A Code of Digital Ethics: laying the foundation for digital ethics in a science and technology company

The rapid and dynamic nature of digital transformation challenges companies that wish to develop and deploy novel digital technologies. Like other actors faced with this transformation, companies need to find robust ways to ethically guide their innovations and business decisions. Digital ethics has recently featured in a plethora of both practical corporate guidelines and compilations of high-level principles, but there remains a gap concerning the development of sound ethical guidance in specific business contexts. As a multinational science and technology company faced with a broad range of digital ventures and associated ethical challenges, Merck KGaA has laid the foundations for bridging this gap by developing a Code of Digital Ethics (CoDE) tailored for this context. Following a comprehensive analysis of existing digital ethics guidelines, we used a reconstructive social research approach to identify 20 relevant principles and derive a code designed as a multi-purpose tool. Versatility was prioritised by defining non-prescriptive guidelines that are open to different perspectives and thus well-suited for operationalisation for varied business purposes. We also chose a clear nested structure that highlights the relationships between five core and fifteen subsidiary principles as well as the different levels of reference—data and algorithmic systems—to which they apply. The CoDE will serve Merck KGaA and its new Digital Ethics Advisory Panel to guide ethical reflection, evaluation and decision-making across the full spectrum of digital developments encountered and undertaken by the company whilst also offering an opportunity to increase transparency for external partners, and thus trust.


Introduction
The digital transformation has resulted in drastic change at every level of society (Floridi 2014). Enabled by the increased capabilities, miniaturisation and proliferation of computer hardware, the possibilities for collecting, connecting and analysing vast amounts of data from a wide variety of sources have grown exponentially, along with the complexity and ubiquity of the algorithmic systems employed to analyse and utilise this data.
Building upon the foundations laid by computer and information ethics since the second half of the Twentieth Century (Moor 1985;Bynum 2018;Floridi 2013), the young field of data ethics  has been tackling the ethical challenges posed by both the data expansion and the accompanying algorithmic advances. The former include, for example, privacy concerns, as personal data from different areas of life can be combined and recombined to reveal ever more comprehensive and intimate insights into the habits and preferences of individuals and groups . The latter concern bias, transparency and responsibility issues arising around the development and function of algorithms (Rochel and Evéquoz 2021;, as well as the increasing inscrutability and sophistication of machine learning approaches that have precipitated a recent flourish of enquiry into the ethics of artificial intelligence (AI) or more broadly automated decisionmaking-systems (Hagendorff 2020;Mökander et al. 2021b).

Digital ethics challenges for science and technology companies
Whilst some principles-such as responsibility, transparency, beneficence and justice-feature almost universally in digital ethics, others apply more specifically to certain types of organisations. For example, in the case of companies seeking to develop and deploy novel digital technologies, it may be particularly important to weigh the opportunity costs of foregoing a potentially profitable new product, service or innovation against the potential risks of a mis-and overuse, especially in areas of regulatory uncertainty. Balancing these principles has significantly impacted regulatory adoption and consumer acceptance of innovations (e.g., as previously observed with genetically modified crops in the European Union) and seems to be important for developing new digital technologies too, as indicated by a recently stalling consumer uptake of digital health solutions due to mistrust in companies and lack of understanding (Safavi and Kalis 2020). Regulatory and cultural differences between countries (ÓhÉigeartaigh et al. 2020) may exacerbate some of these challenges for companies operating internationally. This makes a strong case for considering ethical and societal expectations when planning business strategies (Handelsblatt Research Institute 2015; Institute for Business Ethics 2018), to allow companies to "identify and leverage new opportunities that are socially acceptable" whilst avoiding socially unacceptable courses of action that may be "rejected, even when legally unquestionable [and lowering] the opportunity costs of choices not made or options not grabbed for fear of mistakes" (Floridi et al. 2018). Another specific challenge facing companies and similar organisations that pursue practical digital innovation are that ethical principles need to be operationalised for business purposes to provide useable tools in a variety of contexts. These range from business case analyses and panel evaluations to guidance for individual employees and external communications aiming to build trust. Any tools developed should also be universal and flexible enough to be applicable and adaptable to the organisation's various sectors, projects and stakeholders, which may all feature different perspectives.
As a multinational science and technology company operating across healthcare, life science and performance materials, Merck KGaA (henceforth Merck) has, like other corporations, experienced digital changes and challenges to both its internal workings and the ways in which it conducts and develops its business. AI-based approaches now feature for example in drug discovery and supply chain integrity protection (Merck 2020a), and big data applications are used in human resources and-perhaps most prominently-are at the heart of Syntropy, a partnership between Merck and Palantir Technologies Inc. specialising in integrating healthcare data from different sources to give scientists and research centres access to a collaborative technology platform for cancer research (Merck 2020b).
Due to the rapid nature of digital developments, comprehensive legal regulations have not yet been developed in all relevant areas (Gordon 2021). Given this regulatory gap, companies such as Merck that wish to operate responsibly and guided by ethically sound principles, need to be proactive about finding, communicating and implementing suitable standards for innovations that are not yet covered in detail by regulatory frameworks. Moreover, many ethical "should" questions go beyond the scope usually provided in legal regulations, which provide practitioners mainly with answers to "could" questions. However, finding answers to the ethical questions are important for building and maintaining trust in a company's operations ). Merck has a strong track record of proactively seeking and implementing ethical guidance, especially in the biomedical field which has also often progressed rapidly beyond the scope of current regulation. Here, the Merck Bioethics Advisory Panel, which consists of disclosed external experts from diverse backgrounds in bioethics, philosophy and law, has provided practical guidance to the company's healthcare and life science businesses in areas of high regulatory uncertainty. Based on the panel's advice, Merck has published principles to guide the company's research and development process in the areas of genome editing (Sugarman et al. 2018), stem cell research, and fertility research, in accordance with ethical standards.
Whilst the Syntropy partnership clearly belongs to the biomedical sphere, its business model, which involves enabling the integration and exchange of large amounts of highly sensitive patient data, is raising ethical challenges that are not fully covered by prevailing bioethical principles and fall outside the core expertise of the Merck Bioethics Advisory Panel. To be able to specifically address issues of digital ethics, Merck has, therefore, installed a new expert committee, the Merck Digital Ethics Advisory Panel, which operates as a separate yet interconnected advisory body (Merck 2021). Additionally, Palantir has a long history (since 2012) of drawing upon the advice of its Palantir Council of Advisors on Privacy and Civil Liberties (PCAP) as a group of independent experts in privacy law, policy, and ethics to understand and address the complex issues encountered in the course of its work.

Seeking a principle-based Code of Digital Ethics
To develop a scientifically valid foundation to guide ethical decision-making throughout the company, we sought to develop a Code of Digital Ethics for Merck that is both ethically rigorous and suited for operationalisation across the full scope of digital ethics challenges arising at Merck. Such an internal guideline should function as a common groundwork from which to derive suitable strategies and procedures for different business sectors and individual employees to enable them to navigate areas of high regulatory uncertainty. It should also provide a clear structure for the assessment of ethical questions by the new Merck Digital Ethics Advisory Panel and other decision-makers, and help to build trust with customers and business partners. Due to the recent rapid increase and the pervasive nature of digital developments, many different organisations have started to develop practical ethical guidance in this sphere. This has led to a plethora of guidelines, ranging from individual companies' big data or AI codices (Deutsche Telekom 2018; SAP 2018; Telefónica 2018), to recommendations for specific societal sectors like the healthcare system (Deutscher Ethikrat 2017;, to high-level frameworks that target society as a whole at national (Die Bundesregierung 2018; Datenethikkommission 2019; UK Government 2018) or even international (EGE 2018;ICDPPC 2018;CEPEJ 2018) levels.
Recognising that "the sheer volume" of individual principles proposed in such a frontier situation "threatens to overwhelm and confuse" (Floridi and Cowls 2019), there have been several attempts to compare this abundance of heterogeneous and yet overlapping documents, to extract common core principles and recurring topics from them and to synthesise these into unified frameworks of digital or AI ethics (Floridi et al. 2018;Jobin et al. 2019;Fjeld et al. 2020;Hagendorff 2020). Such meta-analyses offer valuable orientation but cannot necessarily provide the specific perspective needed for individual organisations with their unique digital challenges, needs and values, or for translating high-level principles into robust practice (Mittelstadt 2019;Floridi 2019;Hickok 2020;Blackman 2020). We, therefore, decided to pursue a tailor-made approach that combines an analysis of the most relevant data and AI ethics guidelines with the extraction of key principles suitable for Merck and their translation into guidelines that can serve as a foundation for the diverse operationalisation requirements within the organisation.

Crafting the CoDE
Creating the CoDE took three steps, (1) principle analysis, (2) principle mapping and (3) CoDE derivation (see Fig. 1). The first step involved the selection of relevant literature according to predefined criteria and the identification and consolidation of the topics and ethical principles contained in these documents, using a reconstructive social research approach (Vogd 2009;Özbilgin 2006;Bohnsack 1999). During the second step of the project, we defined the most important core principles and mapped the remaining principles to them in subsidiary groups. All principles were then, in the third and final step, translated into the guidelines that constitute the CoDE.

Principle analysis
In our analysis, we considered recent 1 literature that fulfilled three criteria: First, all documents included had to refer to the ethical handling of data and/or AI, machine learning or other aspects of algorithmic systems. 2 Secondly, each document had to contain normative statements about data and/ or algorithmic systems. Thirdly, the editor had to be from Europe. Across Europe, there has been especially strong commitment to stringent scrutiny of the ethical challenges   (Floridi and Taddeo 2016), we chose to limit our search to the five years prior to the commencement of this project (2015-2019). 2 The terms "artificial intelligence" (AI) and "machine learning" are often used interchangeably or to refer more broadly to advanced algorithmic systems, and a majority of guidelines explicitly uses "AI" as an umbrella term. However, as the German Data Ethics Commission (DEK) has pointed out, "[AI] […] represents only a special manifestation and thus a subset of algorithmic systems" (DEK 2019, p. 34). The broader term "algorithmic systems" appears therefore better suited to comprise the full variety of algorithmic applications that may pose ethical challenges in the context of this analysis. As a baseline, we used the compilations of recommendations, guidelines, frameworks and sets of principles on data and algorithm ethics (henceforth referred to as "guideline documents") by the Harvard Internet Institute (later published by Fjeld et al. 2020) and Algorithm Watch's crowdsourced AI Ethics Guidelines Global Inventory (https:// inven tory. algor ithmw atch. org). This yielded 32 and 83 publications, respectively, and was complemented by internet searches for the keywords "digital ethics", "data ethics" and "corporate digital responsibility", yielding two additional publications. After eliminating 15 duplicates from this collection of 117 documents, we excluded a further 60 guidelines that did not originate from European sources, leaving a total of 42 European guideline documents (see Online Resource 1).
These documents were subjected to the reconstructive social research approach in four steps: First, we examined the documents for explicitly named principles, recording all text passages with such explicit mentions. 3 We also included certain recurring topics that could not be directly identified as principles but were related to them and considered relevant due to their frequency. This resulted in an initial list of 29 recurring principles and topics (see Fig. 2) that either represented, or bore a close connection to, ethical principles. As a second step, we formulated preliminary definitions of the topics thus uncovered, guided by the scope of the recorded passages. In a third step, we used these definitions to examine the documents a second time, to uncover and extract passages that mentioned the corresponding topics implicitly. Implicit mentions were discussed in the team and only recorded as referrals to the previously agreed topics if a match was agreed unanimously.
We then reduced the list of 29 topics to 20 central digital ethics principles in the fourth and final step (see Fig. 3). This reduction process aimed to remove some ambiguities and overlaps discovered upon further scrutiny of the preliminary definitions and the newly recorded implicit text passages: Some topics could not be directly identified as ethical principles but might be assigned to one (for example "data and AI usage" and "data collection" to the principle of proportionality). Others were not suitable for such assignment and instead dropped from further analysis ("research practices" and "societal ethics"). The principles "equality" and "fairness" were combined under the principle of "equality" since the latter, although lexically subordinate to "fairness", constitutes a more specific and thus easier to operationalise principle with particular relevance for digital innovations and businesses. Finally, some topics were of such a basic nature or of such overarching importance that it appeared more appropriate to introduce them in a foundational preamble to the main principles. The topic "respect law", for example, was moved to the preamble of the CoDE since in a business context, compliance with the applicable law is considered a fundamental prerequisite that needs to be met before further ethical principles are discussed. And while a specific aspect of the topic "governance mechanisms"-reliability-found translation into the final set of principles, the topic's broad scope also warranted its inclusion in the preamble. Similarly, the topics "human rights", "ethical design" and "trustworthiness" were also placed in the preamble.

Principle mapping
We next strove to facilitate understanding and navigation of the identified principles, as well as their suitability for later operationalisation, by refining their preliminary definitions, elucidating their relationships to each other, and structuring them further in a hierarchical model with core principles that have the remaining principles mapped to them as subsidiaries.
The final definitions of the 20 principles were derived in an iterative process by further analysing the text passages from the 42 guideline documents that had previously been recorded as explicit or implicit referrals to the principles. Care was taken to ensure that no nuances were lost where terms from the initial list of 29 topics and principles had been combined or transformed. The full definitions of all   Five particularly far-reaching principles were selected as core principles as they represent the essence of larger thematic clusters that are arguably suitable as a foundation of digital ethics: autonomy, non-maleficence, beneficence, justice and transparency. Of these, the first four appear as classical principles of biomedical ethics and have been championed in this field since the 1970s (Beauchamp and Childress 2019). Their affinity to digital ethics has previously been highlighted by Floridi et al. (2018), who state that "

Remaining Principles and Topics
[o]f all areas of applied ethics, bioethics is the one that most closely resembles digital ethics in dealing ecologically with new forms of agents, patients, and environments". Although limitations of their applicability to digital ethics have also been pointed out, referring to the comparative recency and heterogeneity of digital developments (Mittelstadt 2019), the four principles of biomedical ethics feature heavily in many digital ethics guidelines, albeit adjusted to the specific digital challenges discussed (e.g. Floridi et al. 2018;Jobin et al. 2019).
For the purpose of developing Merck's CoDE, choosing an integrated methodology around Beauchamp and Childress' principled ethics seemed plausible because the fourprinciple-approach has proven convenient to analysing a broad spectrum of ethical dilemmas in medicine and bioscience and has become one of the most influential frameworks in applied ethics generally over the past decades. Moreover, Merck has been successfully utilizing principle-based thinking and ethical analysis to guide business decisions in areas of regulatory uncertainty related to its healthcare and life science operations, e.g. by implementing ethical guidance of the Merck Bioethics Advisory Panel.
However, the four principles clearly cannot cover all ethical issues raised by data use and algorithmic systems. Therefore, we selected transparency as a fifth core principle. Transparency had by far the most mentions in the guidelines analysed (39 of 42, see Fig. 2) and works well as the core of a final cluster to structure related principles and to complement the clusters around the biomedical ethics principles. Although transparency has traditionally been regarded as an integral part of the autonomy principle in the field of bioethics, its reach beyond the individual patient perspective and its outstanding relevance for ethics in data and AI warrant its appreciation as a distinct principle in digital ethics. For example, while the asymmetry of information between a patient and a physician is an important factor influencing the autonomy principle in medical ethics, it does not fully capture the importance of transparency with regards to complex data ecosystems and algorithmic systems, which for the most part operate invisibly and are unintelligible to the vast majority of observers, yet affect far more people. The importance of transparency is reflected by how much consumer confidence depends on comprehension of, and trust in, digital offerings, including how and by whom data and results will be used (Safavi and Kalis 2020). Thus, we arrive at similar conclusions as Floridi et al. 2018, who chose explicability as a fifth key principle, which shares many features with the transparency principle as defined by us.
Indeed, these shared features can serve as an example to illustrate how we mapped the remaining 15 principles uncovered in our analysis to the five core principles. We sought to assign additional principles to each core principle to highlight and address its key aspects and characteristics. Assignment was initially undertaken independently by two team members, already resulting in a high level of agreement. Any remaining discrepancies were discussed by the entire team and resolved consensually. Initial attempts to map the principle explainability (which is synonymous with explicability) to one of our core principles resulted in uncertainty whether autonomy or transparency would provide a better fit. According to our final definition, "In the context of digital solutions, explainability means that users can understand how the results of algorithm-based processes are achieved [,] that users know the reason for their decision wherever they are directly or indirectly affected by automated decisions [and that] users receive sufficient information about the models used and the architecture of the algorithmic system". This definition fits well with the core principle of transparency because explainability serves to increase transparency, but it also increases the autonomy of users by enabling them to make better-informed evaluations of the algorithms affecting them. We ultimately chose to assign explainability to autonomy, due to our definition's focus on strengthening users' decision-making abilities, but the strong connection to transparency obviously remains. The final mapping of the CoDE's principles is shown in Fig. 4.
Within each cluster of principles, descriptions follow a clear pattern. Each core principle (see Fig. 5) is introduced by (1) listing the other principles assigned to it; followed by (2) a definition of the core principle; (3) risks that may result from not respecting it; and (4) a description of the relationship between the core principle and the principles assigned to it. Subsidiary principles (see Fig. 6) are introduced by (1) stating the reference level(s) addressed by the principle-data, algorithmic systems or both-; followed by (2) a definition of the principle in the context of digital solutions; (3) the risks involved if it is not taken into account by organisations; (4) examples of solutions to help organisations counteract these risks and to preserve this principle; and (5) an explanation of why the principle supports the associated core principle.

CoDE derivation
In the third and final step of this project, we sought to transform the principles into guidelines for ethical decisionmaking around digital applications and to present them in a CoDE that clearly expresses how Merck intends to handle its data and algorithmic systems and any associated services and products. The target audience of the CoDE should be everyone who develops, operates, uses or decides on the use of Merck's digital offerings. Scrutiny of the existing guideline documents analysed by us revealed considerable heterogeneity. The level of reference, underlying principles and recommended measures or organisational elements were frequently not easily identifiable. Indeed, the translation of "lofty" principles (Mittelstadt 2019) into robust and operationalisable guidelines that can enable truly informed decisions on the ground has been identified as a key challenge for digital ethics (Floridi 2019;Blackman 2020;Morley et al. 2021a). We decided to tackle this challenge with a strong dual focus on clarity and operationalisability.
Towards this end, we first took advantage of the clear structure previously established for the 20 principles by mirroring this structure in the CoDE guidelines. By firmly grounding our guidelines on relevant principles well established in the current digital ethics literature and elucidating both their meaning and their relationships to each other, we strove to arrive at guidelines that are relatable and understandable from the various perspectives found inside a company such as Merck whilst also maintaining a strong connection to the academic discourse on digital ethics. We hope that this approach offers a more rigorous foundation for developing a strong practice of digital ethics in a company than a code of conduct compiled with less reflection and reference about the origin, meaning, and relationship of the principles underlying its guidelines. Moreover, this clear foundation offers Merck the opportunity to learn from, and respond to, new developments in both the academic discourse on digital ethics and the company's own efforts to operationalise digital ethics throughout its practices, based on these guidelines.
We then selected three criteria to ensure operationalisability for business purposes and suitable to Merck's diverse activities and needs in the digital sphere. Further analysis of existing digital ethics guidelines (ITI 2017) as well as consultation of best practice recommendations from the established field of corporate social responsibility (FMLS 2020) convinced us that for successful operationalisation, guidelines should (1) avoid oversimplified closed normative statements ("dos and don'ts"), (2) instead strive to be universal (i.e. not limited to specific applications, technologies, ventures or measures) and (3) be open to multiple perspectives (i.e. not limited to addressing specific stakeholders). At the same time, the guidelines should be written from the perspective of Merck as a private-sector company with digital offerings and follow a consistent structure that clearly expresses the commitment of the company to each principle discussed and elaborates on specific intentions for implementing these commitments. Figure 7 illustrates the result of employing these criteria, using as an example the core guideline autonomy and its subsidiary guidelines. Each core guideline consists of a central statement that shows what Merck wants to achieve, followed by an elaboration of the content of the statement, the reference level(s) addressed, and an explanation of which subsidiary guidelines, derived from which principles, support the organisation in following this specific core guideline. The subsidiary guidelines follow the same structure, and the contents of all statements are derived from the principles on which these guidelines are based.
The full CoDE, including the preamble which explains the structure of the guidelines and introduces the CoDE's aim, building on the five fundamental topics identified in the analysis step (4.1), can be found in Online Resource 2.

Discussion
Our goal was to identify principles suitable for the development of a Code of Digital Ethics for Merck and to transform these into clear guidelines that lay the foundation for operationalising ethical reflection, evaluation and decisionmaking across the full spectrum of digital developments encountered and undertaken by the company. The CoDE should furthermore serve to clearly communicate to customers, business partners, and other external stakeholders the principles that underlie Merck's decision-making around its digital offerings, policies and initiatives. A simple compilation of high-level principles would likely have been too unwieldy and unstructured for these purposes, which is why we chose to further cluster and hierarchically order the individual principles. Even a cursory glance at other guideline documents and meta-analyses of such guideline documents shows that there are many ways to define, label and structure the principles, values and recurring topics at the heart of digital ethics. Our final five-byfour matrix of five core and 15 subsidiary principles resembles the structuring proposed by Floridi et al. 2018 but works with a somewhat different set and mapping of principles tailored to the needs of Merck's businesses. Others have chosen similar but longer (Jobin et al. 2019) or shorter (AI HLEG 2019) lists of core principles or hierarchical structures that appear quite different (Fjeld et al. 2020;Zeng et al. 2018), or they have foregone attempts at hierarchical structuring entirely (Hagendorff 2020). We believe that the nested structure chosen by us, with its clear overview at the top level of core guidelines and the details and relational information added by the subsidiary guidelines and levels of reference is well suited for a code that aims to be broadly accessible for diverse stakeholders and yet sufficiently nuanced to guide ethical decision-making in complex business contexts.
The very heterogeneity of digital developments has been proposed as an obstacle to finding common principles or rules that will be applicable across all potential ethical facets of the digital transformation and has highlighted the importance of devising and combining tailor-made solutions for different stakeholders, to enable them to share responsibility (Mittelstadt 2019;Blackman 2020 (2) In the context of digital solutions, explainability means that users can understand how the results of algorithm-based processes are achieved.
(3) If this principle is not respected, there is a risk of restricting the right of selfdetermination and, as a consequence, of a growing mistrust towards algorithmic systems and organisations using them.
(4) Organisations committed to the principle of explainability ensure that users know the reason for their decision wherever they are directly or indirectly affected by automated decisions. For example, in the application of an algorithmic system, it is understood which data are linked together to achieve the corresponding result. In addition, users receive sufficient information about the models used and the architecture of the algorithmic system. (1) Autonomy is a core principle to which the sub-principles explainability, privacy and literacy are assigned in the context of digital solutions.
(2) Autonomy has its origin in the ability of people to develop their own ideas of a good life and to pursue goals in a self-determined way. Accordingly, every human being has the right to make his own decisions and to act according to his own standards as long as this does not harm the interests of others.
(3) When autonomy is restricted, the human can become objectified. In the context of digital solutions, this danger exists both in the collection and processing of personal data and in automated decision making by algorithms.
(4) Organisations committed to the principle of autonomy have established measures to uphold the principles of explainability, privacy and literacy. To this end, they explain their algorithmic systems, respect the status of personal information and support users in acquiring user skills.
Relationship to other Subsidiary Principles . This makes it all the more important to be clear about the process by which certain principles are defined or given priority, as well as the relationships between principles and the reference levels-data and/or algorithmic systemsaddressed by them. Such clarity of structure, which we have strived to achieve in the CoDE, helps different actors and stakeholders to understand each other and to find common ground whilst recognising important differences in their perspectives and needs. As a multinational company operating across several sectors and comprising different businesses and partnerships, Merck relies on creating such understanding and common ground between different parties. By selecting a scientific methodology for creating the CoDE and fully documenting the process we also wish to offer a transparent baseline for other companies that may face similar challenges to obtain ethical guidance for digital innovation in a complex business environment. At the same time, our approach creates the opportunity to participate in the academic discourse on digital ethics and to learn from any feedback and further developments in the field that may inform the ongoing operationalisation and refinement of our own ethical guidance in the digital sphere. We consider such engagement essential to appropriately continue and further develop a process of reflection on, and implementation of, digital ethics in a multifaceted science and technology company such as Merck.
Given the variety of viewpoints, ventures and challenges encountered in the context of digital innovation we designed the CoDE as a multi-purpose tool-a robust framework for consistent ethical analysis and decision making that can be adapted to diverse business cases and against different national, international and culturally varied backgrounds. The three criteria applied during the formulation of the CoDE's guidelines-avoidance of closed normative statements; preference for universality; and openness to multiple perspectives-have yielded a document that we hope will be easy to operationalise in such varied situations. Towards this end, Merck's new Digital Ethics Advisory Panel is currently utilising the CoDE in a first test case for operationalisation to tackle ethical questions around patient data sharing that have arisen at Syntropy, with promising initial results. Other operationalisation efforts currently under development include the development of a tool We recognize that everyone has the right to live according to their own ideas and set their own goals. People should make their own decisions according to their own standards as long as this does not harm the interests of others. This also applies in the digital context when transmitting data or agreeing that data may be evaluated using an algorithm. We do not objectify human beings. The following three guidelines, based on the principles of explainability, privacy and literacy, guide the development of our digital services.
Autonomy "We respect the autonomy of every single human in our digital services" Explainability "We explain our algorithmic systems" We are convinced that algorithmic systems should be explainable. Everyone who uses or considers using our digital services should know whether they are directly or indirectly affected by an automated decision. If this is the case, we are committed to ensuring that they understand how the results of algorithm-based processes are achieved. Algorithmic systems that cannot be explained are carefully examined for their added value.

Algorithms
Privacy "We protect the privacy of those who provide data" We respect and protect the privacy of individuals, both during the collection of data and during interaction with our digital offerings. We therefore ensure that individuals can make sovereign decisions about the use of their data.

"We promote digital literacy"
We actively promote the digital competence of those who develop, use, operate and decide on the deployment of algorithmic systems. Therefore, we provide these people with up-to-date knowledge regarding the handling of data and algorithmic systems. In addition, we support our employees in asking digital ethical questions and questioning the effects of our algorithmic systems.  Fig. 7 Final structure of the guidelines that will enable standardized use of the CoDE in evaluating the criticality of data analysis projects.
We thus believe that the CoDE constitutes a suitable tool to accompany digital innovation and associated business decisions by sound ethical reasoning. Actively employing this tool, and clearly explaining the selection and meaning of the principles that guide digital offerings, can serve to create trust, transparency and, perhaps, competitive advantage.
Author contributions Not applicable.
Funding No funding was received to assist with the preparation of this manuscript.
Availability of data and material A list of the guidelines examined is attached to the supplementary information (Online Resource 1). The CoDE is attached to the supplementary information (Online Resource 2).
Code availability Not applicable.

Declarations
Conflict of interest S.B., A.N., R.H. are employed by idigiT GmbH. S.L., M.K. and J.E.C. are employed by Merck KGaA. idigiT GmbH has been commissioned by Merck KGaA to consult the company on digital ethics. In her role as advisor to Merck KGaA, Darmstadt, S.B. has been a compensated private consultant. For this editorial, the authors acted as independent scholars and did not receive payment for their contributions. Editorial assistance, including writing, was provided by Nora Schultz and was funded by Merck KGaA.
Ethics approval Not applicable.

Consent for publication Not applicable.
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http:// creat iveco mmons. org/ licen ses/ by/4. 0/.