come conversant in privacy’s various
definitions and forms.
Technology enables the collection,
monitoring, and exchange of personal
information quickly, inexpensively,
and often without the knowledge of
the people affected. Computing professionals should only use personal
data for legitimate ends and without
violating the rights of individuals and
groups. This requires taking precautions to prevent unauthorized data collection, ensuring the accuracy of data,
and protecting it from unauthorized
access and accidental disclosure. Computing professionals should establish
transparent policies and procedures
that allow individuals to give informed
consent to automatic data collection,
review their personal data, correct in-accuracies, and, where appropriate,
Only the minimum amount of personal information necessary should
be collected in a system. The retention and disposal periods for that information should be clearly defined,
enforced, and communicated to data
subjects. Personal information gathered for a specific purpose should
not be used for other purposes without the person’s consent. Computing
professionals should take special care
for privacy when data collections are
merged. Individuals or groups may be
readily identifiable when several data
collections are merged, even though
those individuals or groups are not
identifiable in any one of those collections in isolation.
1. 7 Honor confidentiality.
Computing professionals should protect confidentiality unless required to
do otherwise by a bona fide requirement of law or by another principle of
User data observed during the normal duties of system operation and
maintenance should be treated with
strict confidentiality, except in cases
where it is evidence of the violation of
law, of organizational regulations, or
of the Code. In these cases, the nature
or contents of that information should
not be disclosed except to appropriate
authorities, and a computing professional should consider thoughtfully
whether such disclosures are consistent with the Code.
A computing professional should...
2. 1 Strive to achieve high quality in both
the process and products of professional work.
Computing professionals should
insist on high quality work from themselves and from colleagues. This includes respecting the dignity of employers, colleagues, clients, users, and
anyone else affected either directly
or indirectly by the work. Computing
professionals have an obligation to
keep the client or employer properly
informed about progress toward completing the work. Professionals should
be cognizant of the serious negative
consequences affecting any stakeholder that may result from poor quality work and should resist any inducements to neglect this responsibility.
2. 2 Maintain high standards of professional competence, conduct, and ethical practice.
High quality computing depends on
individuals and teams who take personal and group responsibility for acquiring and maintaining professional
competence. Professional competence
starts with technical knowledge and
with awareness of the social context
in which the work may be deployed.
Professional competence also requires
skill in reflective analysis and in recognizing and navigating ethical challenges. Upgrading necessary skills
should be ongoing and should include
independent study, conferences, seminars, and other informal or formal
education. Professional organizations
and employers should encourage and
facilitate those activities.
2. 3 Know, respect, and apply existing
rules pertaining to professional work.
“Rules” here includes regional, national, and international laws and regulations, as well as any policies and procedures of the organizations to which
the professional belongs. Computing
professionals must obey these rules
unless there is a compelling ethical
justification to do otherwise. Rules
that are judged unethical should be
challenged. A rule may be unethical
when it has an inadequate moral basis,
it is superseded by another rule, or it
in a particularly