Ask HN: Would you sign a developer Hippocratic Oath? - secfirstmd
======
blackflame7000
Computer Science differs from the Medical field in that you never know what
someone else might do with your work. In medicine at any given moment you know
whether or not you are acting in the patients best interest. Doctors still
make mistakes of course, but they still know their intent.

Now lets say I write a program to encrypt messages between two parties because
their government is censoring free speech. Here my intentions are good.
However, someone else could use that system to organize terrorist activities.
It was never my intent but still it is my work being used to aid criminals.

That's where the line gets blurry. In medicine, actions have immediate effect.
They either help or hurt the patient. In computer science the same program can
be both a blessing and a curse.

~~~
corobo
In medicine you may be treating someone who may later go on to commit war
crimes, it doesn't mean you're causing harm by proxy. The oath just says "help
this person" it doesn't say "help this person if"

~~~
nostrademons
The irony is that public condemnation usually goes the opposite way for
software developers.

For a doctor, their client is the patient, and they are bound by oath to help
that patient. If the patient goes on to do horrible crimes, that's on the
patient, not on the doctor.

For a software engineer, the client is either their customer or the employer,
and the equivalent oath would be to always act in their customer/employer's
best interest. Most developers already do this - they typically don't continue
to get paid if they don't. But the moral dilemmas that surround software are
often of the form "You write software that massively violates peoples'
privacy, gets people to click on ads, wastes peoples' time, etc." If an NSA
developer did an IAmA and said "Yes, I write code to spy on people because I
have a responsibility to the people that pay my salary", they'd be vilified,
and more than a few people would likely say "No, you have a responsibility to
the American people to stop doing what you're doing." If a doctor were to say
"I refuse to treat this NSA engineer because he is harming humanity", he would
be similarly vilified.

------
jotux
IEEE members agree to the Code of Ethics, which are pretty universal:

>We, the members of the IEEE, in recognition of the importance of our
technologies in affecting the quality of life throughout the world, and in
accepting a personal obligation to our profession, its members and the
communities we serve, do hereby commit ourselves to the highest ethical and
professional conduct and agree:

>1\. to accept responsibility in making decisions consistent with the safety,
health, and welfare of the public, and to disclose promptly factors that might
endanger the public or the environment;

>2\. to avoid real or perceived conflicts of interest whenever possible, and
to disclose them to affected parties when they do exist;

>3\. to be honest and realistic in stating claims or estimates based on
available data;

>4\. to reject bribery in all its forms;

>5\. to improve the understanding of technology; its appropriate application,
and potential consequences;

>6\. to maintain and improve our technical competence and to undertake
technological tasks for others only if qualified by training or experience, or
after full disclosure of pertinent limitations;

>7\. to seek, accept, and offer honest criticism of technical work, to
acknowledge and correct errors, and to credit properly the contributions of
others;

>8\. to treat fairly all persons and to not engage in acts of discrimination
based on race, religion, gender, disability, age, national origin, sexual
orientation, gender identity, or gender expression;

>9\. to avoid injuring others, their property, reputation, or employment by
false or malicious action;

>10\. to assist colleagues and co-workers in their professional development
and to support them in following this code of ethics.

------
bluejekyll
I don't think it's necessarily this easy. While I would say "yes" to the
question, I already know that if I write a piece of crypto software, it will
be used by bad players to hide their illicit activities, including governments
hiding what they are doing to their population.

Similarly, almost all open-source software can be used by these bad actors. I
doubt any of them write their router OSes, e.g. FreeBSD, but should I not
contribute to that code because I know they are using it to suppress or track
voices inside their country? Similar arguments for DNS or other tools that can
be used to snoop on citizens.

Now, I would sign something saying I would not take a contract or money from
them, but at the same time I think the US/EU sanctions actually already
require that.

So how would we design it with these obvious caveats?

------
secfirstmd
E.g Would agree to never contribute code to a product that you knew would
likely be used by a human rights abusing country to repress it's population...

~~~
Fej
How about - don't write code that will directly be sold to an oppressive
regime?

~~~
partisan
What if a regime is using a FOSS application you wrote to do that? Should
there be clauses in software licenses to indicate that the software provided
cannot be used in a manner that causes harm to others? Further still, how
would you enforce that?

------
x1798DE
I don't think I'd even sign a medical hippocratic oath if I were a doctor. I
consider oaths of that sort to be cheap talk nonsense.

I would not, however, be willing to work on anything that I thought was
directly harmful, e.g. I would never work for the NSA.

------
ysleepy
Like the Iron Ring in canada?
[https://en.wikipedia.org/wiki/Iron_Ring](https://en.wikipedia.org/wiki/Iron_Ring)

------
sheraz
No. I simply don't work on projects that are part of public safety (traffic
lights) or medical devices. Or things of that ilk.

