Are you adhering to expected industry standards of behaviour?

If you delve into the Macquarie Dictionary, it defines the word ethical as “relating to or dealing with morals”. It is concerned with “right and wrong conduct or practice, especially the standards of a profession”.

You may or may not be aware that ITPA has a code of ethics. It still bares the name of SAGE-AU, ITPA’s predecessor, because that is where it originates but it is equally as, if not more, important as it was when conceived.

Recent events in the industry give cause for concern that ethical standards are viewed with elasticity by some who work in the IT industry.

As technology continues to evolve and become potentially more invasive into the lives of individuals and organisations, the imperative for IT professionals to adhere to ethical standards is, or at least should be, at the core of their conduct in the workplace.

A recent news item brought this consideration to the fore of my mind as it appears the Australian Bureau of Statistics (ABS) is collecting more data than they're letting on.

It was disturbing to me to read that ABS had been exposed for its use of mobile device data captured by Telstra to complete research into temporary population shifts in and around Canberra. By any reading of what took place during this “research”, it would not have happened if the IT professionals who worked on the project were bound by this Code of Ethics.

I specifically draw your attention to this section:

“2. Privacy: I will access private information on computer systems only when it is necessary in the course of my duties. I will maintain the confidentiality of any information to which I may have access. I acknowledge statutory laws governing data privacy such as the Commonwealth Information Privacy Principles.”

There is a clear breach of privacy by both organisations inherent in the story above and that sends a lot of warning signals about what is possible with regards to the misuse of smart device technology.

Despite the fact this, on face value, is a relatively harmless use of anonymised mobile data, there are a range of ethical issues at its core and one that will serve to hasten work we are doing with regards to updating the code of conduct for IT professionals.

For a start, I think that accessing third party data collected via our mobile phones goes way beyond the remit of ABS which according to its website is “to deliver relevant, trusted, objective data, statistics and insights.”

It’s 2016 online Census, ABS mandated that respondents must disclose personal details including names and addresses. At the time, privacy advocates warned that this was the thin edge of a wedge where technology could be used to link survey responses to individual citizens and other Government databases.

Former ABS boss, Bill McLennan said at the time that this was “without doubt, the most significant invasion of privacy ever perpetrated on Australians by the ABS”.

Assurances were given by the agency and its parliamentary masters that there was nothing to worry about. Data was secure, would not be shared and would only be kept for four years.

Yet here we are less than two years later with what is unquestionably a far more serious breach of privacy which is accompanied by a failure to disclose that the exercise was being undertaken. It took the lateral thinking of a freelance journalist to identify just what liberties two of the country’s most trusted brands had taken with the technology now at their disposal.

To me, this level of collaboration between Telstra and ABS sounds alarm bells about what sort of regulations are in place to stop organisations using the massive amounts of data they are collecting and the use of technologies that sort and analyse this data.

We can also look at the recent Cambridge Analytics/Facebook saga as a signal of what we can expect from future surveillance capitalism. There are powerful tools that are very mature now that can be used maliciously if not bound by regulatory controls and a code of ethics subscribed to by the people who work at the coal-face of data collection and analysis.

As with any other occupational pursuit such as doctors, lawyers or accountants, IT professionals should be bound by a Code of Ethics which brings us to the question of what rights do those who work with technology have to refuse to participate in projects that contravene accepted good conduct benchmarks?

Who do they report to if they see, or are asked to participate in projects that are not in alignment with acceptable guidelines? What penalties can be imposed on people and organisations that decide to take advantage of technologies that allow them to invade the privacy of individuals and organisations?

So, as a member of ITPA, I urge you to familiarise yourself with the organisations code of ethics and discuss it with your colleagues. You have the potential to drive ethical standards within your workplace to ensure that the industry remains within acceptable boundaries for behaviour in regards to the use of technology and data.

Robert Hudson

President, ITPA

president@itpa.org.au