Advertisement

Information Systems Frontiers

, Volume 12, Issue 4, pp 415–424 | Cite as

Agents of responsibility—freelance web developers in web applications development

  • Malik Aleem AhmedEmail author
  • Jeroen van den Hoven
Open Access
Article

Abstract

Much of the literature on responsibility in the IT field addresses the responsibilities of members of the IT profession. In this paper, we investigate to what extent the responsibilities associated with computing practitioners apply to freelance web developers. The relevant moral question is not “can freelancers be considered as professionals?”, but “are they agents of responsibility and can they cause harm”? It is obvious that they can. To justify this claim we will take the case of using free malicious code by freelance web developers and show how their actions or omissions may cause harm to the users, clients and others. We will then identify different types of responsibilities and relationships, which can be associated with freelance web developers. In the end, we will stress that, freelance web developers have higher form of responsibility and should actively seek to bring about environments in which they can function as responsible agents aiming at developing safe, secure, and workable web applications and systems.

Keywords

Freelance web developers Responsibility Agents of responsibility Hacking Web applications Systems 

Abbreviations

ACM

Association for Computing Machinery

DoS

Denial of Service

E-Commerce

Electronic Commerce

E-Work

Electronic Work

HTML

Hyper Text Markup Language

IEEE-CS

Institute of Electrical and Electronics Engineers - Computer Society

IT

Information Technology

SLA

Service Level Agreement

SQL

Standard Query Language

UK

United Kingdom

WebD2

Web design and development

WWW

World Wide Web

1 Introduction

Poorly developed and managed web applications and systems may cause harm to the users, clients and others in the society. Causes of poorly developed web applications include, but are not limited to, (1) ad hoc approaches and tinkering, (2) the lack of proper standards, and (3) usage of code without proper understanding. Taylor et al. (2002) carried out a survey of 25 UK based organizations regarding website development methodologies. They found that ad hoc approaches to website development were widespread. Development activity was neither formalized nor structured; there was an apparent lack of coding standards, resulting in impediments to adequate future website maintenance activities. Gotterbarn (2001) noted that the crossword puzzle solving approach, for the development of applications, by developers poses ethical problems. In the crossword puzzle solving approach the primary goal is to solve the problem exactly as it is presented to the developer. Freelance web developers have the tendency to take this approach. A survey of informal and professional web developers showed that only one respondent mentioned testing of security requirements (Rosson et al. 2005).

Polls posted on different freelancing web designing and development communities showed that more than 80% of the respondents (freelance web developers) have used free code on one or more occasions. Problems start when a freelance web developer re-uses freely available malicious or bugged code in web applications and systems without proper understanding, modifying, testing, and debugging. Chances are that the code might have been developed for malicious purposes and once it is used in live web applications then systems’ users, clients and others in the society may become vulnerable as a result. Users of the system may be harmed, clients’ interest may be compromised, and others in the society may face considerable inconvenience. Even if the code was not developed for harmful purposes, it may contain bugs and security vulnerabilities which—if not debugged and rectified—, could be exploited at a later stage by others.

Section 2 of the paper provides an overview of freelance web development and developers. In section 3, we discuss several threats and vulnerabilities associated with using free malicious and bugged code in website development including hacking, identity theft, unauthorized access and use of private information, spamming, spread of harmful programs, and server side problems.

After identifying the threats and vulnerabilities associated with the malpractice of using free code for website development, in section 4, we explore if freelancers are responsible for their actions and omissions. We then discuss different types of responsibilities that can be associated with freelance web developers and claim that freelance web developers are not only morally responsible for their work, but also have the specific responsibilities which are usually only associated with members of well entrenched and institutionalized professions.

In section 5, we give some recommendations. Suggestions for improving the situation include: (A) We emphasize that having a better understanding of the relationships with different entities (Employer-Employee, Client-Agent, Society-Agent and Agent-Agent as for example discussed by Johnson (1995) for computing professionals) helps freelancers to realize their responsibilities and perform their duties better. (B) We argue that the process of proto-professionalization (see de Swaan 1990) is important and it can be helpful for freelancers to become member of an international association or community of computing or web development. They should adopt the basic principles and fundamental concepts of the profession (e.g., see de Swaan 1990). This may help to build the trust of clients and increase the credibility of freelance web developers. Moreover, we emphasize that preaching cannot do the job alone therefore institutional structures should be built and incentives structures should be designed and carried out for the freelance web developers to act in accordance with the code of conduct of the association or relevant professional community. (C) Working in accordance with a four-step model—i.e., (1) Search and acquire the code from reliable resources, (2) Scan, understand, and analyze the code, (3) Modify, integrate, test, and debug the code, (4) Upload, maintain, and evaluate the integrated system—elaborated in this paper also contributes to the usage of free code for the development of safer and more adequate web applications and systems. We end with conclusions in section 6.

There is very little literature available on the responsibilities of freelance web developers. The paper addresses the responsibilities of freelance web developers by surveying the literature on responsibilities of members of the IT profession. The paper is based on the field experience, literature review and web searches. Some informal interviews with freelance web developers were conducted. Polls were posted on Web Design & Development WebD2, Designers Corner, Adobe Photoshop, Web Developers and Designers and Web Design communities on Orkut.com to find out the opinions on specific issues and questions.

2 Freelance web development

Advancements in Information and Communication Technologies and the booming growth of the Internet has attracted many individuals to work as freelance graphics designers, network specialist, software and web designers, developers, and IT trainers. In case of web development, people are attracted to work as freelancers because they can work from home and develop websites, applications, and systems at their own time and convenience. The World Wide Web is becoming the most common place to find freelancing jobs. There are several websites—for example, Elance.com, FreeLance.com, Go4outSourcing.com and many more—which allow individuals and organizations to hire freelancers especially for web designing and development. Chan and Swatman (2000) noted that the most obvious category of jobs created by Internet-based E-Commerce comprise positions which relate to the development and maintenance of WWW sites. In general, this category contains positions that involve the construction of web pages using a variety of programming languages. Freelance web development ranges from the designing of simple websites to the development of dynamic and interactive web applications and systems. This paper is more relevant to the freelance web developers who get involved in the development of dynamic and interactive web applications and systems.

Individuals and small businesses are more attracted to hire freelance web developers for the development or revamping of their websites. Results of the polls, posted by the authors, showed that 63% of respondents think that people hire freelancers because they can develop websites faster and cheaper, about 13% think that freelancers get work because they can develop faster, 19% think the reason is that they can develop cheaper and 5% think it is because of some other reasons.

3 Threats and vulnerabilities of using free malicious code

The tasks for web designing and development from conception to closure require special skills and it might be very difficult for an individual to master all the aspects of the web development process. If asked, most individual freelance web developers probably would claim that they can, in principle, design and develop dynamic websites, applications, and systems from scratch. This might be true, but how can an individual do a project, faster and cheaper, that requires so many skills? One obvious answer lies in the use and re-use of free or cheap code and templates available on the Internet. By free code, we mean the applications’ code available on different websites and online communities to be used by others, usually by novice or amateur developers.

Our informal interviews with freelance web developers revealed that all of them on one or more occasions have used free code available on the Internet to add features to the existing web applications or to develop new web systems. Polls posted on different freelancing web designing and development communities also confirmed that about 81% of the respondents have, one or more times, used free code for the development of web applications.

Using free code for dynamic web applications or systems if not properly understood, debugged and reused—in which the users have to input information, download or upload files—may cause problems and expose the users and others to different threats and vulnerabilities. In the following sub-sections we show how the actions or omissions of freelance web developers may cause harm to people in case of using free code.

3.1 Hacking and abuse

The term hacker has been used in the literature for different purposes. This paper uses the term hacker to describe a person who tries illegally to gain access to information on other computers and systems for different purposes. Let us consider a hypothetical case. A hacker develops an online shopping cart system or email access system containing malicious modules. The hacker uploads the modules on the Internet to be freely distributed. The purpose, of these malicious modules, is to log and email the entire inputted user data to the hacker. A freelance web developer downloads the web application, changes its look and feel, without properly understanding and debugging, and uploads it on the live website of his client. Now whenever users input their private information to login or buy things from the system, all their information is first mailed to the hacker’s address and then transactions are completed. The whole process is completed in such a way that neither the user nor the web master has any idea that the information is being compromised.

Once the hacker has acquired information about the user, he could use it for ordering products online using credit card data of the victim, transferring money without the knowledge of the victim, or selling his credit card details to others. The hacker could also use the information for other abusive purposes—for example, using the user’s information to join on illegal websites that might destroy user’s reputation in the longer run. The hacker could register the user on different websites and post abusive comments on those websites that might result in the degradation of the user’s standing in his official and friends circle.

In case of using malicious code in email access systems, the hacker could use the users’ account to send spam and abusive or threatening mails to others. He could use the information for criminal activities—for example, for sending information by mails through users’ accounts to other criminals without the knowledge of authorities or using the users’ computers for storage and distribution of unauthorized files. In short, hackers can actually disrupt and endanger personal and professional lives in concrete ways (Radnofsky 2006). By using the free code without understanding and debugging, freelance web developers could be helping those with bad intentions.

3.2 Privacy infringements and frauds

The hacker could infringe the user’s informational privacy. Informational privacy implies confidentiality, anonymity, data protection, and secrecy of facts about people (Van den Hoven 2008). Privacy implies constraints on the use of a person’s name, likeness, identity, or other attributes of identity and exclusive possession. Discussion in the previous section illustrates how the informational privacy of the users could be compromised and how identities could be easily stolen because of the omissions of a freelance web developer. The hacker could use private information to blackmail the users (Burden and Palmer 2003). The hacker could also register the users on newsletters or mailing lists. Users would be easy spam targets as a consequence since the spam mails would not automatically be redirected to the junk folder as the hacker could access the users’ accounts and approve the acceptance of mails. The hacker could use the private information of the users of web applications to blackmail organizations (Wales 2002) and to commit a wide range of different frauds.

3.3 Spread of harmful programs

The hacker could also be provided with opportunities to use the users’ email address book to send and install malware—for example, root kits, harmful viruses, worms, sniffers, bots, or Trojans—to the users’ friends, business associates and others. If the recipients would not be using effective email scanners or anti-virus programs, then they run the risk of opening the mails and attachments because mails appear to be sent from a trusted person. If the recipients would be using email scanners or anti-virus, even then they could open the attachments by accident. The virus, worm, or Trojan could then infect the victim’s computer and be used for any kind of illegal activity. The hacker could send key loggers to the victims, who accept and open them that would enable the hacker to monitor all online information exchange and activities of the victims. The hacker could install code, which could turn victims’ machines into remote-controlled zombies and later could use to launch spam, denial-of-service, or other attacks (Lawton 2007). Other programs sent by hackers could turn off anti-spyware and anti-virus; disable firewalls, open back doors, delete files and format hard disks (Kabay 2005).

3.4 Server side problems

The hacker could include illegal programs as web services or libraries in the system; and when uploaded by the freelance web developer on the server, vulnerabilities in those illegal programs could be exploited. “Common attack vectors range from buffer overflows and denial of service, SQL insertion, cross-site scripting, and other code injection techniques” (Ollmann 2007). “Hackers can attack buffer-overflow vulnerabilities in Web servers, changing HTML pages’ header and footer information to include scripts. Visiting browsers activate the scripts, which cause the browser to download a harmful program” (Geer 2005). The vulnerabilities could be used to launch DoS attacks to other servers so that users trying to gain access the targeted machines would not be able to get the required services because the bandwidth and processing power of the targeted servers would be being used by phony requests. Illegal processes could also be run on the victim server to slow down its processing, resulting in low graded services to the users.

3.5 Bugs and loopholes

There are always the chances that the bugs in the code could be exploited by others at later stages even if the code was not developed for harmful purposes. Software vulnerabilities may exist in the code (Takanen et al. 2004). Free code available on the Internet is usually not well written and the coders try to hide functionality from unauthorized users. “With access to debuggers, brute-forces, application scanners, or just good luck, malicious users will always discover any hidden or obscured application functionality over time” (Ollmann 2007). Some loopholes, in the code, can slow down the processing power of the server. The loopholes or errors in the code might result in miscalculations and wrong results. The problem intensifies in the websites of financial institutes. An attacker may be able to trick an already authenticated user into performing malicious actions. This may succeed due to design weaknesses in the target application and the user’s web browser automatically supplying cached credentials (Watson 2007).

Hacking as construed here is morally objectionable, as Spafford (1992) has concluded in his paper, “There is no doubt that computer break-ins, even when no obvious damage results, are unethical”. The point we would like to stress here is that the freelance web developer who re-uses the code without proper knowledge, understanding, and debugging in live web systems and applications is morally responsible for the harm and negative consequences to the users, clients and others in the society.

4 Freelance web developers as agents of responsibility

In the previous section, we discussed how actions and omissions by the freelance web developers could have the negative consequences. In this section, we would explore if freelance web developers can be seen as agents of responsibility and if so, what type of responsibilities can be ascribed to them?

Freelance web developers could be considered to fall under an umbrella of the IT or computing occupation. Can we consider computing as a profession like law or medicine? Johnson (1995) noted that:
  1. 1.

    Professions require master of an esoteric body of knowledge.

     
  2. 2.

    Members of professions typically have a good deal of autonomy in their work.

     
  3. 3.

    Professions usually have a professional organization that controls admission to the profession and sets standards for practice.

     
  4. 4.

    Professions fulfill an important social function or are committed to a social good.

     
Other characteristics associated with professions include:
  1. 5.

    Professions have a division between those who are practitioners and who do research.

     
  2. 6.

    Members of professions follow a code of professionals conduct or ethics.

     
  3. 7.

    Members are seen as making a life commitment to the field of their profession.

     

To construe computing as a profession is problematic. Computing does not fulfill all the criteria of a true profession in this sense. For example, there is no single organization that controls admission to the profession and sets standards for practice, computing practitioners are not typically committed to a social good, practitioners do not have a life long commitment—therefore it can be argued that computing is not a true profession in traditional sense. Stahl (2006) noted, “It is probably … fair to say that computing is not (yet) a profession comparable to the established professions like law and medicine”.

At the same time, however, (1) computing and its sub-fields require knowledge of specific areas, (2) members of computing and sub-fields usually have the autonomy with respect to their work, (3) more and more a distinction is made between computing practitioners and researchers, and (4) computing practitioners are fulfilling important social functions since IT applications and infrastructures are crucial to the functioning of modern societies.

Similarly, in case of freelance web development, freelance web developers require some basic programming and designing knowledge, they have the ability to use their skills and knowledge to develop web applications with a direct or indirect impact on different entities and sectors in the society. They also have a certain level of autonomy regarding their work. It is a matter of discussion whether they also fulfill an important social system function—for example, the development of applications and websites for sharing information and other purposes. They are certainly adding massively to the delicate fabric of online infrastructures and resources. Their clients and users have expectations regarding the systems and applications developed. After the systems’ implementation, they are dependent on and have to rely on the systems’ tools for the completion of their work. Therefore, it is not controversial to consider freelance web developers as agents of responsibility (term used by Takanen et al. 2004) even if we do not consider computing and IT practitioners including freelance web developers as full-fledged professionals.

Being the agents of responsibility, in the straightforward and intuitive sense we specify, implies a range of moral responsibilities. In this paper, we discuss that freelance web developers are not only morally responsible and accountable for their work but have the specific role, causal and legal responsibilities as discussed by Quinn (2005) for IT practitioners. Besides that, we also discuss meta-task responsibilities (Van den Hoven 1998) and social responsibilities (Gotterbarn 1995) of freelance web developers.

4.1 Moral responsibility

Quinn (2005) discusses two conditions for a moral agent to be responsible. (1) Causal condition (the actions or omissions of the agent must have caused the harm) and (2) mental condition (the actions or omissions must have been intended or willed by the agent). Actions or omissions of the freelance web developers can cause harm in a way that the malicious code reused, bugs in the code or logic, and design of web systems they develop can put users and others in a vulnerable position—for example, as discussed in the previous sections. “The guidelines for the Web software design and use must be clearly understood, adopted, and supported” (Woodbury 1998). Although most of the freelance web developers do not intend to cause the harm, Quinn (2005) mentions that the mental condition is extended by some to include unintended harm as a result of carelessness or negligence. “Issues such as ignorance, irresponsibility or even arrogance have an ethical aspect” (Takanen et al. 2004). The clause of carelessness and negligence applies when freelance web developers re-use the free malicious code without proper understanding and debugging. As agents of responsibility, freelance web developers are morally responsible for their actions/omissions and for their products. In case, harm results from their insufficiently tested and scrutinized code, they seem culpable for the results and have the moral obligation to repair.

4.2 Role responsibility

Role responsibility is the responsibility assigned because of person’s assigned duties (Quinn 2005). A person who serves in a role is considered to be morally bound to perform the duties of that role (Johnson and Powers 2005). Whenever a freelance web developer accepts a project, it means that he commits and embraces the role to complete the work. He becomes responsible to develop the web system to the best of his knowledge and abilities. After the role assignment, the client has a dependent position with respect to the freelance web developer for the web system and its desired workability. Johnson (1995) noted, “The client needs the professional to make or help make decisions that may be crucial to the clients business, and he must trust that professional will use his knowledge competently, effectively, and efficiently”. If the freelance web developer downloads the code, makes minor changes and uploads it on live websites without proper understanding and debugging then it means that he is not using his knowledge and abilities fully. If a freelance web developer is assigned the task responsibility—i.e., forward-looking responsibility (e.g., see Lima et al. 2008)—of developing a dynamic website and if he is unable to understand the code, he should invest more time to understand and debug to make it safer. If he is unable to complete the task, he should inform the concerned persons. “You cannot make all the designs safe under all conditions, but you can make them safer, or more usable, or more equitable, under more conditions. Software engineers should take responsibility where these emerging methods allow them to, and should be humble about their ability to guarantee perfect functioning where they cannot measure or test performance in real conditions” (Chuck 1996). “IT professionals should apply their knowledge to design IT systems such that they provide services with high quality as far as costs, availability, robustness, response time and in a secure and cost-effective manner across the Internet” (Leung and Wong 2000). Freelance web developers are role responsible to see to it that they design and develop safe, dependable, and workable web applications and systems.

4.3 Causal responsibility

Causal responsibility is the responsibility assigned to the people because they did something or failed to do something that caused something to happen (Quinn 2005). As already discussed in section 4.1, on a standard account of causation, freelance web developers are causally responsible for their actions or omissions. Their actions and omissions are necessary and/or sufficient conditions for untoward outcomes to occur. They are thus blameworthy and answerable for their interventions. In the above case, omission of the freelance web developer to understand and debug the code was one of the causes of harm—i.e., we can establish the causal connection of the freelance web developer’s actions or omissions and the harm done to others. Although it can be argued that causal sequences of the victims’ vulnerability begins with the hacker coding the program and the harmful script but in our case, it was reinforced by the freelance web developer who reused the code without proper understanding and debugging.

4.4 Legal responsibility

Legal responsibility could be defined as responsibility assigned by the law (Quinn 2005). This type of responsibility may vary in different situations, under different contracts and agreements, in different countries, and in different periods. If the contract states that the freelance web developer would be legally responsible for the harm caused by the system, then he can be legally liable for his work. “Developers and vendors of software should be, within reasonable limits, held also legally responsible for the quality of their products and for losses their clients suffer because of their software” (Takanen et al. 2004).

Causal, moral and role responsibilities are important for apportioning legal liability, but not the sole criterion (Cane 2002). Sometimes freelance web developers may be morally responsible for their work, but they may not be legally liable for it. In ‘Tort Law’, for instance, a person may be responsible for harm in the sense that he caused it by his negligence, but be immune from legal liability for that harm (Cane 2002). In certain situations, the actions/omissions of freelance web developers may not be proven lawfully wrong although they may be morally wrong. Law might give the freelancer a benefit of doubt whereas he may still be morally responsible for his actions and omissions. The inverse situation may also occur depending on the legal context, where workers may be held strictly liable—i.e., liable without proof a contributory fault.

The matter of assigning the fiduciary duties is complicated in case of offshore development when the freelancer web developer and the client are not in the same country and jurisdiction. Most of the work related matters are done through the Internet. The client and the freelance web developer might be, in different countries or even on different continents, working under different laws and regulations regarding e-work—i.e., work being assigned and completed through the Internet. In this case, the freelancing websites, which provide the opportunities for the freelancers to apply for work online, can play an important role. They can sign contracts with the freelancers, which state the legally permissible ways and can make freelancers liable to the client in case of harm or negative consequences. Legal responsibility and liability might influence the actions and execution of work by the freelance web developers in lawfully acceptable manner.

Another difficulty is that most of the freelance web developers do not belong to a computer society and hence they are not obliged to follow society’s codes and standards. Even if they belong to a computer society, the code of ethics is not usually binding.

4.5 Meta-task responsibility

Meta-task responsibility means that one is responsible to see to it that the user, oneself or someone else, of the system can take his or her responsibilities in working with the system (Van den Hoven 1998). Being agents of responsibility, freelance web developers have an obligation to develop applications and systems in such a way that the web masters and users can fulfill their responsibilities, or at least design and develop systems in such a way that in working with the systems it is not impossible to discharge one’s responsibilities.

Designers and developers including the freelancers can be considered as setting up the stage or scaffold for user’s performance and responsible behavior when they develop web applications and systems. Afterwards, when the web masters maintain and the users use the system, they have to act under the conditions and environment of that stage (the system) which has been set for them by others. Van den Hoven (1998) argues that once the system is implemented, the users start to depend on the IT environments for their knowledge of the outside world and for the acquisition of their beliefs. Therefore, where human end users depend on IT environments moral responsibility is difficult to assign only to the end users of the systems (Van den Hoven 1998). The system users may become dependent on their computer tools in a way which prevents them from doing what is traditionally required of them as moral persons, namely to think for themselves about what is the right thing to do and account to others for what they have done on the basis of their thinking (Van den Hoven 1998).

In our case, it can be argued that a web master is responsible for secure function of web applications by preventing security breaches and privacy infringements. However, if the freelance web developer had used free malicious code during the development process without proper knowledge and debugging—i.e., he sets up a lousy stage in a morally dubious and undesirable way—then moral responsibility is difficult to assign only to the web master for the compromised information. One reason for this is that the web master, in the morally relevant sense described above, is dependent on the IT tools and he has to act under the stage provided to him. Instead, most blame for the negative consequences can be placed on the freelance web developer who had the meta-task responsibility to develop the web system that might have enabled the web master and users to take on their task and role responsibilities in such a way that harm could have been avoided. Freelance web developers, as system designers, ought to allow users to work with systems in such a way as not to make it impossible for them to live up to their obligations as users (Van den Hoven 1998). The users when using the systems cannot act as fully autonomous and responsible agents if they are dependent on the system’s environment for acquisition of their beliefs. The users may become vulnerable through reliance on systems and applications as sources on information. “In artificial epistemic niches (environments in which users are dependent on computer systems), the output will give rise to associated beliefs” (Van den Hoven 1998). In certain situations, administrators and users of IT environments might make wrong decisions or might be unable to perform certain tasks because of the inadequate or insufficient output of the system. If the web system developed by freelance web developer gives the wrong output of the system to be secured to the web master, the web master would start believing that the system is secured because, ”he has sufficient grounds for believing that the system has sufficient grounds to provide particular output as accurate and adequate” (Van den Hoven 1998). He would not put efforts to rectify the vulnerabilities that he could have done otherwise if the system would have given him the right output or some other indication. For the fair ascription of responsibility, in some cases, web master can be partially responsible especially for carelessness or negligence.

4.6 Social responsibility

Social responsibility means that one is either responsible for society or parts of it or that one is responsible with regard to society (Stahl 2002). It involves the consideration of the impact of software artifacts and computing products on society at large (Gotterbarn 1995). The public at large may interact with the applications and systems developed by freelance web developers. Our discussion of meta-task responsibility can be extended to include that the technology designers and developers and in our case freelance web developers have the responsibility to develop the applications and systems in such a way that others in the society who interact with the applications can act in a morally responsible way. “IT practitioners have the power to affect others in the society therefore we think of them as bearing special responsibility. That is, they acquire duties to behave in ways that do not harm individuals or public goods precisely because they have the capacity to do so” (Johnson 1995). This is linked to social responsibility. Internet is booming and we are becoming more dependent on information technology, therefore software developers/engineers and in our case, freelance web developers are getting more power and resources to affect the society. As we have discussed that users and others can be affected by the web systems developed by freelancers, it means that the freelance web developers have the power to affect others and hence bear responsibilities towards different entities in the society. Web applications and systems developed by freelance web developers and actions/omissions have consequences including negative ones for others in different ways. “The professional commits to a “higher degree of care” for those affected by the computing product” (Gotterbarn 2001). Different researchers and philosophers have emphasized that the technologies including information technologies affect social structures and societal values and vice a versa (e.g., see Barley 1986, Gil-Garcia 2006; Friedman et al. 2002; and Fountain 2001). Therefore, while designing or developing the applications and systems, freelance web designers and developers should realize that as in other cases of technology design and development, they are not only designing mere technical artifacts but they are contributing to the design and development of society. According to such a perspective, it is obvious that they are socially responsible for the development of workable and safe systems. Considering the social consequences and effects of their systems and applications can help freelancers to act in socially acceptable and culturally desirable way.

5 Recommendations

The act of understanding the different types of relationships with others in the society could help freelance web developers to realize their responsibilities. As discussed by Johnson (1995) computer professionals typically maintain at least four types of relationships. These are Employer-Employee, Client-Professional, Society-Professional, and Professional-Professional. To avoid confusion we propose to use the word agent, as short for agent of responsibility, to discuss these relationships of freelance web developers. We can say that in many situations, freelance web developers have to maintain four types of relationships and they are Employer-Employee, Client-Agent, Society-Agent, and Agent-Agent.

In most of the cases of freelance web development, Employer-Employee and Client-Agent relationships overlap. In many settings, the client is also the employer during the project therefore there are lesser chances that the freelance web developer would face a situation in which he has to prioritize the conflicting responsibilities and relationships to maintain with his employer or with his client. Responsibilities towards employers include developing software efficiently and enhancing the company’s profitability (Wolf and Grodzinsky 2006). Users of the web system or application can be considered as clients too. We may further elaborate this relationship as User-Agent relationship. Responsibilities including meta-task responsibilities towards the users include development of easy to use and secured system according to their requirements that might enable them to take on their responsibilities and roles.

Freelance web developers have indirect relationship with the society — i.e., Society-Agent relationship—and as discussed, they have the capacity of causing harm to others in the society. Freelance web developers should avoid crossword puzzle solving approach. They should develop websites after considering the repercussions of the solution to the client, users, and society. They are paid for successful completion of assigned tasks, but it is they themselves who are in the best position to evaluate whether or not the task has been adequately fulfilled (Collins et al. 1994). Being the agents of responsibility, freelance web developers should use their skills and knowledge to develop web applications and systems by keeping in mind the product and its aftermath. Moreover, they should not use the escape strategy—i.e., escaping and avoiding the responsibility and tasks assigned to them. An escape strategy in our case is the usage of free code without proper understanding and debugging. While using the free code, freelance web developers should ensure that the code is safe, technically workable, and ethically right to be reused.

Sometimes freelance web developers have to maintain, Agent-Agent relationships—for example, when one is re-using the code or asking others to be involved in testing and debugging process. In a survey of 300 informal and formal web developers Rosson et al. (2005) tried to find out web developers’ relationships with colleagues. Both programmers and non-programmers web developers thought that colleagues should collaborate in testing the website and they needed each other’s contents. Their results showed that interdependence in formal and informal web developers was less common. Freelance web developers should establish and maintain Agent-Agent relationships in the areas of their expertise as well as in other related areas. It may help them in getting assistance during the systems development and testing.

To avoid the problems associated with the usage of free malicious or bugged code, freelance web developers should not adopt ad hoc approaches. Following a 4 step model might be advisable for the usage of free code in web applications development by freelance web developers:
  1. 1.

    Search and acquire the code from resources known to be reliable

     
  2. 2.

    Scan, understand, and analyze the code

     
  3. 3.

    Modify, integrate, test, and debug the code

     
  4. 4.

    Upload, maintain, and evaluate the integrated system

     

Working in accordance with this model might result in correct and responsible usage of free code for the development of adequate web applications and systems.

The adoption of a process of proto-professionalization may also help the freelance web developers to act in a more responsible way. Freelance web developers should adopt conceptual frameworks and values of the computing profession as discussed by de Swaan (1990) for health industry. Freelancers should strive to become members of international association or community of computing or web development. Organizations and individuals who hire the freelance web developers should ensure that freelancers are members of international associations of computing, software, or web development. These associations may issue licenses to freelancers after confirming their education, training, or experience and ask freelancers to follow associations’ code of ethics. Violations could result in the cancellation of membership and practice as freelance web developers. “Codes of ethics and practice can be enormously powerful if used proactively” (Rogerson 2002). There is a need that institutional structures are well placed and authority of these associations is recognized internationally. Software Engineering Code of Ethics and Professional Practice, and work done by ACM and IEEE-CS can be used as a framework (Gleason 2002). Special agreements and contracts—for example, service level agreements for offshore developments—may be employed for setting up the work targets, provision of desirable services, allocation of responsibilities, measurement of performances, and penalties or bonuses for under or over-accomplishments (see Beaumont 2006).

Moreover, courses of ethics especially for ethical evaluations of different situations might be offered to freelance web developers by these associations or by different ethics platforms. These courses may help freelance web developers in evaluating different situations of moral concerns and assist in acting accordingly.

We would like to underline that only preaching in terms of responsibilities, obligations, good behavior, and practices is not enough. Incentive structures have to be designed for freelancers who do their jobs better and build the applications in morally acceptable ways. In addition, there might be a need to make changes in the laws. Many have argued that if morally irresponsible behavior never leads to punishment and legal liability, then there is no incentive to act morally (e.g., see Cane 2002).

6 Conclusions

Sometimes, freelance web developers reuse free code that may cause harm to the users, clients, and others. Threats and vulnerabilities of using free code in web applications and systems include but are not limited to hacking, identity theft, privacy infringements, spamming, spread of harmful programs, and server side problems. In this paper, we have discussed that freelance web developers are not only responsible in these cases, but being agents of responsibility they have the moral, role, legal, causal, meta-task, and social responsibilities. Even if we do not consider freelancers as professionals, they may still be liable, accountable, blamable, and causally responsible for their work. Freelance web developers are answerable for the possible negative consequences of their actions and omissions. Freelancers should act in morally acceptable ways and should complete their work to the best of their skills and knowledge since the significant interests and the well-being of others may depend on the systems they develop. Freelancers should only reuse the code after understanding, debugging, modifying, integrating, and testing it fully. To gain public trust and to perform their duties in ethically acceptable ways they should strive to become a member of international association of computing or web development and follow their code of ethics. Rather than using the free code and designing poor web systems, freelance web developers should make vigorous efforts towards safe and good design in website designing and development. They should develop complete, consistent, and safer web applications and systems with future oriented approach towards responsibility by keeping the consequences and potential harms of their systems and applications in mind.

Notes

Open Access

This article is distributed under the terms of the Creative Commons Attribution Noncommercial License which permits any noncommercial use, distribution, and reproduction in any medium, provided the original author(s) and source are credited.

References

  1. Barley, S. R. (1986). Technology as an Occasion for Structuring: Evidence from Observations of CT Scanners and the Social Order of Radiology Departments. Administrative Science Quarterly, 31(1), 78–108.CrossRefGoogle Scholar
  2. Beaumont, N. B. (2006). An Overview of Service Level Agreements. In H. Kehal & V. Singh (Eds.), Outsourcing and Offshoring in the 21st Century: A Socio-Economic Perspective (pp. 302–325): IGI Publishing.Google Scholar
  3. Burden, K., & Palmer, C. (2003). Internet crime: Cyber Crime—A new breed of criminal? Computer Law & Security Report, 19(3), 222–227.CrossRefGoogle Scholar
  4. Cane, P. (2002). Responsibility in law and morality: Hart Publishing.Google Scholar
  5. Chan, E. S. K., & Swatman, P. M. C. (2000). Electronic Commerce Careers: a Preliminary Survey of the Online Marketplace. Paper presented at the Electronic Commerce: The End of the Beginning—13th International Bled Electronic Commerce Conference, Bled, Slovenia.Google Scholar
  6. Chuck, H. (1996). Unintentional power in the design of computer systems. SIGCAS Comput. Soc., 26(4), 6–9.CrossRefGoogle Scholar
  7. Collins, W. R., Keith, W. M., Bethany, J. S., & Phillip, W. (1994). How good is good enough?: an ethical analysis of software construction and use. Communications of the ACM, 37(1), 81–91.CrossRefGoogle Scholar
  8. De Swaan, A. (1990). The management of normality: critical essays in health and welfare. London; New York: Routledge.Google Scholar
  9. Fountain, J. E. (2001). Building the virtual state: information technology and institutional change. Washington, D.C.: Brookings Institution.Google Scholar
  10. Friedman, B., Peter H. Kahn, J., & Borning, A. (2002). Value Sensitive Design: Theory and Methods (Report): University of Washington, Department of Computer Science and Engineering.Google Scholar
  11. Geer, D. (2005). Malicious bots threaten network security. Computer, 38(1), 18–20.CrossRefGoogle Scholar
  12. Gil-Garcia, J. R. (2006). Enacting State Websites: A Mixed Method Study Exploring E-Government Success in Multi-Organizational Settings. Paper presented at the Proceedings of the 39th Annual Hawaii International Conference on System Sciences, 2006. HICSS '06, Kauai.Google Scholar
  13. Gleason, D. H. (2002). ICT Professionalism. Paper presented at the ETHICOMP 2002 "The Transformation of Organisations in the Information Age: Social and Ethical Implications, Lisbon, Portugal.Google Scholar
  14. Gotterbarn, D. (1995). The Moral Responsibility of Software Developers: Three Levels of Professional Software Engineering. Journal of Information Ethics, 4(1), 54–64.Google Scholar
  15. Gotterbarn, D. (2001). Informatics and professional responsibility. Science and Engineering Ethics, 7(2), 221–230.CrossRefGoogle Scholar
  16. Johnson, D. G. (1995). Professional Ethics. In D. G. Johnson & H. Nissenbaum (Eds.), Computer, Ethics & Social Values (pp. 559–572). Upper Saddle River, NJ: Prentice Hall. 07458.Google Scholar
  17. Johnson, D., & Powers, T. (2005). Computer Systems and Responsibility: A Normative Look at Technological Complexity. Ethics and Information Technology, 7(2), 99–107.CrossRefGoogle Scholar
  18. Kabay, M. E. (2005). Some notes on malware. Ubiquity, 6(30), 1–1.Google Scholar
  19. Lawton, G. (2007). Web 2.0 Creates Security Challenges. Computer, 40(10), 13–16.Google Scholar
  20. Leung, C. K., & Wong, J. (2000). Professional Ethics—A life-long pursuit by an engineer. Paper presented at the IVETA Conference 2000: Vocational Education and Training for Life Long Learning in the Information Era, Hong Kong.Google Scholar
  21. Lima, T. d., Royakkers, L. e., & Dignum, F. (2008). Towards a Formalization of Responsibility. Paper presented at the 3rd International Workshop on Normative Multiagent Systems NorMAS 2008, Luxembourg.Google Scholar
  22. Ollmann, G. (2007). Writing secure code. Network Security, 2007(5), 16–20.CrossRefGoogle Scholar
  23. Quinn, M. J. (2005). Ethics for the information age. Boston: Pearson/Addison-Wesley.Google Scholar
  24. Radnofsky, M. (2006). Corporate and Government Computers Hacked by Juveniles. The Public Manager, 35(3), 50–55.Google Scholar
  25. Rogerson, S. (2002). The software engineering code of ethics and professional practice: a case for being proactive. Paper presented at the Proceedings. 26th Annual International Computer Software and Applications Conference, COMPSAC 2002, Oxford, England.Google Scholar
  26. Rosson, M. B., Ballin, J., & Rode, J. (2005). Who, what, and how: a survey of informal and professional Web developers. Dallas, Texas, USA: Paper presented at the IEEE Symposium on Visual Languages and Human-Centric Computing.Google Scholar
  27. Spafford, E. H. (1992). Are computer hacker break-ins ethical? Journal of Systems and Software, 17(1), 41–47.CrossRefGoogle Scholar
  28. Stahl, B. C. (2002). Social Responsibility in the Information Age is to Maximise Profits—Isn't It? Paper presented at the 2002 Information Resources Management Association International Conference, Issues and Trends of Information Technology Management in Contemporary Organizations, Seattle, USA.Google Scholar
  29. Stahl, B. C. (2006). Is Forensic Computing a Profession? Revisiting an Old Debate in a New Field. Journal of Digital Forensics, Security and Law, 1(4), 49–66.Google Scholar
  30. Takanen, A., Vuorijärvi, P., Laakso, M., & Röning, J. (2004). Agents of responsibility in software vulnerability processes. Ethics and Information Technology, 6(2), 93–110.CrossRefGoogle Scholar
  31. Taylor, M. J., McWilliam, J., Forsyth, H., & Wade, S. (2002). Methodologies and website development: a survey of practice. Information and Software Technology, 44(6), 381–391.CrossRefGoogle Scholar
  32. Van den Hoven, M. J. (1998). Moral Responsibility, Public Office and Information Technology. In I. T. M. Snellen & Donk WBHJvd (Eds.), Public administration in an information age : a handbook (pp. 97–112). Amsterdam; Washington, DC: IOS.Google Scholar
  33. Van den Hoven, J. (2008). Information Technology, Privacy, and the Protection of Personal Data. In J. v. d. Hoven & J. Weckert (Eds.), Information Technology and Moral Philosophy (pp. 301–322): Cambridge University Press.Google Scholar
  34. Wales, E. (2002). Your Money or your Website? Computer Fraud & Security, 2002(12), 7–8.CrossRefGoogle Scholar
  35. Watson, D. (2007). Web application attacks. Network Security, 2007(10), 10–14.CrossRefGoogle Scholar
  36. Wolf, M. J., & Grodzinsky, F. S. (2006). Good/fast/cheap: contexts, relationships and professional responsibility during software development. Paper presented at the 2006 ACM symposium on Applied computing, Dijon, France.Google Scholar
  37. Woodbury, M. (1998). Defining web ethics. Science and Engineering Ethics, 4(2), 203–212.CrossRefGoogle Scholar

Copyright information

© The Author(s) 2009

Open AccessThis is an open access article distributed under the terms of the Creative Commons Attribution Noncommercial License (https://creativecommons.org/licenses/by-nc/2.0), which permits any noncommercial use, distribution, and reproduction in any medium, provided the original author(s) and source are credited.

Authors and Affiliations

  1. 1.Department of Philosophy and Department of ICT, Faculty of Technology, Policy and ManagementDelft University of TechnologyDelftthe Netherlands
  2. 2.Department of Philosophy, Faculty of Technology Policy and ManagementDelft University of TechnologyDelftthe Netherlands

Personalised recommendations