Ron Ballard FBCS gives his personal view about what 'no harm' means in IT.

What does it mean to be ethical and what does it mean to be good for society? I think most of us would agree about the following list:

  • Do no harm
  • Acquire and maintain knowledge and skills
  • Maintain and deliver true and accurate data
  • Respect personal privacy
  • Put our users' needs first – deliver systems that work for them
  • Use the Earth’s resources economically
  • Build and deploy systems which use electrical power efficiently.

Do no harm

For me, this means not doing anything to help tobacco companies, gambling companies, or companies that are harming, or failing to reduce harm to, people or the environment. There are many human activities that cause harm in more subtle ways than tobacco and gambling. Often, I admit, the boundaries are fuzzy. But, I also believe, we have a duty to check the limits in the opportunities that are presented to us and to make the best decisions we can. If we always aim to do no harm, this may mean turning down some personal opportunities.

Maintain knowledge and skills

We are lucky to work in such a fascinating industry and to have the opportunity to earn a good living from our work. We have a duty to be diligent. Different people learn in different ways. I once had a technical support team member who was completely self–taught. They were brilliant in giving good advice to our customers. They later went on to be head of engineering for a successful software company in Silicon Valley, and then became CTO for a large finance company that is an international household name. Most of us benefit from more formal training, and the work that BCS does in this area is very welcome.

Working with insufficient knowledge and skills is likely to be harmful and is therefore not ethical.

True and accurate data

As IT professionals we rarely have full view of how the data we manage will be used. I have seen data processed carelessly, with plausible results considered acceptable. Plausible is not enough. We need to be as sure as we can that the data is as reliable as we can possibly make it and that we have tested its accuracy thoroughly.

Respect personal privacy

Accuracy in data is necessary, but not enough. We know from ‘Surveillance Capitalism’ and many other academic and journalistic sources, that our personal data can be stolen and used for massive profits. Very often it is used to sell us things that are harmful to us or to the environment.

There are good guidelines (in the GDPR , for example) and we should follow them. I have worked for a large finance company that took a risk–based approach to GDPR. This can be summed up as: ‘Can we get away with it?’ They were busy stealing personal data and strongly resisted any attempt to limit this activity. That was not ethical.

Engineering for good

Information technology systems are complex. Most people do not, and should not have to, understand them. Most people rely on advice from reputable companies to help them judge whether a technology or a product is a good investment. Companies that are prepared to promote inefficient systems are not only putting profits before customers, they are also exploiting their customers by promoting damaging technology.

For you

Be part of something bigger, join the Chartered Institute for IT.

We need more awareness of good design and good development practices. We need these to feed into procurement decisions. Every system selection panel should have representation from at least one IT professional with a proven track record and the communication skills to explain what the proposed solution means to the panel and to the organisation they represent.

BCS must continue its training and certification programmes and make sure that they are relevant and based on sound engineering principles without prejudice by commercial interests. In some cases we should refuse to endorse technologies that we know are harmful.