Ethics in IT: The CIO’s new business imperative

This year’s spotlight on generative AI has been one of several factors increasingly placing corporate ethics in the crosshairs.

Important today, ethics will soon become foundational and existential for business. Five years from now an organization’s ability to recruit and retain top talent and design and sell profitable goods and services will depend on how it is perceived ethically.

Headlines are full of claims (and counter claims) regarding ethical lapses in the judicial, legislative, and executive branches of government. This scrutiny of the intersection of moral principles and action is spreading to nearly every facet of society, begging the question: What should we be doing to make sure IT’s ethical house is in order?

Ethics are — note the use of the plural here — among those disciplines that are much discussed but poorly understood. Juan Enríquez, author of Homo Evolutis: Please Meet the Next Human Species, began his remarks, “Ethics in the Age of Technology” lamenting that on the first day of work, many knowledge workers are presented with a giant book — The Ethics Manual —which declaims in excruciatingly boring prose, “What is right and what is wrong.” The net effect of this practice is to send the erroneous signal to new employees that ethical responsibility starts and ends with compliance with pre-existing, created-by-others rule sets. Nothing could be further from the truth.

The what and why of ethics in IT

The ritualistic delivery of The Ethics Manual to employees,ludicrous as it might seem, raises a couple of interesting questions. First, who writes the manual and whom is responsible for monitoring ethics in the enterprise? Second, is there an expanded version of The Ethics Manual for IT professionals?

The scholarship of Dennis F. Thompson, founding director of the University Center for Ethics and the Professions at the John F. Kennedy School of Government at Harvard University, reveals that we need to be aware of at least three distinctly different forms of ethics.

There are personal ethics, frequently referred to by ethics professors as “sandbox values” or “Sunday school ethics”; professional ethics, the codes of conduct specified by various disciplines (e.g., lawyers, accountants, doctors, financial advisors, engineers); and institutional ethics, which constitute normative behaviors of an organization or department. Of increasing importance are something known as “cohort ethics” — the assumption that your ethics are the sum of the value sets of your five closest friends.

Special Professor of Law Janis Meyer, who teaches “Legal Ethics” at The Maurice A. Deane School of Law at Hofstra University and “Professional Responsibility” at Columbia University School of Law, recently spoke at the virtual “Responsibility of Information Management” Digital Solutions Gallery at The Ohio State University. (Her remarks start at the 30:15 mark.) There, Meyer explained that there can be a difference between “professional ethics,” as specified for lawyers in state and federal law, and morals, aka personal beliefs and values.

Meyer asked, “Does IT have unambiguously articulated professional ethics?” This is something our profession needs to work on. In the soon-to-be-published The Day Before IT Transformation: Unlocking Digital Transformation for Business Leaders, Cheryl Smith, former CIO at McKesson, West Jet, and Keyspan, argues that without industry- and discipline-accepted “Technology Leadership Practices” it is essentially impossible to articulate professional ethics for IT.

Ethics are much bigger than a set of simple rules — for example, “Don’t lie,” “Don’t cheat,” or “Don’t steal other children’s toys.” Ethics are more than “checking the box” on environmental, social, and governance (ESG) and diversity, equity, and inclusion (DEI) audits.

Ethics drive how we frame and make decisions. How do we protect people’s privacy when AI needs so much data? Imagine you are programming a driverless car. When confronted with a crash scenario, should the car save its single occupant or seven pedestrians? Should the car prioritize saving older people or younger people? When using analytics, on what basis should hospitals allocate scarce beds in the intensive care unit? When screening job applicants, which resumes are rejected and which are reviewed? When deploying police, where should resources be focused? IT is not neutral or above the tough ethical questions organizations are confronting.

Currently the spotlight in tech ethics is split between how organizations treat their IT employees and how to prevent algorithmic misbehavior — for example, how to eliminate bias in training data. There is a movement under way to create a new human right against being subject to automated decision-making.

In the ethical IT organization of the future, we should be mindful of the decisions we make and their downstream ramifications. CIOs need to set the tone for their organization, establishing what is important, and what truly merits the time and attention of the professionals working with them. Great organizations might try to forecast future ethical dilemmas, for example, when there is a clash between personal and institutional values. Philosophy professors believe that one way to prepare to face real-world ethical dilemmas is to strengthen your moral muscle by practicing on hypothetical scenarios/case studies.

How will you help your IT organization rise to the evolving ethical moment?