Show understanding of the need to act ethically and the impact of acting ethically or unethically for a given situation

7.1 Ethics and Ownership

Learning objective

Exam‑style reminder: Show understanding of the need to act ethically and the impact of acting ethically or unethically for a given situation.

Why ethics matter in computing

  • Computing systems process personal and sensitive data.

  • Decisions made by programmers and organisations can affect millions of users.

  • Legal frameworks (e.g., GDPR, Data Protection Act) require ethical handling of data.

  • Professional reputation and public trust depend on ethical conduct.

Key ethical principles (based on the ACM Code of Ethics and other professional codes)

  1. Public interest – prioritise the welfare of society and the environment.

  2. Quality of work – produce reliable, secure and maintainable software.

  3. Professional competence – keep skills up‑to‑date and avoid misrepresentation.

  4. Privacy and confidentiality – protect personal data from unauthorised access.

  5. Intellectual property – respect ownership of software, data and algorithms.

Sample exam scenarios linked to each principle

PrincipleTypical exam situation
Public interestDeveloping a health‑app that shares anonymised data with NHS researchers.
Quality of workChoosing secure coding practices for an online banking system.
Professional competenceRefusing to claim expertise in machine‑learning when only basic knowledge is held.
Privacy and confidentialityImplementing encryption for stored user passwords.
Intellectual propertyRespecting the licence of an open‑source library used in a commercial product.

Professional bodies & codes of conduct

Relevant organisations that publish widely‑used codes (any one can be named in the exam):

  • British Computer Society (BCS) – Code of Conduct for BCS Members

  • Institute of Electrical and Electronics Engineers (IEEE) – IEEE Code of Ethics

  • Institution of Engineering and Technology (IET) – Code of Conduct

Mnemonic to aid recall: BCS‑IEEE‑IET = BICBest Information Code.

Copyright legislation (software & data)

  • Copyright gives the creator exclusive rights to reproduce, distribute, adapt and publicly perform a work.

  • In the UK the Copyright, Designs and Patents Act 1988 protects source code, documentation, graphics and data compilations.

  • Key concepts for the exam

    • Infringement – copying or modifying code without permission.

    • Fair dealing (UK) – limited use for research, criticism or teaching, subject to strict conditions.

    • Fair use (US) – broader, purpose‑driven test (purpose, nature, amount, market effect).

    • DMCA (USA) / EU‑Copyright Directive – additional protection for digital works.

Comparative note: UK fair dealing is a *defence* that applies only to specific purposes, whereas US fair use is a *balancing test* that can apply to many more situations. Exam questions may ask you to contrast the two.

Example: A student copies a library function from an open‑source project and republishes it in a commercial product without complying with the licence – this breaches copyright.

Software licensing – types and justification

Licence typeKey characteristicsTypical use‑caseWhy a developer might choose it
Proprietary (e.g., Microsoft Windows, Adobe Photoshop)Source code closed; users must accept a licence agreement; no redistribution without permission.Commercial products where the owner wants full control and revenue.Protects IP and allows strict quality control.
GNU General Public Licence (GPL)Copyleft – any derivative work must also be distributed under GPL.Projects that want all future versions to remain free and open.Ensures community contributions stay open; discourages proprietary forks.
MIT / BSD licencePermissive – allows commercial reuse, modification and redistribution with minimal conditions.Libraries or tools where wide adoption is desired.Encourages integration into both open‑source and proprietary software.
Creative Commons (CC‑BY, CC‑BY‑SA, …)Designed for creative works; can be applied to documentation, datasets, or educational material.Open educational resources, research data sets.Provides clear attribution requirements while allowing sharing.
Shareware / FreemiumSoftware distributed for free on a trial basis; full features unlocked after payment.Small utilities, games, or SaaS products.Allows users to test before buying; generates revenue from conversions.

Quick‑pick decision tree

  1. Do you need commercial reuse with no obligation to share source code? → MIT / BSD

  2. Do you want any derivative to stay open‑source? → GPL

  3. Is the software intended to be sold as a closed product? → Proprietary licence

  4. Is the work primarily non‑code (e.g., documentation, data) and you want attribution? → Creative Commons

  5. Do you want users to try before they buy? → Shareware / Freemium

Artificial Intelligence (AI) and ethics

  • Bias and fairness – training data may reflect historical prejudice, leading to discriminatory outcomes (e.g., facial‑recognition misidentifying minority groups).

  • Transparency and explainability – deep models can be “black boxes”, making it hard to justify decisions to users or regulators.

  • Autonomy and accountability – when AI makes decisions (e.g., autonomous vehicles), responsibility for errors must be clear.

  • Privacy – AI often requires large data sets; ethical handling of that data is essential.

Exam prompt example: “Explain two ethical risks of deploying facial‑recognition in public spaces and suggest one mitigation for each.”

Typical mitigations include bias testing on diverse data sets, publishing model documentation, and keeping a human‑in‑the‑loop for critical decisions.

Ownership issues in computing

  • Software licences – proprietary vs open source, and the detailed licence types above.

  • Data ownership – who has the right to collect, store, analyse and share data.

  • Hardware & infrastructure – responsibilities for maintenance, upgrades, and environmentally‑responsible disposal (e‑waste regulations such as the EU Waste Electrical and Electronic Equipment Directive).

Case study: Data mining for targeted advertising

ActionEthical assessmentPotential impact
Obtain explicit consent before data collectionEthicalBuilds user trust; complies with GDPR; may reduce data volume but improves reputation.
Collect data silently and sell to third partiesUnethicalShort‑term profit; long‑term reputational damage; legal penalties (fines up to €20 million).
Anonymise data before analysisEthicalProtects privacy while retaining analytical value; easier compliance with data‑protection law.
Share raw data with partners without safeguardsUnethicalHigh risk of data breaches; loss of user confidence; possible class‑action lawsuits.

Question stem for the exam: “Evaluate the most ethical action from the table above and justify your choice using at least two syllabus concepts (e.g., GDPR and fair dealing).”

Impact of ethical vs. unethical decisions

Cost model:

\$C{\text{total}} = C{\text{compliance}} + C_{\text{reputation loss}}\$

  • When E = 1 (ethical), C_{\text{reputation loss}} is low – the organisation enjoys brand loyalty and avoids fines.

  • When E = 0 (unethical), C_{\text{reputation loss}} can far exceed any savings from cutting compliance costs.

Numeric example: If compliance costs £5 k and the estimated reputation loss from a data‑breach is £30 k, then

C_total = £5 k + £30 k = £35 k. An ethical approach that raises compliance to £7 k but avoids the breach would cost only £7 k – a clear savings.

Guidelines for acting ethically

  1. Identify all stakeholders (users, clients, employees, regulators, wider society).

  2. Consult relevant legislation (GDPR, Data Protection Act, Copyright, Designs and Patents Act) and professional codes.

  3. Seek informed consent when handling personal data; provide clear privacy notices.

  4. Document decisions, rationales and any risk‑mitigation measures for accountability.

  5. Review and update practices as technology, standards and regulations evolve.

Suggested decision‑making flowchart (ethical data handling)

Identify data → Assess legal requirements → Obtain consent (or confirm lawful basis) → Choose appropriate licence / protection level → Implement technical safeguards (encryption, anonymisation) → Review outcomes & record lessons learned.

Summary

Acting ethically in computing is not optional; it safeguards users, complies with law, and sustains the long‑term success of organisations. Understanding copyright, software licences, AI‑related risks, and the professional codes that govern behaviour equips future computer scientists to make responsible, well‑justified decisions.