I love animated kid’s movies, especially Pixar films. Not only are the stories and plots well thought out but the sheer force of will takes to create a movie from literally nothing and have it become this vibrant technological wonder is amazing to me. I am constantly in awe of the amount of work and detail animators put into their films. So yes, I love animated kid’s movies, but up until recently, I didn’t have any kids to watch them with. Not that it would deter me but now I feel a little less weird about it.
One of the classics is a movie called “A Bugs Life” where, among other shenanigans, a group of misfit circus bugs together with an ant colony overthrow the tyrannical rule of the evil grasshoppers. It's fun. All throughout the movie one of the subtexts is that the ants don’t know they can throw off their oppressors at any time because they outnumber them by so much — something the ants finally figure out at the climax of the film, and one thing leads to another, resulting in the grasshoppers being driven off. It's not just a great movie, it's a great analogy for software engineers, too.
There has been a disconcerting swell of news coming out about apps, platforms, social media, and whatnot that routinely cross the line of “slightly creepy” to “fully invasive violation of privacy”. Cambridge Analytica, Facebook, Google, Target, you really could pick just about any company out there right now. What all of these companies have in common is that their software that does the data collection was written by software engineers (I mean, supposedly I guess; Facebook really likes PHP so maybe it was written by a team of partially trained chimpanzees). Riding that wave is an aftershock of angry, frustrated, disillusioned tech bloggers crying “when will companies stop doing this” and demanding legislation to make it so, but they’re completely missing the point: The companies that write these invasive applications aren’t nameless faceless voids that give birth to demon-code out of the ether, they’re entities made up of engineers and business managers and salespeople and HR robots and so much more. The applications they produce are made very deliberately, step-by-step, over a long period of time. There is a lot of thought, planning, and care put into these applications, and with them a multitude of opportunities for engineers to voice their concerns. There are daily stand-ups, weekly planning meetings, quarterly planning meetings, status updates, Slack channels, office hours, meet-ups, team fun days, and so many more venues for engineers to collaborate and discuss what they’re actually working on and how it will be used, yet it seems that these channels aren’t being used.
I’m not calling for a revolution — a “rise up and seize the means of production” kind of moment — but I am calling on engineers to speak up. If you have a problem with what you’re working on or are concerned about how it could be applied down the line, then not only do you have a multitude of chances to make that reservation known, you have an obligation to do so. But know that it takes more than one person, it takes all engineers everywhere, speaking up, pushing back, causing friction, for real change to be pushed through. Just like the ants from A Bugs Life, we the many outnumber the few (or the one) and it is our responsibility to use our knowledge for good.
I want to make this really simple. Everyone has heard of the Golden Rule (“treat others how you would want to be treated”, or something to that effect), so I’m proposing the Silver Algorithm. Not quite as fundamental as the Golden Rule, but necessary and [should] produce the same results every time. It goes like this:
Write software as if you were going to use it.
It's really that simple. Imagine for a second you’re building a website, and for whatever need it collects social security numbers for some verification step. Which version of the site would you rather use:
a) The site uses your SSN for verification, then removes it from memory once its use is complete
b) The site uses your SSN for verification, then stores it in a database so that marketing can retrieve it, run credit reports against it, and market products that they think you would enjoy based on your history and demographics
For me, and I would imagine a lot of other people as well, I would choose website A. But all to often we’re letting people get away with deploying website B, and that needs to change That change needs to happen from the inside out, though, because as long as the company is making money they’re not going to listen to public outcry.
With great power comes great responsibility, and the possibility for shenanigans; use your power for good.