Cambridge Analytica Ltd. evidenced that the human mind and its behavior can be studied.

Cambridge Analytica Ltd. evidenced that the human mind and its behavior can be studied, understood and directed through the use of technology, in particular the internet and social networks, thus altering a country’s democracy at will (Boldyreva, Grishina, & Duisembina, 2018).

Although today, Cambridge Analytica Ltd. is under legal proceedings and investigation by the UK authorities, its development team is already working at the firm Auspex International Ltd. (BBC, 2018), triggering the obligatory question of whether history could repeat itself again.

And although as digital consumers we begin to be more cautious about how we use our online footprint, our privacy, the content we share and the applications to which we grant consent to access our data, there is still an unmeasurable gap on how many of the 53.6% of humanity that has access to the internet (International Telecommunication Union, 2019) has the knowledge and ability to consume digital content responsibly, integrating habits such as:

1. Verification of information sources.

2. Reading of Terms and Conditions.

3. Online reputation assessment of individuals and/or organizations.

4. The responsibility of the IT professional

This text addresses the responsibility of software engineers and developers from the perspective of compliance and ethics, from the process of gathering information and needs for a system design, the analysis of results, to the critical questions about the purpose and use of the software.

Building fair societies, in respect of democracy, requires that all players involved adhere to the same rules. Technology innovation, such as the development of big data, machine learning and artificial intelligence cannot be the exception.

Auspex International Ltd. on its website has integrated a code of ethics that looks into its past and seeks to build a new reputation about the experimental mass manipulation technology, which has been used according to news reports for the deterrence of radical terrorist groups (Netflix, 2019).

The five principles are:

1. We only work for governments, political candidates and legitimate organizations.

2. We focus our efforts on projects that aim to generate positive social change.

3. We comply with all local laws and regulations related to the campaign, including privacy and data protection, election law, anti-corruption measures and the legitimate use of campaign techniques.

4. We actively resist any unethical activity designed to undermine the electoral process, mislead the electorate, or restrict open and honest political discourse.

5. We oppose the dissemination of fake news and unattributed content.

–Auspex International Ltd., 2020

Software developers, data scientists, and other IT professionals cannot claim ignorance of these ethical, legal, regulatory and compliance principles, far from being part of a legal technicality, they are a core part of the preparation of any professional in this industry.

In his book Software Engineering, Ian Sommerville (Sommerville, 2011), before beginning with general principles about software processes, invokes the importance and critical role of ethics in the IT profession to encourage trust in the industry.

These ethical principles are contained in the Code of Ethics and Professional Conduct of the Association for Computing Machinery (Association for Computing Machinery, 2020).

Under the General Ethical Principles section, point 1.1., it establishes the obligation to Contribute to society and human welfare, recognizing that all people are stakeholders in Informatics, where I quote verbatim for its relevance.

“[…]. This obligation implies the promotion of fundamental human rights and the protection of each individual’s right to autonomy. An essential goal of informatics professionals is to minimize the negative consequences of informatics, such as threats to health, safety, personal security, and privacy. When the interests of multiple groups conflict, the needs of the disadvantaged must be prioritized and receive greater attention.

Computing professionals should evaluate whether the results of their efforts will respect diversity, whether they will be used in a socially responsible manner, meeting societal needs, and whether they will be widely accessible. They are encouraged to actively contribute to society through volunteer and altruistic work that benefits the public good. […].”

Ethics and compliance

I have discussed science and technology in the field of Informatics in light of new developments and innovations that, although some were conceived to promote positive changes in our society, such as financial inclusion, others, being highly resistant to censorship due to their global and digital nature, allow access to players who violate the security of a state by facilitating the financing of terrorism, or the stratification of resources for money laundering (Satoshi Nakamoto, 2008).

This does not mean that both phenomena or financial crimes are new, as they have intrinsically coexisted with traditional (fiat) payment methods, however, I do allude to the characteristics that bring new questions – and challenges – for ethics and compliance professionals, regulators, governments and international bodies.


Thus, and as a conclusion, in the path of IT, not all the responsibility is attributable to the organization through the Criminal Liability of Legal Entities (Jones Day, 2015), but the professional in software development or technological solutions is also professionally and ethically obliged to report malpractice, either through internal reporting channels, or as a last resort, with the competent authorities through the figure of whistleblowing.

In turn, the IT professional has the will to decide which causes to support, which are in line with his or her principles and values, and with the public good (Association for Computing Machinery, 2020).

The trust and credibility of the IT industry, as well as of existing and future technological developments, depends on the ethics and compliance we exercise from project conception to implementation and monitoring.


Elena L. Boldyreva, Natalia Y. Grishina, Yekaterina Duisembina (2018). Cambridge Analytica: Ethics and Online Manipulation with Decision-Making Process. The European Proceedings of Social & Behavioural Sciences.

BBC. (2018, July 12). Cambridge Analytica staff set up new firm.

International Telecommunication Union (2019). Statistics.

Netflix. (2019). The great hack.

Ian Sommerville. (2011). Ingeniería de Software. Addison-Wesley.

Satoshi Nakamoto. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System.

Jones Day. (2015). La Responsabilidad Penal de Personas Morales en México en el Marco del Gobierno Corporativo de las Empresas.