We expect professionals to behave ethically. Doctors and companies working on genetics and cloning for instance are expected to behave ethically and have constraints placed on their work. And with consequences for those behaving unethically.
Yet we have millions of software engineers working on building a surveillance society with no sense of ethics, constraints or consequences.
What we have instead are anachronistic discussions on things like privacy that seem oddly disconnected from 300 years of accumulated wisdom on surveillance, privacy, free speech and liberty to pretend the obvious is not obvious, and delay the need for ethical behavior and introspection. And this from a group of people who have routinely postured extreme zeal for freedom and liberty since the early 90's and produced one Snowden.
That's a pretty bad record by any standards, and indicates the urgent need for self reflection, industry bodies, standards, whistle blower protection and for a wider discussion to insert context, ethics and history into the debate.
The point about privacy is not you, no one cares what you are doing so an individual perspective here has zero value, but building the infrastructure and ability to track what everyone in a society is doing, and preempt any threat to entrenched interests and status quo. An individual may not need or value privacy but a healthy society definitely needs it.
The idea that we could get the majority of the industry to agree on ethics is pretty far-fetched when a large portion think surveillance is making their country safe.
For instance, I find a user control that prevents the user from changing focus whenever the input is invalid to be unethical, or at least severely impolite. It's the equivalent of grabbing someone's face while you're talking to them. Me: "The control you propose is hostile to the user." Customer: "Do it the way we want, or your company loses the contract."
As it turns out, the customer would love to grab someone's face, not just while they talk, but also as they yell, with a light rain of spittle falling gently onto the target's visage. That's because they assume everyone is a complete idiot, whose only salvation is absolute obedience to those officially certified as more capable. They fervently believe that you can order someone to not make mistakes. So it should be no surprise that my ethical objection was meaningless to them.
The people paying for software and hardware enabling Panopticon-style universal surveillance have a completely alien system of ethics, and more than enough money to ignore your personal morality. There will always be someone around in desperate enough financial straits that they will quash their own opinions and take the paycheck.
A cartel enforcer for software workers is the only way to significantly slow down technologies (you can't actually stop progress) that the majority of those workers find to be unethical. That enforcer has to be able to tell its members that they cannot do such work, no matter how well it pays, because otherwise, the buyers, for whom budget size is no obstacle, simply pay the higher price to those who need cash now more than self-respect later.
As long as there are mouths to feed and rent to be paid, the guy with deep pockets will be able to pay another to do his dirty work.
It isn't the ethical training that makes the difference in medicine, but the ethical enforcement. Doctors and lawyers can be decertified by their peers and elders, such that they cannot be rehired as a member of that profession. That means that an employer cannot demand unethical behavior, unless it is willing to compensate to the tune of all the money those people could theoretically make over all the remaining years of their careers.
I would hope that enough software workers could agree that it is unethical to casually collect and retain information from anyone without their fully informed consent, which is diligently confirmed, and revocable on demand. I further hope that we could agree that it is unethical to gather information to support any criminal investigation without reasonable suspicion that the target has actually committed a crime. Those people who believe that adding more hay to the stack makes the needles easier to find can form their own cartel.
I happen to believe that ethically-limited surveillance is more efficient and effective than the heavy-handed dragnet approach. I also think it is unethical to use an O(N^3) brute-force algorithm when an O(N log N) alternative is available. But most customers only care whether something works, and is delivered on time and under budget. They won't ever care about our opinions regarding quality, ethics, or best practices until after we are capable of making them pay dearly for not caring.
“How do you know the chosen ones? ‘No greater love hath a man than he lay down his life for his brother.’ Not for millions, not for glory, not for fame. For one person. In the dark, where no one will ever know, or see.”
— Babylon 5, Season 2, episode 21, Comes the Inquisitor, 1995