Professional Ethics

While netiquette applies to all netizens, IT professionals specifically follow an ethical practice as
they are the front liners, support, and backend of ICT.

The Association of Computing Machinery (ACM) has identified 24 imperatives of professional

conduct for IT professionals. It contains many, but not all, issues IT professionals are likely to face while
using, creating, and implementing ICT.

Section1 outlines the fundamental ethical considerations while Section 2 provides additional,
more specific considerations of professional conduct. Section 3 is intended specifically for individuals
who have a leadership role, whether in the workplace or in a volunteer capacity such as in organizations
like ACM. Principles involving compliance with this Code are laid out in Section 4.

1. GENERAL MORAL IMPERATIVES

As an ACM member, I will..
1.1 Contribute to society and human well-being.
This principle concerning the quality of life of all people affirms an obligation to protect
fundamental human rights and to respect the diversity of all cultures. An essential aim of
computing professionals is to minimize negative consequences of computing systems,
including threats to health and safety. When designing or implementing systems, computing
profess1onals must attempt to ensure that the products of their efforts will be used in
socially responsible ways, will meet social needs, and will avoid harmful effects on health
and welfare.
In addition to a safe social environment, human well-being includes a safe natural
environment. Therefore, computing professionals who design and develop systems must be
alert to, and make others aware of, any potential damage to the local or global environment.
1.2 Avoid harm to others.
"Harm" means injury or negative consequences, such as undesirable loss of information,
loss of property, property damage, or unwanted environmental impacts. This principle
prohibits use of computing technology in ways that result in harm to any of the following:
users, the general public, employees, and employers. Harmful actions include intentional
destruction or loss of resources or unnecessary expenditure of human resources such as the
time and effort required to purge systems of "computer viruses.""
Well-intended actions, including those that accomplish assigned duties, may lead to
harm unexpectedly. In such an event, the responsible person or persons are obligated to
undo or mitigate the negative consequences as much as possible. One way to avoid
unintentional harm is to carefully consider potential impacts on all those affected by
decisions made during design and implementation.
To minimize the possibility of indirectly harming others, computing professionals must
minimize malfunctions by following generally accepted standards for system design and
testing. Furthermore, it is often necessary to assess the social consequences of systems to
project the likelihood of any serious harm to others. If system features are misrepresented to
users, co-workers, or supervisors, the individual computing professional is responsible for
any resulting injury.
 In the work environment, the computing professional has the additional obligation to
report any signs of system dangers that might result in serious personal or social damage. If
one's superiors do not act to curtail or mitigate such dangers, it may be necessary to "blow
the whistle" to help correct the problem or reduce the risk. However, capricious or
misguided reporting of violations can, itself, be harmful. Before reporting violations, all
relevant aspects of the incident must be thoroughly assessed. In particular, the assessment
of risk and responsibility must be credible. It is suggested that dvice be sought from other
computing professionals. See principle 2.5 regarding thorough evaluations.
1.3 Be honest and trustworthy.
Honesty is an essential component of trust. Without trust an organization cannot
function effectively. The honest computing professional will not make deliberately false or
deceptive claims about system or system design, but will instead provide full disclosure of all
pertinent system limitations and problems.
A computer professional has a duty to be honest about his or her own qualifications, and
about any circumstances that might lead to conflicts of interest. Membership in volunteer
organizations such as ACM may at times place individuals in situations where their
statements or actions could be interpreted as carrying the "weight" of a larger group of
professionals. An ACM nember will exercise care to not misrepresent ACM or positions and
policies of ACM or any ACM unitsit
1.4 Be fair and take action not to discriminate.
The values of equality, tolerance, respect for others, and the principles of equal justice
govern this imperative. Discrimination on the basis of. race, sex, religion, age, disability,
national origin, or other such factors is an explicit violation of ACM policy and will not be
tolerated.
Inequities between different groups of people may result from the use or misuse of
information and technology. In a fair society, all individuals would have equal opportunity to
participate in, or benefit from, the use of computer resources regardless of race, sex,
religion, age, disability, national origin, or other such similar factors. However, these ideals
do not justify unauthorized use of computer resources nor do they provide an adequate
basis for violation of any other ethical imperatives of this code.
1.5 Honor property rights including copyrights and patent.
Violation of copyrights, patents, trade secrets, and the terms of license agreements is
prohibited by law in most circumstances, Even when software is not so protected, such
violations are contrary to professional behavior. Copies of software should be made only
with proper authorization. Unauthorized duplication of materials must not be condoned.
1.6 Give proper credit for intellectual property.
Computing professionals are obligated to protect the integrity of intellectual property.
Specifically, one must not take credit for other's ideas or work, even inset cases where the
work has not been explicitly protected by copyright, patent, etc.
1.6 Respect the privacy of others.
Computing and communication technology enables the collection and exchange of
personal information on a scale unprecedented in the history of civilization. Thus, there is
increased potential for violating the privacy of individuals and groups. It is the responsibility
of professionals to maintain the privacy and integrity of data describing individuals. This
 includes taking precautions to ensure the accuracy of data, as well as protecting it from
unauthorized access or accidental disclosure to inappropriate individuals. Furthermore,
procedures must be established to allow individuals to review their records and correct
inaccuracies.
This imperative implies that only the necessary amount of personal information be
collected in system, that retention and disposal periods for that information be clearly
defined and enforced, and that personal information gathered for a specific a purpose not
be used for other purposes without consent of the individual(s). These principles apply to
electronic communications, including electronic mail, and prohibit procedures that capture
or monitor electronic user data, including messages, without the permission of users or
bona fide authorization related to system operation and maintenance. User data observed
during the normal duties of system operation and maintenance must be treated with
strictest confidentiality, except in cases where it is evidence for the violation of law,
organizational regulations, or this Code. In these cases, the nature or contents of that
information must be disclosed only to proper authorities.
1.7 Honor confidentiality.
The principle of honesty extends to issues of confidentiality of information whenever
one has made an explicit promise to honor confidentiality or, implicitly, when private
information not directly related to the performance of one's duties becomes available. The
ethical concern is to respect all obligations of confidentiality to employers, clients, and users
unless discharged from such obligations by requirements of the law or other principles of
this Code.
2. MORE SPECIFIC PROFESSIONAL RESPONSIBILITIES
As an ACM computing professional, I will..

2.1 Strive to achieve the highest quality, effectiveness and dignity in both the process and
products of professional work.
Excellence is perhaps the most important obligation of a professional. The computing
professional must strive to achieve quality and to be cognizant of the serious negative
consequences that may result from poor quality in a system.
2.2 Acquire and maintain professional competence.
Excellence depends on individuals who take and maintaining responsibility for acquiring
professional competence. A professional must participate in setting standards for
appropriate levels of competence, and strive to achieve those standards. Upgrading
technical knowledge and competence can be achieved in several ways: doing independent
study; attending seminars, conferences, or courses; and being.
2.3 Know and respect existing laws pertaining to professional work.
ACM members must obey existing local, state, provincial, national, and international
laws unless there is a compelling ethical basis not to do so. Policies and procedures of the
organizations in which one participates must also be obeyed. But compliance must be
balanced with the recognition that sometimes existing laws and rules may be immoral or
inappropriate and, therefore, must be challenged. Violation of a law or regulation may be
ethical when that law or rule has inadequate moral basis or when it conflicts with another
law judged to be more important. If one decides to violate a law or rule because it is viewed
 as unethical, or for any other reason, one must fully accept responsibility for one's actions
and for the consequences.
2.4 Accept and provide appropriate professional review.
Quality professional work, especially in the computing profession, depends on
professional reviewing and critiquing. Whenever appropriate, individual members should
seek and utilize peer review as well as provide critical review of the work of others.
2.5 Give comprehensive and thorough evaluations of computer systems and their impacts,
including analysis of possible risks.
Computer professionals must strive to be perceptive, thorough, and objective when
evaluating, recommending, and presenting system descriptions and alternatives. Computer
professionals are in a position of special trust, and therefore have a special responsibility to
provide objective, credible evaluations to employers, clients, users, and the public. When
providing evaluations, the professional must also identify any relevant conflicts of interest,
as stated in imperative 1.3.
As noted in the discussion of principle 1.2 on avoiding harm, any signs of danger from
systems must be reported to those who have opportunity and/ or responsibility to resolve
them. See the guidelines for imperative 1.2 for more details concerning harm, including the
reporting of professional violations.
2.6 Honor Contracts, agreements, and assigned responsibilities.
Honoring one's commitments is a matter of integrity and honesty. For the computer
professional, this includes ensuring that system elements perform as intended, Also, when
one contracts for work with another party, one has an obligation to keep that party properly
informed about progress toward completing.
A computing professional has a responsibility to request a change in any assignment that
he or she feels cannot be completed as defined., Only after serious consideration and with
full disclosure of risks and concerns to the employer or client, should one accept the
assignment. The major underlying principle here this the obligation to accept personal
accountability for professional work. On some occasions, other ethical principles may take
greater priority.
A judgment that a specific assignment should not be performed may not be accepted.
Having clearly identified one's concerns and reasons for that judgment, but failing to procure
a change in that assignment, one may yet be obligated, by contract or by law, to proceed as
directed.
The computing professional's ethical judgment should be the final guide in deciding
whether or not to proceed. Regardless of the decision, one must accept the responsibility for
the consequences.
However, performing assignments "against one's own judgment" does not relieve the
professional of as responsibility for any negative consequences.
2.7 Improve public understanding of computing and its consequences.
Computing professionals have a responsibility to share technical knowledge with the
public by encouraging understanding of computing, including the impacts of computer
systems and their limitations. This imperative implies an obligation to counter any false
views related to computing.
2.8 Access computing and communication resources only when authorized to do so.
 Theft or destruction of tangible and electronic property is prohibited by imperative
1.2-"Avoid harm to others." Trespassing and unauthorized use of a computer or
communication system is addressed by this imperative. Trespassing includes accessing
communication networks and computer systems, or accounts and/or fles associated with
those systems, without explicit authorization to do so. Individuals and organizations have the
right to restrict access to their systems so long as they đo not violate the discrimination
principle (see 14), No one should one a enter or use another's computer system, software,
or data files without permission. One must always have appropriate approval before using
system resources, including communication ports, file space, other system peripherals, and
computer time.
3. ORGANIZATIONAL LEADERSHIP IMPERATIVES
As an ACM member and an organizational leader, I will....
BACKGROUND NOTE: This section draws extensively from the draft IFIP Code of Ethics, especially
its sections on organizational ethics and international concerns. The at ethical obligations of
organizations tend to be neglected in most codes of professional conduct, perhaps because
these codes are written from the perspective of the individual member. This dilemma is
addressed by, stating these imperatives from the perspective of the organizational leader. In this
context "leader" is viewed as any organizational member who has leadership or educational
responsibilities. These imperatives generally may apply to organizations as well as their leaders.
In this context "organizations" are corporations, government agencies, and other "employers,"
as well as volunteer professional organizations.
3.1 Articulate social responsibilities of members of an organizational unit and encourage full
acceptance of those responsibilities.
Because organizations of all kinds have impacts on the public, they must accept
responsibilities to society. Organizational procedures and attitudes oriented toward quality
and the welfare of society will reduce harm to members of the public, thereby serving public
interest and fulfilling social responsibility. Therefore, organizational leaders must encourage
full participation in meeting social responsibilities as well as quality performance.
3.2 Manage personnel and resources to design and build information systems that enhance
the quality of working life.
Organizational leaders are responsible for ensuring that computer systems enhance, not
degrade, the quality of working life. When implementing a computer system, organizations
must consider the personal and professional development, physical safety, and human
dignity of all workers. Appropriate human-computer ergonomic standards should be
considered in system design and in the workplace.
3.3 Acknowledge and support proper and authorized uses of an organization's computing and
communication resources.
Because computer systems can become tools to harm as well as to benefit an
organization, the leadership has the responsibility to clearly define appropriate and
inappropriate uses of organizational computing resources. While the number and scope of
such rules should be minimal, they should be fully enforced when established.
3.4 Ensure that users and those who will be affected by a system haye their needs clearly
articulated during the assessment and design of requirements; later, the system must be
validated to meet requirements.
 Current system users, potential users, and other persons whose lives may be affected by
a system must have their needs assessed and incorporated in the statement of
requirements. System validation should ensure compliance with those requirements.
3.5 Articulate and support policies that protect the dignity of users and others affected by a
computing system.
Designing or implementing systems that deliberately or inadvertently demean
individuals or groups is ethically unacceptable. Computer professionals who are in decision-
making positions should verify that systems are designed and implemented to protect
personal privacy and enhance personal dignity.
3.6 Create opportunities for members of the organization to learn the principles and
limitations of computer systems.
This complements the imperative on public understanding (2.7). Educational
opportunities are essential to facilitate optimal participation of organizational members.
opportunities must be available to all members to help them improve their knowledge and
skills in computing, including courses that familiarize them with the consequences and
limitations of particular types of systems. In particular, professionals must be made aware of
the dangers of building systems around oversimplified models, the improbability of
anticipating and designing for every possible operating condition, and other issues related to
the complexity of this profession.
4. COMPLIANCE WITH THE CODE
As an ACM member, I will,...
4.1 Uphold and promote the principles of this Code.
The future of the computing profession depends on both technical and ethical
excellence, Not only is it important for ACM computing professionals to adhere to the
principles expressed in this Code, each member should encourage and support adherence
by other members.
4.2 Treat violations of this code as inconsistent with membership in the ACM.
Adherence of professionals to a code of ethics is largely a voluntary matter. However, if a
member does not follow this code by engaging in gross misconduct, membership in ACM
may be terminated.
This Code and the supplemental Guidelines were developed by the Task Force for the
Revision of the ACM Code of Ethics and Professional Conduct: Ronald E. Anderson, Chair,
Gerald Engel, Donald Gotterbarn, Grace C. Hertlein, Alex Hoffman, Bruce Jawer, Deborah G.
Johnson, Doris K. Lidtke, Joyce Currie Little, Dianne Martin, Donn B. Parker, Judith E A.
Perrolle, and Richard S. Rosenberg. The Task Force was organized by ACM/SIGCAS and
funding was provided by the ACM SIG Discretionary Fund. This Code and the supplemental
Guidelines were adopted by the ACM Council on October 16, 1992.
This Code may be published without permission as long as it is not changed in any way
and it carries the copyright notice.
Copyright 1997, Association for Computing Machinery, Inc. Sh