Given the potential that trust auditing appears to hold in the abstract, it is worth thinking about what such evaluations might actually look like in practice:
To begin, it seems reasonable to expect that individual community members and their leaders would be interested in seeing some version of trust auditing come to fruition. As noted in the introduction, public trust in technology developers is quickly and significantly declining. Thus, now more than ever, private citizens are positioned to understand the importance of using trust audits to distinguish ethically oriented enterprises from those less well-inclined. Similarly, community leaders are likely to view trust audits as a way of identifying technology companies that are truly disposed to respect the interests and needs of local individuals and to establish fair and equitable relationships with local institutions. Consequently, if promoted effectively, trust audits seem primed to garner public favour.
At the same time, it is important to recognize that trust audits would be a complex and somewhat resource-intensive undertaking. At the least, they require auditors to have the time and the means to identify, collect, and interpret significant amounts of technical information and to make complex inferences about a company’s ethical disposition and competencies. It would, therefore, be unrealistic to think that many private citizens would be interested, let alone capable, of performing their own trust audits. Instead, both community members and community leaders would likely want to identify or appoint a team of dedicated trust auditors whose work would be shared publicly. In this vein, some communities might delegate the job of trust auditing to local government, others might prefer to have trust audits be performed in association with a local university, while others might desire that these evaluations be undertaken by a panel of public volunteers.
In addition to being adequately resourced, trust audits must be viewed as credible sources of information by the populations they are meant to serve. Auditing teams must therefore be constituted in ways that accord with the epistemic and ethical norms of their communities. For example, because different communities view different social roles as embodying ethical authority, some may look to local religious figures to contribute, while others might prefer to involve professional ethicists, and still others might think that this is a role best suited to members of the legal profession or some other sort of recognized moral leader. At the same time, determining the disposition and competencies of complex organizations like technology companies is no easy feat, especially when these institutions may have a vested interest in disguising their real motivations or manipulating their public image. It is therefore essential for auditing teams to include subject-matter experts who can speak to the nature of the technologies that a company is producing as well as to the tenor of that company’s business practices. As such, auditing teams are likely to include some combination of academics, technology specialists, members of professional societies and trade unions, members of the local business community, and others with relevant expertise. Moreover, there is nothing to preclude auditing teams from consulting with outside experts, especially if this is deemed necessary to the production of an accurate assessment. The other major consideration, when it comes to credibility, is the danger of trust audits being unduly influenced by technology companies or other stakeholders. With this threat in mind, individual trust auditors will likely be vetted for potential conflicts of interest, and trust auditing teams will need to be resourced and managed in ways that ensure their analytic independence.
Once constituted, trust auditing teams will aim to produce assessments that are comprehensible to most members of the public and yet detailed enough to explain and justify the auditors’ conclusions to critical readers. As such, their work will be best formulated and promoted as independent panel reports, akin to those created by legal or governmental working groups. Such reports generally consist of detailed findings of fact and of the reasoning that the panelists used to reach their empirical and normative conclusions. They may even include the concurring or dissenting opinions of various panel members. These reports can be disseminated as both summary- and long-form documents, allowing members of the public to either quickly scan the auditors’ claims or to investigate the logic of their evaluations more fully.
Insofar as trust audits provide a detailed account of the evidence, the reasoning, and the conclusions of an independent body of local ethical and subject matter experts, they offer more detailed and authoritative judgments than everyday journalism. That said, trust audits will ideally be shared through social media and be reported on by local media outlets in whatever forms are most efficacious in that locality, be it television, newspaper, radio, etc. After all, the point and purpose of trust audits is to increase public awareness and responsiveness to the trustworthiness of various technology companies. But, more than this, the involvement of social and popular media offers auditees an opportunity to publicly respond or even to challenge trust auditors’ reasoning. For example, a company might contest an auditing teams’ framing of an issue or it might release countervailing information (Wynne, 2007). In this way, trust audits might actually prompt technology companies into public discussions about their own trustworthiness.
Now, despite the fact that trust audits would likely be crafted by subject-matter experts and conveyed via detailed panel reports, there could never be a single, final, and authoritative trust audit for any given technology company. For one thing, the quality of these assessments would be dependent upon the evidence that an auditing team has access too, as well as upon their skill at interpreting and reasoning through what that information suggests about a particular company’s operations. For another thing, the technology sector is a rapidly evolving space and developers pride themselves on being agile when it comes to adjusting both their products and their business practices. It is quite common to see technology companies shifting operations strategies, committing themselves to new technologies, or even quickly rebranding themselves (Thomas, 2021).
A couple of things follow from this. First, trust audits should be understood and promoted as being provisional in nature. There is nothing surprising about this, since in much the same way that new operations, new opportunities, and new information can affect a company’s valuation, so too can they affect an assessment of its trustworthiness. Second, the provisional nature of trust audits means that these evaluations should not be viewed as a one-time exercise or even a short-term project. Updates, revisions, and replacement audits should be an expected part of the process. Hence, trust auditing should not be thought of or treated as a quick fix but rather embraced as an ongoing endeavor. For a community to do otherwise would be to risk forming and promoting outdated understandings of technology companies’ ethical trustworthiness.
With all the preceding in mind, it seems that there is reason to believe that trust audits would be welcomed; that they would be performed by community appointed teams of trust auditors; and that they would be made available as a regularly updated series of detailed panel reports. Through their dissemination via social and local media, these reports would not only raise public awareness and stimulate debate about the trustworthiness of technology companies. They would also create new opportunities for engagement between members of the public and such businesses. In these ways, trust audits might help to focus public attention and public judgment on the ethical dispositions and competencies of specific technology companies, and thereby prompt such businesses into more fully embracing tech ethics.