Ethics in IT — Lecture Companion

Ethics:
The Hard Choices

What do you do when the rule book runs out? When the legal answer is wrong, the popular answer is dangerous, and every option costs something? This lecture walks five ethical frameworks through the characters that make them unforgettable.

Thanos was right about the math. He was wrong about the premise. The lecture is about why those are different things.
CIS — Ethics in IT 50-minute lecture 5 frameworks · 7 characters · 3 dilemmas
Framework 1 of 5 · Utilitarianism
Thanos and the Greatest Good
"The hardest choices require the strongest wills." Thanos is the textbook utilitarian. The lecture isn't whether he's evil — it's whether the math holds.
Case Study
Thanos · The Mad Titan
Marvel Cinematic Universe — Infinity War / Endgame
Utilitarian· Bentham / Mill
Thanos wearing the completed Infinity Gauntlet
Marvel Studios · Avengers: Infinity War (2018) — promotional still

When I'm done, half of humanity will still exist. Perfectly balanced, as all things should be.

Thanos's home planet, Titan, ignored his warnings about overpopulation and resource collapse. The civilization died exactly as he predicted. He generalized the lesson to the universe — half must die so the other half can live.

Utilitarianism (Bentham, Mill): the right action is the one that produces the greatest good for the greatest number. Sum the happiness across everyone affected; choose the option with the largest positive sum.
50 lives. The math says snap. The ethics asks: who chose?
Strength
Honest about tradeoffs. Real policy decisions involve sums of harm. Utilitarianism makes that math explicit instead of hiding it.
Flaw 1
Who counts? Thanos sums lives equally. But humans don't. We count our family more, our species more, our generation more. Whose math is "objective"?
Flaw 2
The math was wrong. Resources scale with population. Half the people doesn't double the resources — it halves the workforce, the science, the trade. The premise is broken; the conclusion can't be saved.
Flaw 3
Consent. Even if the math worked, the universe didn't vote. Utilitarianism without democratic legitimacy is just authoritarianism with a calculator.
The IT connection: "We collected user data without explicit consent because the aggregate insights help everyone." That sentence is a Thanos sentence. Watch for it in your own organization.
Foundation · Definitions
Ethics, Morals, and Law
Three related but distinct things people constantly confuse. Knowing which is which is the first ethical skill.
Morals
What: personal beliefs about right and wrong.
Source: upbringing, faith, culture, lived experience.
Enforced by: conscience.
Scope: the individual.
Ethics
What: a code of behavior agreed by a group — a profession, an organization, a community.
Source: shared reasoning + tradition.
Enforced by: reputation, peer pressure, employment.
Scope: the group.
Law
What: formal rules from government, the floor of behavior society demands.
Source: legislation + court rulings.
Enforced by: fines, injunctions, incarceration.
Scope: all of society.
MORALS ETHICS LAW no gossip (personal) client privilege (profession) tax filing (state) keep your word M ∩ E don't steal M ∩ L FOIA compliance E ∩ L don't murder obviously right · M ∩ E ∩ L
M = Morals (personal) E = Ethics (professional / group) L = Law (state)
= "agrees with" — overlaps mark zones where two or three of the systems give the same answer.
The trap: "It's legal" is the most popular ethical excuse and one of the worst. The law moves slower than technology, and it never replaces conscience or professional code. Most ethics work happens in the gap between "legal" and "right."
Why this lecture · Real stakes
Code Is Power
Three real cases where IT professionals had to decide what was right when "what was legal" wasn't enough.
Snowden / NSA — 2013
Deontological· Kant — duty over law
A government contractor exposed mass surveillance of citizens not suspected of crimes. He broke US law. He arguably saved democracy. Was he right?
→ Conscience vs. lawful obligation.
Apple vs FBI — 2016
Deontological· Kant — privacy as inviolable
The FBI demanded Apple build a backdoor into iPhone encryption to unlock a terrorist's device. Apple refused. Was the company right to defy a court order?
→ Privacy infrastructure vs. specific public-safety request.
Cambridge Analytica — 2018
Ends-Justify-Means· Machiavelli — value justifies non-consent
87 million Facebook profiles harvested without consent, used to target political ads. Every individual data point was technically opt-in. The aggregate was catastrophic.
→ Aggregate harm from individually-consented acts.
</> YOUR CODE EVERYONE IT TOUCHES
Every keystroke propagates. The IT worker is at the center; the consequences scale outward.
The pattern: in every case, the technical question ("can we?") was answered yes. The ethical question ("should we?") was never seriously asked. Your job — as the person who can — is to ask it.
The map for the rest of the lecture
Five Ethical Frameworks
No single framework answers every dilemma. The most defensible decision is one that survives scrutiny under several at once. Here's the map — characters anchor each.
Bentham · Mill
Utilitarian
Greatest good for the greatest number. Sum the harms; pick the largest positive net.
⌥ Thanos
Immanuel Kant
Deontological
Some acts are inherently right or wrong, regardless of consequences. Duty over outcome.
★ Captain America
Aristotle
Virtue
What kind of person does this make me? Character habit over rules — the golden mean.
☯ Uncle Iroh
John Rawls
Social Contract
Rules we'd accept behind a veil of ignorance. Democratic legitimacy — fair to all parties.
⚖ Sokovia Accords
Machiavelli
Ends-Justify-Means
A terrible act now produces a better outcome later. Slippery — where does it stop?
◈ Itachi · Ozymandias
UTIL DEON VIRT SOC ENDS UTILITARIAN DEONTOLOGICAL VIRTUE SOCIAL CONTRACT ENDS · MEANS ? DILEMMA
Each lens lights up in turn. The answer that holds under all five is the most defensible — that's the stress test.
How to use them: apply each lens to a hard call. If three out of five say stop, that's a strong signal — even if two say go. The frameworks aren't a vote; they're a stress test.
Framework 2 of 5 · Deontology
Captain America and Duty
"I can do this all day." Cap is the textbook deontologist. The question is never "what works?" — it's always "what's right?"
Case Study
Steve Rogers · Captain America
Marvel — across every film, especially Civil War
Deontological· Kant — duty over outcome
Captain America (Steve Rogers) with shield
Marvel — Captain America promotional art

Compromise where you can. Where you can't, don't. Even if everyone is telling you that something wrong is something right. Even if the whole world is telling you to move, it is your duty to plant yourself like a tree, look them in the eye, and say, 'No, you move.'

Cap refuses to sign the Sokovia Accords even though signing would protect him, his team, and arguably millions of civilians. The act of registering — to him — surrenders something inherent. Outcome irrelevant.

Deontology (Kant): the rightness of an act lives in the act itself, not its consequences. Test: could you will the rule behind your action to become a universal law for everyone, in every similar situation? If no, don't do it.
The Categorical Imperative:
"Act only on that maxim through which you can at the same time will that it should become a universal law." — Kant
Strength
Protects rights from utilitarian arithmetic. A deontologist won't torture one innocent to save five. Some lines don't move.
Strength
Predictable. If the rule is universal, others can rely on you. Trust scales.
Flaw 1
Rigid in messy reality. "Never lie" sounds clean until a Nazi asks where the Jewish family is hiding. Universal rules collide.
Flaw 2
Ignores consequences. A pure deontologist may produce a worse world while keeping their hands clean.
The IT connection: "We always disclose data collection to the user — even if it costs us conversion rate." That's a Cap sentence. The duty to inform is not negotiable based on whether telling people loses sales.
Framework 3 of 5 · Virtue Ethics
Uncle Iroh and Character
"Pride is not the opposite of shame, but its source." Iroh isn't following rules — he's being a certain kind of person. That distinction is the entire framework.
Case Study
Uncle Iroh · The Dragon of the West
Avatar: The Last Airbender — Zuko's uncle and unofficial moral compass
Virtue· Aristotle — golden mean
Uncle Iroh, the Dragon of the West
Nickelodeon · Avatar: The Last Airbender — promotional still

Sometimes the best way to solve your own problems is to help someone else.

Iroh once burned cities. He stopped. Not because someone told him to — because he became a person who couldn't anymore. He doesn't quote rules. He is wise, kind, patient. The character produced the action, not the other way around.

Virtue Ethics (Aristotle): right action flows from virtuous character. Don't ask "what's the rule?" Ask "what kind of person do I want to be — and what would that person do here?" Habits build character; character shapes choices.
The Golden Mean: virtue is the balanced midpoint between two extremes.
Courage sits between cowardice and recklessness. Generosity sits between greed and waste. Honesty sits between deceit and brutal tactlessness.
Strength
Becoming, not following. Doesn't rely on getting the right rule; relies on becoming someone who chooses well even when the rule is unclear.
Strength
Resilient. Rules can be gamed; character is harder to fake. Long-term, virtue produces consistency.
Flaw 1
Whose virtues? Spartan virtues (martial honor) differ from Confucian virtues (filial piety) differ from Hexworth virtues (precision). Cultural relativism is the open door.
Flaw 2
Slow. Building character takes years. Virtue ethics doesn't help the engineer who has 30 minutes to decide whether to ship the patch.
The IT connection: "What kind of engineer am I going to be five years from now?" — that's a virtue question. The answer to this specific bug ticket is downstream of the answer to that.
Framework 4 of 5 · Social Contract
Civil War: Tony vs. Steve
The Sokovia Accords are a 90-minute social-contract argument. Both characters are right. Both are wrong. That's the framework.
Pro-Accords
Tony Stark
Built Ultron. Watched it kill thousands. Decided power needs accountability.
Social Contract· Rawls — accepts oversight

If we can't accept limitations, we're no better than the bad guys.

Tony's argument: we agreed to the social contract by living in society. When we wield disproportionate power, we owe society oversight. The Accords are messy — but the alternative (private actors with state-level power) is worse.

Anti-Accords
Steve Rogers
Trusts judgment over institutions. Lived through institutional capture (HYDRA inside SHIELD).
Social Contract· Rawls — rejects this contract

The safest hands are still our own.

Steve's argument: contracts are only as good as the body enforcing them. Institutions get corrupted (HYDRA). The contract that gives a corrupt body authority over you is worse than no contract. Better to keep judgment.

Social Contract (Hobbes, Locke, Rawls): we trade some individual freedom for collective benefit, accepting rules we'd agree to behind a "veil of ignorance" — not knowing in advance which side of the rule we'd be on. Tony chose veil-thinking. Steve trusted his own judgment.
Strength
Democratic legitimacy. Rules everyone could accept have moral authority utilitarian math doesn't. Predictable, scalable, defensible.
Flaw
What about the dissenters? The whistleblower. The conscientious objector. The one person who sees what the contract missed. Pure social-contract thinking has no good answer for them — and history shows we usually need them.
The IT connection: Terms of Service, Acceptable Use Policies, Code of Conduct, ACM Code of Ethics — these are all social contracts. They give you predictability and defensibility. They also bind you when the contract turns wrong. Both Tony and Steve are right. The lecture is learning to hold that.
Framework 5 of 5 · Ends-Justify-Means
Itachi and Ozymandias: The Math That Wins
Two characters who did monstrous things — and were almost certainly right. This is the framework that costs the most to use, because it costs the user.
Case 1
Itachi Uchiha
Naruto — massacred his entire clan to prevent civil war that would have killed orders of magnitude more
Ends-Justify-Means· Machiavelli — math worked, soul lost

Those who cannot acknowledge themselves will eventually fail.

Lived as a villain to protect his brother. Carried the weight alone, without the consolation of being seen as good. The math worked. The cost was his soul.

Case 2
Adrian Veidt · Ozymandias
Watchmen — killed 3 million in NYC to fake an alien attack and end the Cold War
Ends-Justify-Means· Machiavelli — certainty as the flaw

I did it. I'm not a comic book villain. I'd hardly considered it a practical solution if I hadn't already done it.

Asks Dr. Manhattan: "I did the right thing, didn't I?" Manhattan: "Nothing ever ends." The film deliberately leaves the question open. So does this slide.

Ends-Justify-Means (the dark cousin of utilitarianism): a terrible act now produces a better outcome later, and the math justifies the cost. Both Itachi and Ozymandias likely did save more lives than they took. The framework's error isn't always the math. It's the certainty.
Flaw 1
Certainty. Itachi was right because he had perfect intel and a unique ability. You won't. The framework is only safe for people who can't actually use it.
Flaw 2
Slippery slope. Once "I did terrible things for good reasons" is a defense, every villain has it. The framework needs an external check it doesn't have.
Flaw 3
Uncountable cost. Itachi survived as a person who did this. Many would not. The framework prices in the body count but not the soul cost.
The IT connection: "We need to build this surveillance backdoor — for national security." That's an ends-justify-means sentence. The next slide is about what happens to the person who keeps using it.
The Slippery Slope · How good people end up monsters
Walter White: "I Am the Danger"
Nobody starts as Heisenberg. The Walter White arc is the most pedagogically perfect ethics case study ever filmed — because every step seemed reasonable.
Case Study
Walter White → Heisenberg
Breaking Bad — 5 seasons of one ethical compromise after another
Utilitarian → Ends-Justify-Means· slippery slope drift
Walter White as Heisenberg in Breaking Bad season 5
AMC · Breaking Bad S5 — promotional still

I did it for me. I liked it. I was good at it. And, I was really — I was alive.

The pilot: a chemistry teacher with stage 3 lung cancer, a kid with cerebral palsy, no insurance. He cooks meth one time, "for the family." By the finale he is the family's nightmare. He was always the bad guy.

The slippery slope isn't a logical fallacy here — it's an empirical reality. Each compromise is smaller than the last but compounds. The frog in slowly-warming water never jumps because each minute feels like the last one.
Step 1. "Just one cook. For the family."
Step 2. "Just sell what we already made."
Step 3. "Krazy-8 will kill us. We have to."
Step 4. "Jane was going to ruin Jesse anyway."
Step 5. "I poisoned a child to manipulate Jesse — but only a little, and only because…"
Step 6. "I am the danger."
The IT connection: "We collected this user data once, for a one-off feature." Then: "We already have it, might as well use it for analytics." Then: "Sell it to a partner — anonymized." Then: "Re-identification is impossible." You become the company you didn't think you'd become. The defense is to set the line BEFORE you walk up to it.
Absolute Power + Moral Certainty = Tyranny
Light Yagami: "I Am Justice"
Death Note is what happens when a smart, idealistic person gets perfect power and decides — alone — what right looks like.
Case Study
Light Yagami · Kira
Death Note — top student, son of a police chief, found a notebook that kills anyone whose name he writes in it
Utilitarian (distorted)· vigilante — sole judge
Light Yagami from Death Note
Madhouse / Shueisha · Death Note — character art by Takeshi Obata

I'll create a perfect world. A world without crime, where only honest people live. I'll be the god of this new world.

He starts by killing convicted murderers. Then escaped suspects. Then critics. Then anyone in his way. The escalation isn't a moral failure — it's the predictable output of moral certainty + zero accountability.

The Vigilante Pattern: someone with disproportionate power decides they know better than the system, then acts unilaterally. The system has flaws, sure. But replacing it with one person's judgment is worse — because that person has no check, no review, no peer.
Flaw 1
Selection bias. Light targets people he sees. He doesn't target white-collar criminals he doesn't read about. His "justice" inherits the bias of his information diet.
Flaw 2
Mission creep. The notebook escalates. Today's "criminal" is tomorrow's "obstacle to my mission" is next month's "legitimate critic."
Flaw 3
The successor problem. Even if Light were a saint, what about the next holder of the notebook? Power must be designed for the worst plausible holder, not the best.
The IT connection: the privileged-access user who decides which logs to read, which DMs to skim, which user to investigate. "I'm the security person. I know better." That's a Death Note sentence. Privileged access without audit is a vigilante in waiting.
What if Superman Was the Bad Guy
Homelander: Power Without Checks
The Boys is a 4-season meditation on a single ethical question: what happens when society gives someone power before it figures out how to constrain them?
Case Study
Homelander · The Boys
Smiling Superman exterior. Sociopath underneath. The most powerful being on Earth.
Anti-ethics· raw power — no framework
Homelander from The Boys
Amazon / Dynamite · The Boys — character art (comic + TV composite)

I can do whatever I want. Whatever the f*** I want.

The horror isn't his power. It's that society created him, marketed him, profited from him — and built no mechanism to stop him. By the time anyone saw the problem, he was untouchable. Not because of his powers. Because of his image.

The asymmetry problem: the more power someone has, the more accountability we should demand — but the more power they have, the harder it is to demand it. Big Tech, big platforms, opaque algorithms: same pattern. Power scales faster than oversight catches up.
Flaw 1
The PR shield. Homelander's image protects him. Modern equivalent: brand reputation, "moving fast and breaking things," charismatic founders.
Flaw 2
Captured oversight. Vought (his employer) controls the people who could regulate him. Modern equivalent: industry-funded regulators, revolving doors.
Flaw 3
Asymmetric retaliation. Anyone who calls him out gets crushed. Modern equivalent: NDAs, SLAPP suits, blacklisting.
The IT connection: when your company, your platform, or your AI model becomes powerful enough that "you can't be questioned without consequence," you've become Homelander-shaped. The check has to come from inside — engineers willing to push back. You.
Your Professional Contract
The IT Professional's Code
When personal morality, employer demands, and law disagree — your profession has a tiebreaker. Two codes you should know by name.
ACM Code of Ethics (2018)
Association for Computing Machinery. Adopted by professional software engineers. Eight principles. Three matter most for daily work.
1.1 Contribute to society and to human well-being.
1.2 Avoid harm.
1.6 Respect privacy.
IEEE Code of Ethics
Institute of Electrical and Electronics Engineers. Even shorter. Even more direct.
I.1 Hold paramount the safety, health, and welfare of the public.
I.5 Seek, accept, and offer honest criticism of technical work.
I.6 Disclose factors that might endanger the public.
Both codes share one principle: your obligation to the public outranks your obligation to your employer. When your boss tells you to ship something that endangers users, the code says no. Real cases where engineers said yes anyway: Volkswagen Dieselgate (defeat-device software), Boeing 737 MAX (MCAS without disclosure), Facebook engineers in Myanmar (algorithmic amplification of genocide).
How this gets used: when you raise an ethical objection at work, "the code says we can't do this" is a stronger argument than "I think we shouldn't." The code makes you a representative of your profession, not just a contrarian employee. Memorize 1.1, 1.2, 1.6 (ACM) and I.1 (IEEE) — they will save you in a meeting.
When Frameworks Disagree · The Method
A Repeatable Decision Process
Not a checklist for finding the "right" answer. A protocol for finding a defensible answer — one you can explain to a future you, the public, and the people affected.
1 · Apply all five frameworks
Utilitarian. Deontological. Virtue. Social Contract. Ends-justify-means. Write the answer each one gives. If 4 of 5 say stop, that's a strong signal.
2 · Stress-test the choice
Run the decision past three audiences:
Future you — would you tell your children about this?
The public — front-page-news test.
The affected parties — would they consent if they knew?
3 · Document your reasoning
Write the decision down. Name the frameworks you applied, the people you stress-tested it against, the alternatives you considered. If you can't write it down, you're not sure.
What this protocol does: it forces you to be honest about which frameworks support your decision and which don't. Most bad ethical calls are made by people who only ran one framework — usually the one that gave them the answer they wanted.
What this protocol won't do: tell you the right answer. There usually isn't one. The goal is a defensible answer — one you can stand behind under scrutiny, one a peer would respect even if they'd choose differently.
The muscle metaphor: ethics is exercised, not consulted. The first time you apply this protocol it'll feel slow and academic. The hundredth time, it'll be reflex — and you'll be the engineer in the room who can name why something feels wrong before everyone else can articulate it.
Class Discussion · Dilemma 1 of 3
Dilemma 1: The Whistleblower
You are a senior engineer at a mid-sized tech company. While debugging a production issue, you discover that the company is selling user location data to a third-party broker — without consent, in violation of state privacy law. Your manager and director both approved it. Your employment contract has a strict NDA and a mandatory-arbitration clause. Going public would likely cost you your job, the NDA suit, and possibly criminal exposure. What do you do?
Utilitarian
Sum the harm: millions of users vs. one career. Disclosure likely produces the greater good — even at high personal cost.
Deontological
Could you universalize "engineers stay silent about illegal data sales"? No — that rule destroys public trust in the profession. Therefore, speak.
Social Contract
The NDA is a contract. So is your obligation to society. When they conflict, the broader contract (ACM Code 1.2: avoid harm) takes precedence.
Virtue
What kind of engineer do you want to be five years from now? The one who saw it and stayed quiet — or the one who said something? Choose the future you can live with.
Facilitator notes: ask the class to vote anonymously. Most will say "speak up." Then ask: through which channel? Internal escalation first? External regulator (state AG, FTC)? Press? Each route has different ethical and legal trade-offs. The harder question is not whether to act — it's how. Real-world examples to surface: Frances Haugen (Facebook), Daniel Motaung (Facebook content moderation in Kenya), Susan Fowler (Uber).
Class Discussion · Dilemma 2 of 3
Dilemma 2: Emergency Override
You're a backend engineer at a healthcare company. A hospital calls: a patient is unconscious, possibly suicidal, location unknown. The patient's app history could pinpoint them. Pulling that data without their consent violates HIPAA and your company's privacy policy. The doctor on the phone says without it the patient probably dies in the next hour. You have access. Do you pull the data?
Utilitarian
One life vs. one privacy violation that nobody else will know about. The math screams pull the data.
Deontological
Could you universalize "engineers pull data on emergency calls"? Almost certainly not — every fraudster impersonating a doctor would weaponize it. The duty says don't.
Ends-Means
The slippery slope: today's "emergency" is tomorrow's "it's just one query." Itachi math is rarely as clean in practice as it seems in the moment.
Social Contract
HIPAA exists because society agreed to a contract about medical privacy. Breaking it unilaterally — even for a good reason — undermines the contract everyone else relies on.
Facilitator notes: the trap is the urgency. Push the class: is "the doctor on the phone" actually a doctor? Verification matters. The right answer is almost always: escalate immediately, don't act unilaterally. Most healthcare systems have a "break-glass" procedure exactly for this — supervised, logged, time-limited. The lesson: the framework that wins in the moment might not be the one you'd defend in writing the next day. Build the break-glass procedure before the emergency, not during it.
Class Discussion · Dilemma 3 of 3
Dilemma 3: Weaponized Code
Two years ago, you wrote a face-recognition library for a startup. The startup got acquired. The acquirer licensed your library to a foreign government. You learn — from a news investigation — that government is using your code to identify and detain political dissidents. You did not write it for that. You can't unwrite it. What is your responsibility now?
Virtue
What kind of engineer do you want to be remembered as? The one who built the tool and walked away, or the one who acted when they learned what it became?
Deontological
Did you violate a duty at the time of writing? No — you couldn't have foreseen this. But the duty to act on what you now know is fresh and binding.
Utilitarian
Speaking publicly may save future dissidents (assistance refused, donors withdraw, license revoked). Staying silent saves only your career.
Ends-Means
Some will argue the dissidents would have been caught anyway — your code just made it efficient. That is a Thanos sentence. Notice it.
Facilitator notes: this is the hardest of the three because there is no clean win. Push the class to consider graduated responses — speaking with the acquirer, contacting human-rights organizations, writing a public technical post explaining the limitations of the system to undermine its credibility, signing on to industry letters (e.g., the open letter against face-recognition by ACLU + 70 organizations, 2018). The lesson: "I didn't intend it" stops mattering the moment you know. The only ethical question after that is what you do next.
Closing

Code is Power.
Power is Responsibility.

Peter Parker's uncle did not say "with great power comes great options." He said responsibility. The systems you build, the data you handle, the algorithms you deploy — they shape lives you'll never meet. The frameworks in this lecture are how you decide whether you're shaping them well.

Ethics isn't a set of answers. It's a practice. You exercise the muscle daily — in code reviews, in design meetings, in the quiet moment when you ask whether the feature should ship. You won't always be right. But the engineer who runs the protocol — frameworks, stress test, document — is the engineer the rest of us want in the room.
Apply all five frameworks Stress-test against future-you, public, affected parties Document your reasoning