🦿
Digital Ethics for Tech Professionals
  • Introduction
  • Part 1: Ethical Decision-Making
    • What’s at Stake
    • Defining Terminology
    • Causes of Ethical Failures
    • Ethical Decision-Making
    • Ethical Reasons
    • Identifying Ethical Risks
    • Selecting Options for Action
    • Pitfalls in Ethical Decision-Making
  • Part 2: Building Ethical Organisations
    • Organizational Culture
    • Organizational Purpose
    • Ethics Awareness
    • Organizational Design
    • Stakeholder Engagement
    • Ethical Leadership
  • Part 3: Knowledge Bank for the Identification and Mitigation of Risk
    • Security Risks
    • Privacy Risks
    • Fairness and Bias Risks
    • Transparency and Explainability Risks
    • Accountability Risks
Powered by GitBook
On this page
  • Policy and Compliance
  • What are Policy and Compliance?
  • Policy Tools for Emerging Technologies
  • Compliance, Enforcement and Contestation
  • Metrics and Monitoring
  • What Gets Measured Gets Done
  • From Metrics to Monitoring
  • Measuring Organizational Culture
  • Monitoring the Use of Foresight Tools
  • Monitoring the Impact on Society
  1. Part 2: Building Ethical Organisations

Organizational Design

The formal design of an organization includes various systems, such as bylaws and policies, as well as monitoring, communications, and feedback mechanisms. These systems play a significant role in determining how an organization recognizes and responds to ethical questions. Having good systems can support ethical decision-making.

Policy and Compliance

A large facet of organizational design deals with the scaffolding that holds the organization "in place." In many instances, this scaffolding is composed of a series of policies and compliance guidelines.

What are Policy and Compliance?

In an organization, policy can refer to:

  • The rules imposed by external authorities. Organizations and the people within them must choose how to interpret regulations, which regulations to contest, and which new regulations to advocate. These questions become especially important in the area of emerging technologies, where the regulatory environment is still developing.

  • The internal legal design of the organization. Organizations must also decide on an internal legal structure that establishes functions, roles, and responsibilities; even organizations that are long-established must continually assess these features to ensure they continue to respond appropriately to current conditions.

  • Rules governing conduct within that structure. Additionally, specific policies can be used to address particular ethical questions that pertain to emerging technologies. These include many items covered in this course, such as data privacy and security policies, fairness and non- discrimination policies, and policies covering algorithmic audits and impact assessments.

Compliance refers to the process of enforcing and abiding by policies. Many organizations have a compliance unit that monitors the organization’s fidelity to external laws and standards. But in the more general sense, aspects of compliance concern everyone in an organization, as everyone is obligated to follow the rules that apply to them.

Policy Tools for Emerging Technologies

Organizations that deal with emerging technology increasingly make use of several policy tools, including:

  • Codes of conduct: These establish behavioral expectations for employees generally or employees occupying certain roles. Many people who work in emerging technology are already bound by professional codes of ethics established by membership bodies such as the Association for Computing Machinery (ACM). Organizational codes of conduct can help to fill gaps left by formal rules, especially in situations where conditions are highly variable or sensitive to individual judgment. But they should not be (as they often are) a substitute for thoughtfully-designed systems and procedures.

  • Ethical sales and use policies: Sales policies establish to whom an organization will and will not sell its products. For instance, it might determine that a product is only fit to be sold to military entities and not to individuals or that a product should not be sold to organizations with poor compliance records or questionable intentions. Similarly, acceptable use policies, such as Salesforce’s Acceptable Use Policy, establish how technology products may be permissibly used. Such policies are especially relevant in cases where the product is an ongoing service that the vendor can continue to monitor. Despite their importance, ethical sales and use policies can also be controversial. In some cases, restricting sales of a product from certain entities can be objectionably discriminatory (or perceived as such), and restricting how customers use a product can be objectionably paternalistic (or perceived as such). Ensuring that these policies are successful requires carefully weighing the different interests involved and ensuring that the terms can be justified to all affected.

  • Ethics review boards: An ethics review board is a standing body that adjudicates sensitive ethical issues, such as research on human subjects or products with risks of harm. Their advice can be binding or non-binding. They can be composed of internal organization representatives, external experts, or a combination of the two. How these boards are designed and staffed are key to their success. Facebook’s Oversight Board is staffed by external experts and has the power to overrule company executives on content moderation positions. Though it has only recently begun operating, it is widely regarded as a more promising model than Google’s AI ethics board (Advanced Technology External Advisory Council (ATEAC)), which was dissolved immediately after its launch in 2019 after complaints about the ideological views of certain members.

Compliance, Enforcement and Contestation

Policies can serve their purposes only when people comply with them. It is thus important for organizations to take steps to monitor and ensure that rules are followed. As controversies over law enforcement make plain, however, enforcing policies is a delicate matter, even within organizations. Justice requires that the enforcement of policies be conducted equitably, treating each subject as an equal; it also requires following due processes, which assure various rights to individuals accused of violations.

The flip side of compliance is contestation. Stakeholders may not agree with all of the rules and decisions that they are expected to follow, and providing channels for contesting and revising rules can acknowledge the value of productive disagreement. In some cases, the organization as a whole may be called on to contest external policies that it regards as unconscionable. These decisions should be taken carefully, but they are an integral part of the management of an ethical organization.

Metrics and Monitoring

What Gets Measured Gets Done

Tech companies in particular bank heavily on metrics to steer their organizations. Compared to traditional organizations, tech companies tend to be less hierarchical, and product teams have more freedom to self-organize. Beyond pure tech organizations, this way of managing is widespread even in parts of traditional organizations that develop emerging technologies. The reason is that the majority of the knowledge about execution lies with engineering staff and other individual contributors.

Steering by metrics allows product teams to experiment, rather than follow a plan devised by senior managers who are likely less knowledgeable about an area of technology than they are. To align the efforts of product teams with the goals of the organization, tech companies rely heavily on metrics.

Until relatively recently, product teams at Facebook working on the social media platform were incentivized to increase engagement on the site. The platform used this metric to figure out what features to develop, and how to prioritize them. To incentivize teams through metrics, organizations can, for instance, tie financial rewards to that metric and promote staff that successfully increase the metric. “What gets measured gets done”—a quote often attributed to management consultant Peter Drucker—encapsulates why relying on metrics can be an effective way of steering an organization.

From Metrics to Monitoring

Yet, reliance on metrics has a dark underbelly. We have seen that making ethical decisions is a matter of becoming aware of a range of different considerations and balancing sometimes difficult tradeoffs. Working to maximize a single metric cuts out all of this complexity. A focus on metrics as the sole objective can create a culture of myopia and short-termism. Meeting metrics often does not translate in responsible decision-making. As a result, the organization is unlikely to be successful in the longer term. When metrics become the primary objective, they can also distort the meanings of the work itself. The problem is that metrics are not neutral. No single metric however, well intended, will fully align with responsible decision-making.

This is also what Facebook found: as research has shown, maximizing engagement tends to promote posts that negatively impact people’s wellbeing and drive political polarization.

This does not mean that metrics have no role to play. Rather, it illustrates that organizations should not exclusively rely on metrics to ensure responsible decision making. Processes embedding ethical foresight and nourishing a strong professional ethos are important drivers as well. In particular, there are three ways in which metrics can support building an ethical organization:

  • Measuring organizational culture

  • Monitoring use of foresight tools

  • Monitoring the impact on society

Measuring Organizational Culture

Metrics be helpful in assessing the quality of an organization's culture. Conducting an ethics culture survey is a popular method of assessing an organization's ethical culture. The survey typically consists of questions that ask employees to rate the extent to which their organization practices ethical decision-making, as well as questions to assess root causes of ethical and unethical decision- making.

While good culture surveys can provide nuanced insight into different drivers of ethical and unethical behavior, there are also limitations to a purely quantitative approach. A more comprehensive method of assessing organizational culture is to use a culture audit. A culture audit is an examination of an organization's culture that typically includes an ethical culture survey, but also a review of organizational documents, and interviews with key managers and employees. A culture audit can help to identify areas where the culture needs to be changed to promote better ethical decision-making before ethical issues arise. The culture audit can also help to identify the cause of unethical behavior and help to develop a plan for changing the culture to promote ethical behavior.

Monitoring the Use of Foresight Tools

Metrics can also be useful to ensure that teams go through the right process to surface and address ethical issues. Earlier, a range of ethical foresight tools were introduced. To ensure that these tools get used, organizations can track adoption and use by teams. You may also decide to track metrics like the number of potential ethical issues surfaced during product development, and the proportion that was addressed and mitigated before the product shipped. Reviews of these metrics can be built into regular project reviews, creating a space to talk about potential ethical issues and escalate any issues that the team cannot address by itself.

These discussions can create a culture of shared responsibility for product ethics. They also send a clear message throughout the organization that ethical product development is not a one-time thing. It is a continuous process and a mindset that should be built into the culture of your organization. Process metrics can support establishing this culture, enabling organizations to recognize and respond to ethical issues more effectively. More importantly, you will be able to identify ethical issues early and mitigate them before they become ethical failures.

Monitoring the Impact on Society

Metrics can also be useful to measure the impact of your products on society. This is an important way to check whether you are living up to your social responsibility as a company. There are currently several initiatives underway to measure and benchmark the Environmental, Social, and Governance (ESG) impact of organizations. ESG criteria are standards for organizational operations that socially conscious investors can use to screen potential investments.

For example, the Global Reporting Initiative (GRI) provides a set of guidelines for reporting on ESG activities. In the last few years, many organizations, including companies, governments, and civil society organizations, have started to report their impact using this framework. These publicly available reports provide a good starting point to measure whether your products are having a positive or negative social and environmental impact.

PreviousEthics AwarenessNextStakeholder Engagement

Last updated 2 years ago

LogoSocial network activity and social well-being | Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsACM Conferences
Facebook engagement metric and the risk of negative effects
LogoOne year in, Facebook’s big algorithm change has spurred an angry, Fox News-dominated — and very engaged! — News FeedNieman Lab
Facebook metric of meaningful interaction
LogoGRI - Home