Cars are regulated for safety – why not information technology?
There is a massive rush to hire chief ethics officers, retool codes of professional ethics and teach ethics to students. But as a scholar of computing – and a teacher of a course on computing, ethics and society at Rice University – I am skeptical of the assumptions that what ails technology is a lack of ethics, and that the best fix is to teach technologists about ethics.
Consider, for instance, the Ford Model T, the first mass-produced and mass-consumed automobile. Its debut in 1908 launched the automobile age, a time of great mobility – and widespread death. Car crashes kill more than a million people worldwide each year – but the fatality rate per mile driven has been dropping almost since the first Model T rolled off the assembly line.
The reason for that improving safety record is not that people learning to drive studied the ethics of responsible and safe driving. Rather, they were taught, and tested on, the rules of the road, in order to obtain a driving license. Other regulations improved how roads were built, required car makers to adopt new safety features, mandated accident insurance, and outlawed drunk driving and other unsafe behaviors. I believe a similar approach – regulation, in addition to ethics education for technologists, as well as market competition – is needed today to make modern technology safe for society as a whole.
Flaws in the basic business model
In the 1980s, internet pioneers adopted a philosophy that "information wants to be free" – so website owners didn't charge readers for access to the content. Instead, internet companies used advertising to support their efforts. That led them to collect personal data on their users and offer micro-targeted advertising to make money, which social scientist Shoshana Zuboff calls "surveillance capitalism."
This business model is enormously profitable, so it's unlikely internet companies will abandon it on their own as a result of ethical qualms. Even in the face of blistering critiques and Facebook's Cambridge Analytica scandal, the massive profits are compelling.
The real problem with surveillance capitalism is not that it is unethical – which I believe it is – but that it is completely legal in most countries. It is unreasonable to expect for-profit corporations to avoid profitable businesses that are legal. In my view, it is not enough to simply criticize internet companies' ethics. If society finds the surveillance business model offensive, then the remedy is not an ethical outrage, but making laws and regulations that govern it, or even prevent it altogether.
Of course, public policy cannot be divorced from ethics. Selling human organs is banned in the U.S. in part because society finds it ethically repugnant to profit from life itself. But the ban is enforced by laws, not by an ongoing ethics debate. As Chief Justice Earl Warren remarked: "In civilized life, law floats in a sea of ethics."
Regulation has benefits
For decades, the information-technology industry has successfully lobbied against attempts to legislate or regulate it, arguing that "regulation stifles innovation." Of course, that assumes all innovation is good. It has become evidently clear that this is not always the case: Some of the internet giants' innovation has harmed democratic society in the U.S. and around the world.
In fact, one purpose of regulation is to chill certain kinds of innovation – specifically, those that the public finds wrong, distasteful or unhelpful to the advancement of society. Regulation can also encourage innovation in ways society deems beneficial. There is no question that regulations on the automobile industry encouraged innovation in safety and fuel efficiency.
Some members of Congress have proposed a number of ambitious plans to tackle information warfare, consumer protection, competition in digital technology and the role of artificial intelligence in society. But much simpler – and more widely supported – rules could make a huge difference for individual customers and society as a whole.
For instance, federal regulators could require software terms and licenses include plain language that's easily understood by anyone – perhaps modeled on the longstanding "plain English rule" for corporate financial filings to the U.S. Securities and Exchange Commission. Laws or rules could also require companies to disclose data breaches quickly, both to officials and the public at large. That might even spark innovation as firms increase their efforts to prevent and detect network intrusions and data theft. Another relatively easy opportunity would be to regulate automated judicial decision systems, including requiring that they not be deployed before passing an independent audit showing that they are fair and unbiased.
Those straightforward regulations could pave the way for thinking and talking about whether and how to regulate the sizes of these big technology firms. But rule-making need not start with the hardest problems – there's plenty to do that most people would agree on right away.
The bottom line is that technology advances have been moving very fast, while public policy has lagged behind. It is time for public policy to catch up with technology. If technology is driving the future, society should do the steering.