethical dilemma No. 1: Log files -- what to save and how to handle them
      Programmers are like pack rats. They keep records of everything, often because it's the only way to debug a system. But log files also track everything users do, and in the wrong hands, they can expose facts users want kept secret.

      90%+ or whatever of the programmers out there are working on in-house code for in-house projects us

      • 20GB of logs? Stop logging routine, all the time, stuff.

        Tell IT about the logs. Throw the responsibility over the wall. Under no circumstances, remote log a customer. IT eventually has to support your system. Build it so they can. Logging levels etc. Every coder should do a year or two doing, at least, part time IT, just so you understand how much the job sucks and how easy it is to not fuck them over while coding. They'll complain anyhow.

        You don't want to still be supporting the POS yourself do you? I

      • by K. S. Kyosuke ( 729550 ) on Monday April 21, 2014 @06:05PM (#46810593)
        Furthermore, they completely forgot the obvious ethical dilemma of an InfoWorld web site programmer tasked with implementing multi-paged articles.
        • Furthermore, they completely forgot the obvious ethical dilemma of an InfoWorld web site programmer tasked with implementing multi-paged articles.

          Slashdotted. Problem solved.

      • Why isn't your program logging based on need instead of logging everything all the time? There should be at a minimum a switch for managing logging levels, Ideally, the log level could be changed on the fly via signals or reloading the configuration.
      • 90%+ or whatever of the programmers out there are working on in-house code for in-house projects used by in-house people. Stuff that will never ship. So it does not matter how much stuff is logged.

        It still matters, if the data being manipulated is about customers. And it almost always is.

    • by bill_mcgonigle ( 4333 ) * on Monday April 21, 2014 @06:58PM (#46810975) Homepage Journal

      Right, ethics classes won't help. I left a good career at a major medical center when I was told that we were going with the technology that would likely create medication errors because the correct software was too expensive and it would be cheaper to settle the lawsuits.

      Nobody needs an ethics class to know that that's wrong behavior, and taking an ethics class would not have changed that behavior. And it certainly wasn't the programming staff that needed ethical correction.

      • I hope you reported this to somebody after leaving the job. Besides it being the right thing to do, whistleblowers can actually get good money in some cases...

      • by AmiMoJo ( 196126 ) *

        Did you tell anyone? Like the local newspaper, perhaps anonymously? In cases where it can be shown that the defendant knew what they were doing was dangerous and likely to result in disaster the award in any lawsuit tends to be higher, which in turn makes lawsuits a less attractive alternative to doing the right thing.

    • There is an advantage to working for software companies with regulatory oversight (aviation, medical). On the other hand, this regulatory oversight is often mangled to the point of being unrecognizable as such. Though it gets rather interesting when the regulatory groups suddenly realize what is going on.
  • by m93 ( 684512 ) on Monday April 21, 2014 @05:42PM (#46810371)
    I've heard that one of the main features of getting your Professional Engineer license is that you are then legally liable for your work. Lot of people working in IT with the title "engineer", so why not hold them to higher standards? I can see the point of view from the people who want just that.
    • Lots of engineers in railroads too.

      Real engineers (PE or not) have responsibility and authority in proportion. PHBs can't deal with that, but that's a cultural problem with most cube farms.

      • by gweihir ( 88907 )

        Indeed. "No right to decide" comes with "no responsibility". It is time that coders, designers and architects of software are empowered to make technical decisions and at the same time are liable for what they decide. That will cut down on all the semi-competent (at best) amateurs plowing the field today.

    • It's always seemed weird to me that there's so little limitation on who can call themselves an engineer. Doctors have medical school and board exams, lawyers have the bar exam, heck, even cosmetologists have to be board certified.

      In my own profession - p&c actuary - I have to pass a series of 11 exams plus continuing education courses just to become fully credentialed. And when I (someday, please God) get done with that, I will be personally liable for every actuarial statement that I ever produce. I

    • everything else being equal, being liable for your work is not a good thing. unless it came with some other benefit (like a large pay increase), no thanks.

      • by gweihir ( 88907 )

        The only way that works in any engineering-like profession is if you are liable for your work. Of course that means you get to decide how to do it and it also means you get to be paid accordingly. Liability is limited by some things of course: If you followed sound engineering practices (honest mistakes are fine too), criminal liability is off the table and civil liability will be taken by your insurance and they claim the money back from you. Of course, they can raise their fee within reasonable limits. If

        • Liability for your code would also destroy open source libraries and collaberation. Why would you give something away for free if you knew someone could sue you over it?
          • by gweihir ( 88907 )

            It does not, in fact. The liability is here of course with the engineer that elected to use that FOSS software. If he/she was reasonably thorough in assuring its quality, then only liability for gross negligence applies unless more was specified contractually.

            This really is a straw-man: Today many companies that might be liable in case of software errors use FOSS software. The thing that most people do not understand is that a commercial software vendor is just as non-liable for their products as a FOSS dev

    • by gweihir ( 88907 )

      I am all for that. Then the hiring of semi-competent personnel to design and implement software would maybe decline.

  • TFA has headings such as "To bug-fix or not to bug-fix"... I get the impression someone wanted to write something about ethics and IT, and got some people in the pub to come up with some ideas.

    We'll probably see the items used under a different heading ('Professionalism ... to bug-fix or not to bug-fix') next week.
  • First I ever head of 'Ethical Dilemmas' in relation to programming. I wonder what the various commercial End User License Agreements have to say in relation to, lets say, a piece of medical equipment malfunctioning and injuring a patent.
    • Doesn't really matter, as the EULA can't effectively waive legal responsibility/requirements. A company can try to use an EULA to overtly say or infer that you don't have a particular right, but it can never absolve itself of observing that right.

  • Automation (Score:2, Interesting)

    by Anonymous Coward

    One I have personally grappled with, a script I'm writing will automate 5 peoples jobs away. Chalk it up as inevitable even I know people will lose their low skilled jobs as a direct result? I know it has to happen but that doesn't make me feel good about it. To not write it as best I can would of course be theft from my employer of course though.

    • by gweihir ( 88907 )

      That is a difficult one, indeed. Sometimes all you can do is think hard about it and find that there is no good solution or no good one within the spectrum of what you can do. Still far, far better to have tried to find a solution that just have gone with the flow. It makes you an ethical being.

      On the other hand, increased automation is a current major change in how humans are doing things and the problem (if any) is with that, not with your contribution to it. And if you look a little deeper, the problem i

  • Content protection (Score:4, Informative)

    by dentin ( 2175 ) on Monday April 21, 2014 @06:07PM (#46810621) Homepage

    I've seen many requests for objectional software in the years I've been working, but some of the worst have been in the guise of 'content protection'. One of the most heinous was DTCP for automotive use, with intent to lock everyone completely out of the sensor network and on-board electronics. My standard response for this one eventually became:

    1) I will quit before I allow myself to work on DTCP;
    2) I will not support any engineer in the company who works on DTCP projects;
    3) I will not support any project or library that a DTCP project depends on, or makes use of;
    4) I would rather see the company close due to lack of work than have it pursue projects of this sort.

    I've never been told to shut up and go back to work; granted, I had a long history with the company and was worth substantially more to them as an employee than a few paltry one-shot crypto projects.

    I recognize that most people don't feel like they have the job security to make demands of this sort; however, I do, and I fully intend to make use of my tiny bully pulpit when situations arise that demand it.

    • by LF11 ( 18760 ) on Monday April 21, 2014 @07:53PM (#46811453) Homepage
      And you have the UID to back it up, you ancient old fart.

      This is the solution in my case as well. Make yourself so valuable that your (occasional) moral judgements are valued more than the immoral or amoral corporate decision. (But don't abuse it.) Some artful negotiation may be required.
      • by dentin ( 2175 )

        Heh, thanks. Artful negotiation is very important, and not given nearly enough face time in situations like this. You have to show that you're objecting not to be a jerk, that it's not because you want to cause problems for someone else in the company; you have to show that this is just something you won't be a part of, and that there's a cost to the company in proceeding with it. It's nothing personal - that's just the way it is, and you want to make sure everyone understands that before a final decisio

        • by LF11 ( 18760 )
          This is true. Also, sometimes there can be significant monetary potential in doing the right thing, and it can come down to a simple matter of reframing.
    • Nice, that's an excellent story.
    • by Z00L00K ( 682162 )

      The alternative would be to code in backdoors in the solution.

      However most of the content protection actions are often futile, there will always be a hacker somewhere that cracks the lock one way or another.

  • It's high time for a P.Eng designation and regulations to require P.Engs for specific applications.
  • by Bob_Who ( 926234 ) on Monday April 21, 2014 @06:24PM (#46810727) Journal
    In fact, this process attempts to blame unethical behavior on "bad apples" rather than an entire profession. It does not improve the results, however. Unethical behavior permeates society on all levels regardless of the particular profession. When a profession such as banking or real estate or auto manufacturing or insurance or engineering go out of their way to "teach ethics" to the members of their profession or association then I believe it is an attempt to deny culpability in their own unethical behaviors. My belief is ethics is not taught professionally, rather, it is merely defined in terms of the limits of professional responsibility, which make it possible for sociopaths to navigate the tightrope. This way unethical people learn how to deny responsibility for a lack of professional ethics, when in fact they have a lack of ethics altogether, which can't be repaired by certifications. The fact is that the certifications will have much less impact on improving an individual's personal ethics at their current stage of personal development. The true solution is to stop rewarding unethical behavior in our society, plain and simple. People will behave according to their incentives, whether or not they actually have a social conscience or even a soul, or the professional certifications, thereof.
  • by Anonymous Coward

    quote:
    It should be noted that no ethically-trained software engineer would ever consent to write a DestroyBaghdad procedure. Basic professional ethics would instead require him to write a DestroyCity procedure, to which Baghdad could be given as a parameter.

    http://en.wikiquote.org/wiki/Nathaniel_Borenstein

  • See IEEE Code of Ethics [ieee.org] (a simple, yet succinct and to-the-point code), and ACM's Software Engineering Code of Ethics and Professional Practice [acm.org]. Even reading section 1 of the ACM code, it is abundantly clear it is not being legally enforced. In particular 1.03 & 1.06 jump out at me.

    Problem is, professional ethics codes are generally not legally binding unless you are professionally licensed in a discipline by the state, and the licensing indicates the code of ethics that must be followed. Additionally

  • I have worked on embedded machines that implemented no security. My boss said "our competitors don't worry about security why should we?" I said because someone could die. It isn't that hard to envision a scenario where someone could compromise our system and render it inoperable because our lack of security.

    Guess what, I was a junior engineer with no pull on a project that was do or die for the business. I finished and quit as soon as possible. Not everyone can do that. This isn't a software engineer's
  • A programmer is instructed to develop a software which generates a random sales tax registration number. This software will be used for random raids.
    The officer in charge gives him a small slip with few numbers, and verbally instructs that these numbers should never be generated.
    So how do you deal with corruption like this
    1. Option 1 - Blow the whistle - No proof. They may come after your family
    2. Option 2 - Comply
    3. Option 3 - Make software so that first 3 months the numbers never come, but after 3 months

    • by Rande ( 255599 )

      Or those numbers were for deep cover operations that shouldn't be disrupted by being raided randomly by other govt agencies.
      Thanks evil ethical developer, you just risked federal agents lives.

      • by dkf ( 304284 )

        Was the mechanism to prevent a number from coming up part of the official requirements, with a list of blocked numbers that is subject to audit and a trail including which officer gave the order to put a particular block in? If so, "deep cover" is plausible. If it's just something on the quiet though, it smells far worse.

  • they remain a begrudging anomaly in computer science pedagogy

    Here we go yet again. We have an OP that can't seem to grasp what computer science is and what it isn't, yet it doesn't stop them from waving the term around like a flag. And we have post after post after post of obviously extremely intelligent and likely capable programmers that, perhaps even once studied computer science, and still insist on ignorantly equating "programming" or software development with "computer science."

    What the Hell is wrong with you people? And don't think my animosity towards you r

  • Although the article seems to have mixed up morals and ethics (internal vs external code), ultimately it should be the company's management that determines the answers to these questions, not the individual programmer. One way or another, the questions and others like them need to be answered. If management abdicates that responsibility, the lawyers will end up making the decisions. So the real questions is "Who do you want to decide these issues, the company or the courts?"

  • All this talk about colleges _teaching_ ethics and no comments on how abusive and profitable the NCAA is?
    Having those kinds of colleges teach ethics seems about as useful as Dick Cheney or Bernie Madoff teaching ethics

Repel them. Repel them. Induce them to relinquish the spheroid. - Indiana University fans' chant for their perennially bad football team

Working...