CS308 : ACM Code of Ethics

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Preamble

According to the Preamble, the public good is always the highest consideration. According to the Preamble, thoughtful consideration and reasoned judgment may be needed in particular cases.

Public Good

According to the Preamble, the public good is always the highest consideration. According to the Preamble, thoughtful consideration and reasoned judgment may be needed in particular cases.

Steve is a team leader in the network security department of a regional bank. In analyzing system logs, a routine part of his job, he finds evidence that several customer accounts were accessed improperly. A full audit indicates there were no transactions, only inquiries of account balances and the date of the last activity. The software problem causing the vulnerability is found and patched. Steve reasons that because no one lost any funds, there's no need to notify the customers. He does inform his superiors at the bank about the breach, of course.

All above statements are correct.

Section 2.1

All of the above

Section 2.2

All of the above

Harry is a volunteer board member for a small non-profit. Because of his computer expertise, he has been asked to review and make a recommendation about two different software packages the non-profit is considering. He has been using one of them for years, likes it, and is very familiar with it. The other, while newer, has become more popular for its ease of use and excellent company support. Harry has discussed all this in his report, making it clear that he is much more familiar with one of these products, and that the other one may be easier to use and easier to get support for.

By disclosing factors that may appear to influence the independence of his judgement, Harry is meeting his obligation to be honest and trustworthy. By providing his best advice, Harry is promoting the public good.

Harry is a professor in the Computer Science department at BigState University. His research focuses on data mining and email filtering. He is interviewed by the campus newspaper about how students can protect themselves from email scams. He recommends the free version of a downloadable email filter. He does not mention that the product's company was founded by one of his former students, and that he sits on the company's technical advisory board, for which he receives a small fee every year.

By freely sharing what he knows, Harry is promoting the public good. The ACM Code says professionals must avoid even the appearance of conflicts of interest.

Prof. Wright is preparing a presentation for his data-mining class. He finds a public code repository online with a simple demonstration program showing the technique he's discussing in next week's class. He downloads code from the repository and puts portions of it into his lecture notes. As there is no obvious attribution in the code, Prof. Wright does not include any in his notes. He does not explicitly claim that the code is his; rather, he is silent on the question of authorship.

Credit should always be given for the work of others The original author could rightfully demand credit, but should be willing to let Prof. Wright use his work as a class example.

Prof. Wright is preparing a presentation for his data-mining class. He finds a public code repository online with a simple demonstration program showing the technique he's discussing in next week's class. He downloads code from the repository and puts portions of it into his lecture notes. As there is no obvious attribution in the code, Prof. Wright does not include any in his notes. He does not explicitly claim that the code is his; rather, he is silent on the question of authorship.

Credit should always be given for the work of others. The original author could rightfully demand credit, but should be willing to let Prof. Wright use his work as a class example.

Section 1.2

None of the above

Section 1.4

None of the above

Section 1.5

None of the above

Prof. Jack Wright is preparing a lecture for his Ethics course. While searching the Internet, he finds a course presentation, which would be beneficial to his lecture topic. The online presentation does not have any obvious references attached to it, so Prof. Wright sees nothing wrong with posting the content on Canvas so his students can view and discuss the topic. One of the students in the course copies portions of the presentation to his own website, writing several blog posts about it. The original academic author of the presentation notices his content is being shared by the student, who has attributed it to Prof. Wright. The original author contacts Prof. Wright's university and demands that Prof. Wright stop using his presentation or correctly attribute it to him as the author. Prof. Wright defends his actions by saying the original credit wasn't clear when he found the materials and the materials were shared on an open-source site, so he has done nothing wrong.

None of the statements are correct.

Paul is a manager at Snowflake Consulting. He has been approached by a development team that has a proposal. A local high school is looking for support for its Technology Club. Employees would take turns hosting weekly after-school Zoom meetings with students, talking about robotics, programming, or other areas of technology, and serving as informal mentors. It would not involve discussing any products currently under development or confidential company information. The team is confident they can do this without reducing their productivity. What is the role of management in this situation?

Paul should encourage the team in their efforts to meet their social responsibility. Paul should help the team avoid minor obstacles that would discourage participation

Randy is doing a late-night search for materials related to his favorite role-playing game. After scrolling through a few pages of search results, he tries a link at random and realizes he's looking at the directory inside a large server system. Furthermore, he finds a subfolder with original art and draft versions of several game supplements that are under development but not yet published. Recognizing what a scoop this is, he starts downloading files so he can post them on his gaming blog. What does the Code say about this sort of unauthorized access?

Randy should only proceed if he's confident the company would be OK with him doing that--which they probably wouldn't. Randy can't assume access is authorized just because it's publicly accessible.

Steve is a team leader in the network security department of a regional bank. In analyzing system logs, a routine part of his job, he finds evidence that several customer accounts were accessed improperly. A full audit indicates there were no transactions, only inquiries of account balances and the date of the last activity. The software problem causing the vulnerability is found and patched. Steve reasons that because no one lost any funds, there's no need to notify the customers. He does inform his superiors at the bank about the breach, of course.

Robust security includes notifying users affected by data breaches. Important systems require ongoing monitoring to ensure they're still secure. Due diligence to protect important information is a responsibility of any computing professional, whether they're specifically working in security or not. The Code recognizes that security must be robust, but must also be usable, and should not be overly complex.

Section 1.1

Section 1.1 states that when the needs of multiple groups conflict, the needs of the less advantaged should receive increased attention and priority. Section 1.1 states that computing professionals have a responsibility to consider whether the results of their efforts will be used in a socially responsible way.

Snowflake Consulting is negotiating a computing-services contract with the government of Elbonia, a small developing country just emerging from civil war. The company has been informed that the Elbonian Prime Minister would "look much more favorably" on Snowflake's proposal if the company made a large donation to the Elbonian Orphans' Relief Fund, which just happens to be run by the Prime Minister's wife. Snowflake's CEO remarked that the "contribution" would most likely fund the Prime Minister's wife's next shopping trip to London; that is, that this is a bribe.

Section 1.3 of the code specifically forbids paying bribes.

Section 1.3

Section 1.3 states that a computing professional must be honest about their own qualifications and limitations. Section 1.3 states that claims that are misleading (even if technically true) are still a violation of the code if done deliberately.

Snowflake Consulting uses an internal message board for project updates, useful tips, and various in-house communication, including a more informal "Snowflake Pub" section for humor and informal chat. Over time, a "locker room" atmosphere has developed in the "Pub" section. Two of the company's newest employees have posted in the section that while they understand the need to unwind, some of the humor posted has been crude, and some of it has been quite derogatory toward certain groups, to the point that they have stopped looking in that section at all and reduced their use of the message board in general. Several of the older employees have responded angrily about "no sense of humor" or that "If you don't like it, don't look at it, problem solved."

Section 1.4 discusses limiting access to virtual spaces where interaction takes place. The company has a positive obligation to avoid creating a system that marginalizes people. Practices as well as technologies should be as inclusive as possible.

Section 1.6

Section 1.6, "Respect Privacy," states that merging data sources can damage privacy, as merging data sources together may compromise privacy protections in the original collections. Section 1.6 specifically notes the risk of re-identifying anonymized data. Section 1.6 states that personal information gathered for one purpose should not be used for another purpose without the person's consent.

Section 1.7

Section 1.7 states that confidentiality should be respected except where it evidence of violation of the law, in which case it should be reported to law enforcement. Section 1.7 requires careful consideration whether disclosing confidential information is consistent with the code, even in cases where it appears a crime may have been committed. Section 1.7 states that confidential information should remain confidential except in a few specific cases.

Section 2.3

Section 2.3 says that if a company rule appears unethical, the professional should consider challenging the rule through existing channels before breaking it. Section 2.3 says that professionals who take it upon themselves to violate a rule must also accept responsibility for doing so.

Section 2.5

Section 2.5 emphasizes the need to carefully evaluate the risks of machine learning systems. Section 2.5 requires the professional to be as thorough and objective as possible when evaluating and reporting on a system. Section 2.5 requires that any issues that might result in major risk must be reported.

Section 2.6

Section 2.6 places responsibility for evaluating work assignments with the professional, not their employer. Section 2.6 implies one must be aware of one's own areas of competence--and their limits.

Section 2.9

Section 2.9 says that security needs can change, and thus should be frequently re-assessed, even after a system is deployed. Section 2.9 says that if misuse or harm are predictable or unavoidable, the best option may be not to go ahead with the system.

Yusuf is a newly-promoted HR manager at a large software company. One morning he shares an elevator with a newly-hired developer, who he finds attractive. He considers asking her out, but does not want to give offense if she is married. He thus returns to his office and accesses her personnel record, finding that she is single. He decides to invite her out to dinner the next time he sees her.

Statements 1 and 3 are correct.

As part of a research project, Prof. Chang has been given access to records of 10 million cell phone calls, including the subscriber's phone number and account number. He decides to produce a subset--about 50,000 calls--and replace the phone numbers with random strings. He then posts the smaller data set on the Canvas site of his undergraduate course for use in the final programming project of the semester.

The Code requires professionals to respect confidentiality except in certain specific situations. Even apparently harmless data can 'leak' personal information.

After many versions and years of a declining user base, BitMangler is finally retiring its oldest product, Online Americans Online In America. Management has decided the last few hundred users will be notified in an email sent out October 15, thanking them for their loyalty, and the service shut down for good November 1. What does the Code say about retiring old computer systems?

Users should be given ample notice before systems are retired. In addition to giving ample notice, BitMangler should provide information about other alternatives that might exist

Yusuf is a newly-promoted HR manager at a large software company. One morning he shares an elevator with a newly-hired developer, who he finds attractive. He considers asking her out, but does not want to give offense if she is married. He thus returns to his office and accesses her personnel record, finding that she is single. He decides to invite her out to dinner the next time he sees her.

Yusuf probably violated the developer's privacy under the code. It is possible that the developer's privacy was violated, even if she never finds out about the violation.


Kaugnay na mga set ng pag-aaral

Chapter 5: FL Statutes, Rules, and Regulations

View Set

NUR 202 Test 3 - Immune, Endocrine, Trauma

View Set

Configuration Management & JSON Encoded Data

View Set

3.2: Given a Scenario, Implement Host or Application Security Solutions

View Set

Ch 14: Nursing Management During Labor and Birth

View Set

REAL 4100: Real Estate Finance & Investment Analysis

View Set

CEH CH 10: Cryptographic Attacks and Defenses

View Set