TY - GEN
T1 - A review of how whistleblowing is studied in software engineering, and the implications for research and practice
AU - Hunt, Lucy
AU - Ferrario, Maria Angela
PY - 2022/10/17
Y1 - 2022/10/17
N2 - Harmful software has resulted in loss of life, societal and environmental damage alongside economic losses from fines and sales embargoes. When someone perceives their team or organisation is creating or operating harmful software (e.g., defective, vulnerable, malicious or illegal), one way to attempt to change the situation is to “blow the whistle” and disclose the situation internally or externally. Studying harmful situations and the effectiveness of interventions, up to and including whistleblowing, can help identify technical and human successes and failings in software engineering (SE). The aim of this paper is to explore the extent to which whistleblowing is studied in SE with the objective of identifying themes, research approaches, gaps and concerns, and the implications for future SE research and practice. We find that whistleblowing is an under-explored area of SE research, and where research exists, it often takes the view that reporting harm is a matter of individual moral responsibility; we argue this poorly reflects SE collaborative practice where professional responsibilities are distributed across the software development lifecycle. We conclude by 1) recommending approaches that can help a more timely identification and mitigation of harm in SE; 2) suggesting mechanisms for improving the effectiveness and the personal safety of harm-reporting in SE, and 3) reflecting on the role that professional bodies can have in supporting harm reporting, up to and including whistleblowing.
AB - Harmful software has resulted in loss of life, societal and environmental damage alongside economic losses from fines and sales embargoes. When someone perceives their team or organisation is creating or operating harmful software (e.g., defective, vulnerable, malicious or illegal), one way to attempt to change the situation is to “blow the whistle” and disclose the situation internally or externally. Studying harmful situations and the effectiveness of interventions, up to and including whistleblowing, can help identify technical and human successes and failings in software engineering (SE). The aim of this paper is to explore the extent to which whistleblowing is studied in SE with the objective of identifying themes, research approaches, gaps and concerns, and the implications for future SE research and practice. We find that whistleblowing is an under-explored area of SE research, and where research exists, it often takes the view that reporting harm is a matter of individual moral responsibility; we argue this poorly reflects SE collaborative practice where professional responsibilities are distributed across the software development lifecycle. We conclude by 1) recommending approaches that can help a more timely identification and mitigation of harm in SE; 2) suggesting mechanisms for improving the effectiveness and the personal safety of harm-reporting in SE, and 3) reflecting on the role that professional bodies can have in supporting harm reporting, up to and including whistleblowing.
KW - Whistleblowing
KW - Software engineering
KW - Ethics
UR - https://conf.researchr.org/home/icse-2022
U2 - 10.1145/3510458.3513013
DO - 10.1145/3510458.3513013
M3 - Conference contribution
SN - 9781665495950
T3 - Proceedings of the ACM/IEEE 44th International Conference on Software Engineering: Software Engineering in Society
SP - 12
EP - 23
BT - ICSE-SEIS '22: Proceedings of the 2022 ACM/IEEE 44th International Conference on Software Engineering: Software Engineering in Society
PB - Institute of Electrical and Electronics Engineers Inc.
ER -