Public trust and professional credibility are built on ethical behaviour.
Ethical standards help balance commercial goals with the wider public good.
2. Legal vs Ethical Considerations
Legal compliance is the minimum requirement; ethical practice often goes beyond the law.
Aspect
Legal considerations
Ethical considerations
Definition
Rules enacted by governments or regulators (e.g., GDPR, CCPA, copyright law).
Profession‑wide principles of right and wrong recognised by society.
Enforcement
Courts, data‑protection authorities, industry regulators.
Professional bodies, peer review, personal conscience, public opinion.
Scope
Specific actions – “must do” or “must not do”.
Broader concerns – fairness, sustainability, respect for autonomy, social welfare.
Illustrative example
Complying with GDPR’s right‑to‑erasure.
Even when the law permits data retention, choose to delete data that users no longer expect to be stored.
3. Professional Codes of Conduct
All major computing bodies provide a written code that guides ethical practice.
British Computer Society (BCS) Code of Conduct – public interest, competence, integrity, and professional development.
Institute of Electrical and Electronics Engineers (IEEE) Code of Ethics – safety, privacy, avoidance of conflicts of interest, and honest reporting.
Association for Computing Machinery (ACM) Code of Ethics and Professional Conduct – responsibilities to society, clients, colleagues, and the profession.
4. Intellectual Property (IP) and Ownership
4.1 Types of IP Relevant to Computing
Copyright – protects original source code, documentation, graphics, multimedia and the expression of ideas.
Patents – protect a novel, non‑obvious invention (e.g., a new encryption algorithm, a specialised processor architecture).
Trade secrets – confidential business information such as proprietary algorithms, test data, or source‑code repositories.
Design rights – protect the visual appearance of a user interface or hardware enclosure.
4.2 Software Licensing
Licences define how software may be used, modified and redistributed. Choose a licence that matches the intended commercial or collaborative model.
Licence type
Key features
Typical use‑case
Proprietary (commercial)
Source code closed; use restricted by a licence agreement; usually requires payment.
Any derived work must also be distributed under the GPL; source must be made available.
Open‑source projects that want to guarantee freedom to modify and share.
MIT / BSD (permissive)
Minimal restrictions; code may be incorporated into proprietary software.
Libraries, frameworks, and tools that aim for wide adoption.
Creative Commons (CC‑BY, CC‑BY‑SA, …)
Designed for creative works; can be applied to documentation, datasets, or media.
Open educational resources, data sets, documentation.
Justify the licence – For a commercial web‑application sold to multiple clients, a proprietary licence (or a dual‑licence model) is usually appropriate because the developer needs to protect revenue while restricting unauthorised redistribution.
4.3 Data Ownership and Privacy
Who owns data generated by users, sensors, or automated processes? (e.g., IoT telemetry, biometric logs.)
Legal frameworks (GDPR, CCPA, UK Data Protection Act) grant data subjects rights to access, correct, restrict, and delete personal data.
Ethical practice adds:
Transparent data‑handling policies.
Informed, freely‑given consent.
Respect for users’ reasonable expectations of privacy.
4.4 Digital Rights Management (DRM)
DRM uses technical controls to enforce IP rights. Ethical questions include:
Does DRM unduly limit legitimate user activities (e.g., making a personal backup)?
Are accessibility needs (e.g., for disabled users) considered?
Is the balance between creator rights and user freedom proportionate?
5. AI Ethics
Artificial Intelligence introduces new ethical challenges that computing professionals must address.
Bias and fairness – training data may encode societal prejudices; algorithms can produce discriminatory outcomes.
Transparency and explainability – users should understand how a decision was reached, especially in high‑risk domains (medical diagnosis, hiring, credit scoring).
Accountability – clear responsibility for autonomous system actions (e.g., self‑driving cars, automated trading bots).
Privacy – AI often requires large data sets; ethical handling of personal data is mandatory.
Societal impact – consider job displacement, environmental cost of training large models, and influence on public discourse.
6. Ethical Decision‑Making Models
Consequentialist (Utilitarian) approach – Choose the action that produces the greatest overall benefit.
Deontological (Duty‑based) approach – Follow moral rules or professional duties regardless of outcomes.
Virtue ethics – Act in a way that reflects good character traits such as honesty, fairness, and responsibility.
Professional‑code reference – Align decisions with the relevant code of conduct (BCS, IEEE, ACM).
7. Illustrative Case Studies
7.1 Social‑Media Data Mining
A company analyses user activity to deliver targeted ads without explicit consent.
Legal aspect: May breach GDPR/CCPA requirements for lawful basis and consent.
Ethical aspect: Violates user autonomy, privacy expectations, and the principle of “do no harm”.
Recommended action: Implement an opt‑in mechanism, publish a clear data‑use policy, and provide an easy way for users to withdraw consent.
7.2 Open‑Source Security Flaw
A developer discovers a critical vulnerability in a widely used open‑source library.
Legal aspect: No contractual duty to disclose, but may be covered by the library’s contribution guidelines.
Ethical aspect: Duty to protect users from harm and maintain community trust.
Recommended action: Report the flaw responsibly to the maintainers, provide a patch, and coordinate a public advisory once a fix is available.
7.3 AI‑Driven Recruitment Tool
An organisation uses a machine‑learning system to screen job applicants.
Legal aspect: Must comply with anti‑discrimination legislation (e.g., Equality Act 2010).
Ethical aspect: Risk of bias against protected groups; lack of transparency for candidates.
Recommended action: Conduct regular bias audits, make the scoring criteria explainable, and retain human oversight for final hiring decisions.
8. Summary Checklist for Ethical Practice
Identify all stakeholders (users, clients, employers, wider society) and their interests.
Determine applicable laws, regulations and professional codes.
Analyse possible actions using an ethical decision‑making model.
Select the action that balances legal compliance, professional standards and the public good.
Document the reasoning, keep records for accountability, and schedule a review after implementation.
Suggested diagram: Flowchart of the ethical decision‑making process –> Stakeholder analysis → Legal & regulatory check → Professional‑code reference → Choose ethical model (Utilitarian / Deontological / Virtue) → Decision → Implementation → Review & documentation.
Your generous donation helps us continue providing free Cambridge IGCSE & A-Level resources,
past papers, syllabus notes, revision questions, and high-quality online tutoring to students across Kenya.