copyright notice
link to the published version: IEEE Computer, December, 2015

accesses since November 6, 2015

What Price Gonzo Ethics

Hal Berghel

The American Psychology Association (APA) is currently taking a lot of abuse for what appears to be egregious violations of professional ethics. Perhaps this is a good time for all professional societies to look again at their Codes of Ethics.

On April 20, 2015 James Risen published a revealing article on the relationship between the American Psychology Association and those involved in the torture of post 9/11 prisoners. This created a tsunami of bad publicity for the APA. This story relates to all professionals, not just psychologists.


The principle of non-maleficence has been a cornerstone of health-care ethics since Hippocrates. Specifically, non-maleficence appears in Principle A of the APA Code of Ethics [APA CODE]. A recent report commissioned by the APA (known as the Hoffman Report [HOFF]), show this principle was subverted for the benefit of the Bush/Cheney administration's torture program together with the psychologists who sought government support and largess therefrom. The Hoffman Report also demonstrates how corrosive the Bush/Cheney administration was on the moral fabric of the nation. It is reminiscent of Projects ARTICHOKE, MKDELTA, MKUltra, 112 and the KUBARK interrogation techniques - with a good measure of COINTELPRO and Spanish Inquisition thrown in for effect. Incidentally, for a good history of the CIA dark programs, see David Talbot's recent book, The Devil's Chessboard.

The first attempt to establish rules governing the treatment of detainees following 9/11 was set forth by two lawyers in John Ashcroft's Department of Justice on November 30, 2001 ( ). In this memorandum, John Yoo and Robert Delahunty articulated the position that the International Court of Justice's interpretation of the Geneva Convention's is too expansive, and that the mere accusation by the Bush administration that an individual is a terrorist automatically precludes qualification for “elementary considerations of humanity” referenced under common Article 3 of the Geneva Conventions. Yoo and Delahunty argued that neither the framers of Article 3 - nor those of the U.S. Constitution - anticipated the circumstances after 9/11, and hence these restraints could not possibly apply to Al Qaeda and Taliban detainees. This is also the memo that set forth a president's unlimited authorities as Commander in Chief with respect to military commissions. As it turned out there were many “torture memos” issued by the Bush administration to give legal cover to those involved.

At the time, the CIA and DoD were already using “Counter Resistance Strategies” (a euphemism for torture – see ) - that was reverse-engineered from the Navy SERE training manual [RISEN], which was in turn indebted to Nazi Gestapo techniques dating back to the 1930s and 1940s ( ). It should be noted that the Gestapo initially prohibited the hypothermia and water boarding that became so popular at Gitmo and CIA black sites. As a matter of fact, the term “enhanced interrogation” was actually borrowed without attribution from the German “ verschärfte vernehmung .” The Gestapo was also more explicit regarding potential victims: “…the sharpened interrogation may be applied only against Communists, Marxists, members of the Bible-researcher sect, saboteurs, terrorists, members of the resistance movement, parachute agents, asocial persons, Polish or Soviet persons who refuse to work, or idlers.” (op cit)

All went well until 2004, when leaks of the torture program produced public blowback. Administration officials found inadequate protective cover from the still-secret memos. They had to couch their responses in humanistic terms to reassure the world and the alarmed public that war crimes were not involved. In the words of President Bush: “The United States does not torture. It's against our laws and it's against our values. I have not authorized it and I will not authorize it. “ ( ). The solution was to attract compliant (read: unquestioning) oversight from credible sources outside the administration and to leverage that faux oversight into a cover story: the APA says that what we do is not torture, and we stand by their opinion.

In 2005 the President of the APA formed a task force dominated by those either in or connected with the military and intelligence communities to take a position on how psychologists could be of help to the administration. The result was the now-famous PENS report [PENS] that reversed the previous APA prohibition against torture and other cruel, inhuman, or degrading treatment or punishment. PENS set new standards: it was now acceptable to participate in activities that violated the APA's Code of Ethics exactly when such activities were consistent with the law of the governing legal authority. The torture memos provided the required legal framework and requisite cover for the perpetrators. To ensure that this fine point didn't gain legs prematurely, disclosure to the APA membership and note taking on the part of the participants was strictly forbidden ( ).

However, one invited participant, Jean Maria Arrigo, was so aghast at the administrations creative new uses for psychologists in the torture program that she sent the report, related email communications, and personal notes to both the Senate Armed Services Committee ( ) and to journalist Katherine Eban ( ). Independently, an internal military report by U.S. Navy General Counsel (GC) Alberto Mora - who protested the new torture policy to Defense Department General Counsel William Haynes, II - was reported by journalist Jane Mayer in the New Yorker ( ) and Mark Benjamin in ( ). This set the stage for a stink of epic proportions within the APA.

In reaction, the Coalition for an Ethical Psychology ( ) worked within the APA to undo the policy changes. In 2014 James Risen brought additional visibility to the issue. At this point the APA leadership was pressured into action. They commissioned the Hoffman study that ultimately led to the unprecedented resignation of several APA executives in 2015, and a resolution passed by the executive council of the APA that bars members from participating in military interrogation. Oh, what a tangled web the APA wove ( ; )!

The initial response of the APA was to engage in the “deception four-step” -(ignore, deny, ridicule, condemn. Jean Maria Arrigo was the first victim ( ) soon to be followed by Risen ( ). But after the Hoffman Report, the tables were turned ( ). I would be remiss if I failed to mention that the most sustained coverage of this entire affair was provided by DemocracyNow.

Of course, even if the Bush/Cheney torture program hadn't been legitimized and if a participant were arrested by the International Criminal Court for war crimes, the U.S. could always have fallen back on the Hague Invasion Act and attacked Holland ( ). One has to have backup plans.


The APA scandal is a noteworthy example of how Codes of Ethics may be easily subverted if the parent organization can be made compliant to the will of the authoritarian elite. But in this case it eventually backfired as the Hoffman report provided sufficient embarrassment to incentivize the APA to clean house. But it shouldn't have gone that far. Many psychologists knew what was going on but for whatever reasons refused to speak out. Others spoke out and were silenced. The Hoffman report shows what happens when a group intimidates iconoclasts into silence. Perhaps it's time for professionals to investigate whether their societies have been so compromised.

So before we cast stones at our APA sisters, perhaps we should look at our own Codes of Ethics and see how well we are doing. We have many to pick from. The IEEE has one ( ), as do the Software Engineers ( ), and as does the ACM ( ). I'll focus on the ACM Code because that's the one with which I'm most familiar.

The current ACM Code of Ethics (1992) consists of 24 imperatives organized in four sections. For present purposes, I'll limit discussion to section 1: General Moral Imperatives. We begin with subsection 1.2, Avoid Harm to Others:

“"Harm" means injury or negative consequences, such as undesirable loss of information, loss of property, property damage, or unwanted environmental impacts. This principle prohibits use of computing technology in ways that result in harm to any of the following: users, the general public, employees, employers …. it is often necessary to assess the social consequences of systems to project the likelihood of any serious harm to others. If system features are misrepresented to users, coworkers, or supervisors, the individual computing professional is responsible for any resulting injury …. the computing professional has the additional obligation to report any signs of system dangers that might result in serious personal or social damage. If one's superiors do not act to curtail or mitigate such dangers, it may be necessary to "blow the whistle" to help correct the problem or reduce the risk.”

While this section rings true to me, in the current surveillance state abiding by it could could get a computer professional prosecuted under the Espionage Act. The familiar 3-letter intelligence agencies obviously won't warm up to sub Section 1.2 of the ACM Code of Ethics any time soon! It is well documented by Edward Snowden and others that the NSA systems were frequently misrepresented to both users and coworkers, not to mention Congress. But, and here's the rub, this misrepresentation was not just for national security purposes but also to conceal illegality – specifically, violations of the middle part of the Bill of Rights. Note that under subsection 1.2 the computing professional has the additional obligation to report anything that might result in serious personal or social damage perhaps even if it requires “blowing the whistle.” In fact that was what NSA Communications Intelligence Director William Binney, NSA Executive Thomas Drake, and senior analyst J. Kirk Wiebe did, and for that they were prosecuted under the Espionage Act. ( ). In addition to the scores of scholarly books on this subject, PBS made a documentary on the subject (The United States of Secrets, PBS Frontline, December 13, 2013). Incidentally, Tragedy & Hope has an excellent interview with William Binney on this topic at for those interested.

I call attention to the parallel here with the torture program. These NSA whistleblowers were the counterparts to Alberto Mora within the NSA. Like Mora, they worked within the system and reported wrongdoing to their superiors. And like Mora, they were informed that the Bush administration had approved the programs that they believed were unconstitutional, that their opinions were unwanted, and that their careers would benefit from silence.

So how does this scenario fit within section 1.2? The behavior of the intelligence agencies seem to be at odds with the spirit of the ACM Code. Should the code be modified? This is where things get dicey. In order to reconcile the ACM Code with the behavior of the three letter agencies it would appear that we would have to add weasel wording to the effect that code violations are acceptable whenever “such activities were consistent with the law of the governing legal authority” as the APA did. But that's what produced the APA problems to begin with. Do we really want to do that?


SubSection 1.3 holds that “The honest computing professional will not make deliberately false or deceptive claims about a system or system design…” How does that section fare with the NSAs aggressive use of zero-day exploits against non-military targets (see my Farewell to Air Gaps, Part 2, Computer, July, 2015 pp. 59-63). Virtually every representation that the NSA leadership made about the bulk metadata collection program violates this section. If we're to use a national security exemption here as well, we need to be mindful of potential moral hazards resulting therefrom lest we exempt all responsible resistance to corrupted systems under this ill-defined and undocumented banner. Let's be very clear about this: recent experience has shown that administrations claim national security privilege

for virtually everything done in their name that might prove embarrassing or expose illegality. If codes of ethics are to comply with any and all claims of national security protection, under the current climate that would amount to near-total censorship reminiscent of past totalitarian regimes. So some refinement is called for, most especially when employment mandates are inconsistent with constitutional guarantees. And if exemptions be tolerated, just how far down in the ORG chart does this exemption flow and in what directions?

The principles of moral responsibility and autonomy in decision making have historically been undercut by non-disclosure agreements, security clearances, and draconian employment contracts - which are nearly ubiquitous in todays' technology sector. Matters are much worse in the U.S. due to the additional encumbrance of the common law “employment at will” doctrine on employees-of-conscience. We should also note that covenants of good faith and fair dealing have little or no effect on security, investigative and intelligence communities where employee access to courts, records, and ultimately justice, is curtailed. The ACM Code of Ethics probably did not anticipate a world in which sovereign states could be in a permanent state of digital aggression against its citizens. It is worthwhile asking the question of where the balance is between our responsibilities under NDAs, oaths, clearances, etc. on the one hand, and our moral responsibilities on the other. This is not unlike the issue that the APA faced. The PENS report specifically stated that government authority trumped ethical considerations when it comes to torture programs. Should computing professionals allow NDAs and loyalty oaths trump Constitutional guarantees? Or should our commitment be more categorical? I don't know but I think we should have this discussion.

Finally, we deal with SubSection 1.7 that deals with respecting the privacy of others. I think you see where this is headed? “It is the responsibility of professionals to maintain the privacy and integrity of data describing individuals.... Furthermore, procedures must be established to allow individuals to review their records and correct inaccuracies.” The question of how this fits in with FBI Carnivore ( ) and Magic Lantern ( ) programs and the NSA's bulk metadata collection program naturally suggests itself.


I don't have any answers, but the APA controversy convinces me that this is a good time for professionals to revisit their Codes of Ethics. A brief review of recent history of our enterprise shows this.

Data self-determination came under threat with the Internet as a variety of interests sought to capitalize on their convenient access to information. For the past few decades data protection has typically been associated with object-level data. But the Snowden revelations confirm that threats also apply to meta-data issues, location independence, resistance to sensor networks, and a cornucopia of malware that compromise data integrity, personally identifiable information, individual privacy, and so forth.

Given the complexity of today's internetworked computing infrastructure this must necessarily be shared responsibilities: between those who commission the activity, those who produce the computational artifacts, and those who deploy it. At each stage the question of legality and morality, especially in terms of potential negative externalities, must be addressed [BERG]. Both “dissipation of responsibility” and “diffusion of responsibility” are relevant to this issue[HILTY].

Any code of ethics must include discussion of open government in this context: no government can be open, nor may its decision making become transparent, when virtually everything is classified and security clearances block any semblance of legitimate oversight. “Free and open” government means nothing when all potential embarrassments and human rights abuses are on the other side of a draconian firewall. It would appear that we're at a decision point: either change our Code or change our government's policies.


We conclude with an example of how convoluted moral positions become when forced through ideological funnels. Joel Brenner was the NSA's Inspector General and head of counterintelligence during the George W. Bush Administration. In a recent article [BRENNER], Joel Brenner argues that the oaths that employees give to government agencies like the CIA, FBI, NSA, etc should trump any oath that they may be required to give to Congress. He specifically used the example of former CIA Director Richard Helms lying to Congress about CIA involvement in the overthrow of the legitimate government of elected President Salvador Allende in Chile in 1973. He likened Helms' case to that of James Clapper when in 2014 he lied to Congress about whether the NSA collects “any type of data at all on millions or hundreds of millions of Americans.” Clapper, unlike Helms, was not testifying under oath, so no constitutional issue is violated in his case. However, his deceit still could have been prosecutable under the laws of false-statements, false declarations, obstruction of justice, etc. even if perjury was not involved. The gist of Brenner's claim is that both Helms and Clapper were “honor bound” to lie to Congress because their oath to their agency is of a higher order. This line of argument, no matter how offensive it is, must be taken seriously because of its prevalence among the controlling elite. Of course there is only one oath recognized in the Constitution, and that is to the Constitution and the nation. Any argument that the Constitution is trumped by an agreement you make with your employer is ungrounded in the law, self-serving, and indefensible.

Furthermore, the Constitution makes an allowance for such matters in the Fifth Amendment. Both Helms and Clapper could have responded in any of the following ways:

Any of these responses would have prevented the witnesses from lying to Congress. Brenner claims that to have done so would have strained the credibility of lying witnesses.

I bring up this issue to illustrate that not only do Codes of Ethics and oaths sometimes work at cross purposes, but so do oaths, rules, NDAs, security clearances, etc. within themselves. If a whistleblower clause in a code is to have any meaning at all, it must work within and help define the limitations of hiding behind legal covers by appeal to oaths, NDAs and the like. If we are to deny this fundamental equipotence, we might just as well strike the clause and include lying under oath in job descriptions.

For further information:

Significant scholarly concern about ethics in computing began in the middle of the last century. In 1966 IFIP supported a comparative analysis of thirty codes of ethics and conduct relevant to the information technology professions ( ). In 1992, Ronald Anderson conducted a similar study [ANDER]. IEEE has a Symposium on Ethics in Engineering, Science and Technology ( ) that includes tracks on the ethics of whistleblowing, regulation, and the role of ethics in computing societies. And the ACM has had a Special Interest Group on Computers and Societies for many years ( ). IFIP also features ethics in its Human Choice and Computers (HCC) conferences since 1974 ( )


[ANDER] Anderson, Ronald E., Social Impacts of Computing: Codes of Professional Ethics, Social Science Computer Review 10:4, Duke University Press, 1992, pp. 453-369.

[APA CODE] Ethical Principles of Psychologists and Code of C onduct, American Psychological Association, effective June 1, 2010 ( ).

[BERG] Berghel, H. Technology Abuse and the Velocity of Innovation, Cutter IT Journal, v.28, no.7, 2015. pp. 12-17.

[BRENNER] Brenner, Joel, Clapper and Wyden: Scenes from a Sandbagging, The New Republic (online), July 2, 2013 - .

[HILTY] Hilty, Lorenz M., Ethical Issues in Ubiquitous Computing – Three Technology Assessment Studies Revisited, in K. Kinder-Kurlanda and C. Nihan (eds.) Ubiquitous Computing in the Workplace, Advances in Intelligent Systems and Computing 333, Springer, 2015.

[HOFF] Hoffman, David, et al, Report to the Special Committee of the Board of Directors of the American Psychological Association, July 2, 2015 ( ).

[PENS] Report of the American Psychological Association Presidential Task Force on Psychological Ethics and National Security, June, 2005, .

[RISEN] Pay any Price: Greed, Power and Endless War, Houghton Mifflin Harcourt, 2014.]

[TALBO] Talbot, David, The Devil's Chessboard: Allen Dulles, the CIA and the Rise of America's Secret Government, Harper, 2015.