Recently, I had a class project in which I had to track down a code of ethics for my career field, computer science. In the course of this research, something astonished me. First, that it was pretty much impossible to find a local company that had a code of ethics for their staff programmers and second that the widely recognized international standard of code of ethics for computer scientists was tremendously weak.
The first point, is hopefully something that was more based on the size of the companies that I was talking with. These were small one or two person shops, a code of ethics was decided to be more of a waste of time than would be worth deploying. However the second is more alarming to me, for reasons that I will discuss here.
So what exactly are the international standard that I am looking, the ACM code of ethics. ACM is an organization that is devoted to “advance computing as a science and a profession.” The organization is basically the professional society for computer scientists. So a pretty good organization that would presumably have a strong code of ethics to maintain the integrity of the the profession.
4.2 Treat violations of this code as inconsistent with membership in the ACM.
Adherence of professionals to a code of ethics is largely a voluntary matter. However, if a member does not follow this code by engaging in gross misconduct, membership in ACM may be terminated.
This is the last section of the ACM’s code of ethics dealing with Compliance with the Code and the Code here falls way short. The problem with this code of ethics is that there is no way to really punish someone who has actually violated the Code. Unlike many other professional degrees, there is no disbarment or license to revoke. This relates to a different problem that I discussed earlier where there is no set license that programmers receive to say that they are acutally good programmers. They can receive a degree, and they can have certifications in a bunch of different areas, but that doesn’t acutally say anything towards your skills as a programmer.
I liken a certificate as simply saying that you knew enough to pass the test at the time, it doesn’t say anything about your current skill set. I used to have a Red Cross CPR certification several years back, yet in all honesty I wouldn’t have trusted myself to preform it as I was trained to. That isn’t to say that everyone is going to be this way, I know several other people who I am sure they would be able to preform CPR correctly and without hesitation. But there is the critical difference, the certificate said something that wasn’t necessarily always going to be true. Granted this is a problem with all sorts of areas, but at least a professional license says that a person isn’t just trained in this one technology or this one particular area of a field but is a knowledgeable about the entire career field. A bar exam doesn’t just cover the particular field of law a lawyer is practicing for instance a patent lawyer takes the same bar exam a real estate lawyer does.
This is creating a real problem in the computer science field in different aspects. The one though that I see as the most important and that I want to talk about is the outside view of computer scientists. This has roots in a problem of messages sent through the media, which generally only portrays programmers as hackers and people who can take over any system within five minutes or sometime during the commercial break. Which granted it makes for good drama and plenty of other fields have bad portrayals of their particular field, crooked cops, unethical lawyers, and bad doctors. However how many crooked cops do you see in comparison to good cops? Now compare that same ratio to hackers and just plain programmers? Or rather just try to think of a plain programmer who just does their job, beyond a certain Bond girl, I can’t think of any and even that is a bit of a strech.
However this myth that all programmers are bent on taking over the world and with technology becoming ever more important in our everyday life, there is a fear that I have seen being expressed by more and more people. The fear of unethical programmers potentially developing a malicious program that say sucks off those fraction of a penny in interest to controlling the world’s energy. Bruce Schneier, a renowned expert in security, has a valuable theory here, that the preceived security and acutal security are both very important. That is, it doesn’t matter how safe you actually are if you don’t feel safe on the same basis if you feel safe and you aren’t that is also a bad thing. This is what I feel creates the problem in the average person’s eyes the precived security and actual security are vastly different in terms of technology.
The reality is that there really is no system that is designed to hold programmers accountable for their actions beyond the criminal system. Which there are inherent problems with the justice system, simply in light of the fact that technology changes so fast and well the political system is not exactly known for it’s speed. Granted at the same time there is a lot to be said for a system that is designed with flexibility in mind, technology given it’s pace of innovation needs a flexible system overlooking it. I don’t know if any professional organization could adequately confer a license on computer scientists that wouldn’t be out of date within 6 months, especially with the current state of evolution on the web.
I think this is a very tricky area but a question of confidence needs to be answered, for both the profession and for society as a whole to not have a sense of fear towards technology and computer scientists.