The Software Engineering Code of Ethics and Professional Practice was published twenty-five years ago in 1997. Just imagine a timeline where Meta or Twitter adopted and used this document. (It is never too late!) Here are of my favorites.
Software engineers shall act consistently with the public interest. In particular, software engineers shall, as appropriate:
1.01. Accept full responsibility for their own work.
1.03. Approve software only if they have a well-founded belief that it is safe, meets specifications, passes appropriate tests, and does not diminish quality of life, diminish privacy or harm the environment. The ultimate effect of the work should be to the public good.
1.06. Be fair and avoid deception in all statements, particularly public ones, concerning software or related documents, methods and tools.
1.07. Consider issues of physical disabilities, allocation of resources, economic disadvantage and other factors that can diminish access to the benefits of software.
4.01. Temper all technical judgments by the need to support and maintain human values.
This is an incredibly well-crafted code that stands the test of time. It doesn’t speak to specific technologies or implementations. It is evergreen. I concede there are complications with leaning too hard on terms such as “public interest,” specifically when you are contracted by private companies. I’ve been tasked with ethically murky operations in my software career. I know if I had a recognized document like this (and/or a community of practitioners to help keep me honest) I would have had something other than my conscious to push back with. I’ve won a few times, but… As is, business and software on the web is still the wild west.
The majority of my work is under the domain of Web 2.0, aka the thing you probably think of as the internet today. Shockingly few laws or regulations have ever been material to this work. The list is short:
- GDPR: General Data Protection Regulation
- CCPA: California Consumer Privacy Act
- PCI DSS: Payment Card Industry Data Security Standard
- HIPAA: Health Insurance Portability and Accountability Act
What if as part of backlog refinement, user stories had to pass an ethics check?