AI and Software Engineering Ethics: Bias, Safety, and Compliance

AI and Software Engineering Ethics Q&A

1. Question 1

   Question: A company developing AI-powered hiring software finds the system disproportionately rejects female candidates due to biased training data. What is the most ethically responsible action?
   Answer: ✅ Rework the training data to remove bias and improve fairness.

2. Question 2

   Question: A company releases a self-driving car algorithm that was not fully tested, leading to accidents. According to the ACM/IEEE Code of Ethics, what should have been done?
   Answer: ✅ The software should have been rigorously tested to ensure safety before release.

3. Question 3

   Question: A software developer finds a way to bypass a licensing restriction, allowing users to access premium features for free. The company decides to exploit this flaw to increase market share. What ethical issue does this raise?
   Answer: ✅ Violation of intellectual property laws and deceptive business practices.

4. Question 4

   Question: In software engineering ethics, which option best describes the principle of competence?
   Answer: ✅ Ensuring that you do not misrepresent your level of expertise and only accept work within your competence.

5. Question 5

   Question: A blockchain-based financial system allows anonymity, but the government requires identity verification to prevent fraud and money laundering. What ethical dilemma does this present?
   Answer: ✅ Balancing user privacy with regulatory compliance.

6. Question 6

   Question: What is the role of lifelong learning for software engineers?
   Answer: ✅ It is necessary to maintain professional competence and responsibility.

7. Question 7

   Question: If a software engineer disagrees with management on ethical grounds, they should immediately leak company data to the public.
   Answer: ✅ FALSE.

Question (a): Regulatory Roles and Data Protection

Question (a): Analyze the role of Moroccan, European, or global organizations in regulating software ethics and/or intellectual property. Discuss key aspects impacting software development and/or data protection.

Organizations and laws regulate software ethics and data protection by requiring developers to protect users and handle personal data responsibly. In Morocco, the CNDP (Law 09-08) regulates personal data processing and may require a declaration or authorization before deploying systems; developers must map data flows and implement privacy measures such as minimization and anonymization. In Europe, the GDPR is legally binding with heavy fines and requires privacy by design, meaning consent, transparency, security, and user rights (access/deletion) must be built into the system. These rules add compliance work and constraints but increase trust, security, and accountability.

• Key aspects impacting development: data mapping, consent management, anonymization, and security controls.
• Regulatory outcomes: increased development overhead, higher user trust, and legal accountability.

Question (b): Conflicts Between Safety, Cost, and Deadlines

Question (b): Provide a real-world example of an ethical dilemma where safety, cost, or deadlines conflict. Explain how engineers balance ethics with business pressure, what you would do, and how you would communicate concerns.

An ethical dilemma occurs when a serious safety or privacy bug is found near a deadline and management pushes to release to save time or money. The ethical response is to prioritize public safety and users: delay or stop the release, document the risk, and propose fixes or a safer limited release. If pressure continues, escalate to higher management or compliance/ethics channels and refuse to approve unsafe deployment. Communicate clearly with evidence (tests, impact, worst-case harm) and focus on user harm, legal risk, and company reputation while offering practical solutions.

• Practical steps engineers should take:
  1. Document the issue, tests, and potential impacts.
  2. Propose mitigations or a phased/safe release plan.
  3. Escalate to compliance, legal, or executive leadership if necessary.
  4. Refuse to sign off on deployments that pose unacceptable risk.
• Communication tips: present clear evidence, quantify user harm, explain legal and reputational risks, and offer actionable alternatives.