University of Sydney · FACULTY OF COMPUTER SCIENCE

INFO2222 · Computing 2 Usability and Security

- one subject, every graph, every model, every mark
Computer Science14 Chapters8-page Bible
Our own words - no uploaded lecturer files
Updated for this semester
Chapter 12 of 12 · INFO2222

Ethics, Privacy and Professional Responsibility

Week 12 closes the unit with the professional and legal frame: the ACS Code of Ethics and how to reason about ethical dilemmas, and data-privacy law from the Australian Privacy Act 1988 to GDPR, CCPA and the UK DPA. It also folds in the exam-revision guidance (apply and reason rather than memorise numbers), and scenario-application items — which value or which law applies — are common on the final exam.

In this chapter

What this chapter covers

  • 01Ethics as a framework for right/wrong when the choice is not obvious; IT ethics and responsible decision-making
  • 02Ethical dilemmas in emerging tech (autonomous-vehicle / trolley scenarios); responsibility shared across the whole pipeline
  • 03The ACS Code of Ethics — six core values, from the primacy of the public interest to professionalism
  • 04Data privacy as controls on access, use, processing and storage, spanning legal, technical and social dimensions
  • 05Australian Privacy Act 1988: 13 Australian Privacy Principles (APPs), applying to APP entities (turnover > $3M)
  • 06The Privacy and Other Legislation Amendment Act 2024: doxxing offence, automated-decision transparency, a statutory tort
  • 07International regimes: GDPR (consent, erasure, fines up to 4% of global revenue or €20M), CCPA, and the UK DPA 2018
  • 08Exam revision guidance: recognition over recall, apply-don't-just-recall, and read questions carefully (negatives)
Worked example · free

Apply the ACS values and privacy law to four IT scenarios

Q [4 marks]. For each scenario, name the single ACS core value or the specific privacy law/mechanism that most directly applies: (1) An engineer knows a released app has a safety flaw affecting users but staying quiet would protect a lucrative launch. (2) A start-up processing EU residents' data must let them request erasure of their records. (3) An Australian firm with $10M turnover collects personal information without a clear collection notice. (4) A developer overstates their expertise to win a security-critical contract. (4 marks)
  • +1(1) Speaking up about a safety flaw that affects users, over a profitable launch, is the Primacy of the Public Interest — placing the public interest above personal or business interests (the first ACS core value).
  • +1(2) An EU-resident erasure request is governed by the GDPR, which grants rights to access, rectify and erase personal data and requires a lawful basis such as consent. (Its penalties reach up to 4% of annual global revenue or €20 million.)
  • +1(3) An Australian firm with $10M turnover is an APP entity (turnover over $3M) under the Privacy Act 1988, so collecting personal information without a proper collection notice breaches the Australian Privacy Principles governing collection.
  • +1(4) Overstating expertise to win a contract violates Honesty — being honest about your skills, services and products (an ACS core value); it also touches Competence, but Honesty is the most direct.
(1) Primacy of the Public Interest (ACS); (2) GDPR — the right to erasure; (3) the Privacy Act 1988 and its APPs, since a >$3M-turnover firm is an APP entity; (4) Honesty (ACS). The skill is mapping a described situation to the right value or statute, which is how these items are examined.
Sia tip — Sort by jurisdiction and actor: an individual professional's conduct → an ACS core value; EU residents' data → GDPR; Australian organisations over $3M turnover → the Privacy Act 1988 and its 13 APPs; Californian consumers → CCPA. Read the scenario for who is affected and where, then pick the single best-fitting value or law.
Glossary

Key terms

ACS Code of Ethics
The Australian Computer Society's professional code, binding members to six core values: the Primacy of the Public Interest, the Enhancement of Quality of Life, Honesty, Competence, Professional Development, and Professionalism. It provides an ethical framework and a basis for accountability.
Australian Privacy Act 1988 / APPs
The Australian law regulating how agencies and organisations (APP entities, generally turnover over $3M) handle personal information. It contains 13 Australian Privacy Principles governing collection, use, disclosure, governance, integrity, correction and individuals' access rights; it is principles-based and technology-neutral.
Privacy Amendment Act 2024 (POLA)
The Privacy and Other Legislation Amendment Act 2024 (Royal Assent December 2024), which adds criminal offences for doxxing, transparency requirements for automated decision-making, a Children's Online Privacy Code, and a statutory tort for serious invasions of privacy, plus new Commissioner powers.
GDPR
The EU General Data Protection Regulation (effective 2018), protecting EU/EEA residents' personal data. It requires explicit consent, transparency and security, grants rights to access, rectify and erase, defines personal data broadly (including IP and cookie data), and allows fines up to 4% of annual global revenue or €20 million, whichever is higher.
CCPA / UK DPA
The California Consumer Privacy Act (effective 2020) gives Californian consumers rights to know what data is collected, request deletion, and opt out of data sales. The UK Data Protection Act 2018 implements and aligns with GDPR in the UK, with access/rectify/erase rights and rules for controllers and processors.
Ethical dilemma (AV / trolley)
A scenario with no clearly right choice, such as how an autonomous vehicle should act in an unavoidable crash. Responsibility is shared across engineers, data scientists, developers, managers, the company, regulators and society — 'technology is neutral; decisions are not.'
FAQ

Ethics, Privacy and Professional Responsibility FAQ

What are the ACS Code of Ethics core values?

There are six: the Primacy of the Public Interest (public good above personal or business interest), the Enhancement of Quality of Life (improve life for those affected by your work), Honesty (be truthful about your skills, services and products), Competence (work competently and diligently), Professional Development (grow your own and others' competence), and Professionalism (uphold and advance the profession's honour and integrity). Exam items usually describe a situation and ask which single value applies.

How does the Australian Privacy Act 1988 relate to GDPR, CCPA and the UK DPA?

They are parallel privacy regimes for different jurisdictions. The Privacy Act 1988 (with its 13 APPs) governs Australian APP entities, generally those with turnover over $3M, and was strengthened by the 2024 amendment (doxxing offence, automated-decision transparency, a statutory tort). GDPR covers EU/EEA residents with strong consent and erasure rights and large fines; CCPA covers Californian consumers; the UK DPA 2018 aligns the UK with GDPR. Match the scenario to the jurisdiction and the affected people.

How should I approach an ethical-dilemma question?

Recognise that a dilemma has no obviously correct answer and that responsibility is distributed across the whole pipeline — engineers, data scientists, developers, managers, the company, regulators and society — because 'technology is neutral; decisions are not.' Frame your reasoning with the relevant ACS value(s) and any applicable privacy law, and weigh the public interest, quality of life, honesty and competence rather than looking for one 'right' rule. Any HCI study involving people also needs human-research ethics approval.

Can AI help me revise ethics and privacy for INFO2222?

Yes, as a study aid. Sia can drill the six ACS core values, map scenarios to the right value or privacy law, contrast the Privacy Act 1988, GDPR, CCPA and the UK DPA, and rehearse the Week 12 exam-revision guidance. Use it to prepare for the final exam's scenario-application items; it does not do graded assessment for you, and the University of Sydney academic-integrity policy applies.

Study strategy

Exam move

This chapter is scenario-application, so drill mapping rather than rote lists. Memorise the six ACS core values with a one-line trigger each, then practise reading a mini-scenario and naming the single best-fitting value (public safety → Primacy of the Public Interest; misrepresenting skills → Honesty). For privacy law, build a jurisdiction map: Australian organisations over $3M turnover → Privacy Act 1988 and its 13 APPs (plus the 2024 doxxing/automated-decision/statutory-tort additions); EU residents → GDPR (consent, erasure, up to 4%/€20M fines); California → CCPA; UK → DPA 2018. Since this is also the revision block, take its guidance to heart across the whole unit: prefer recognition over recall, apply concepts rather than reciting numbers, and read multiple-answer questions carefully for negatives — and remember the exam's negative marking means only answer options you are confident about. Confirm the exam date and permitted materials on Canvas and the USyd exam timetable.

Working through Ethics, Privacy and Professional Responsibility in INFO2222? Sia is AskSia’s AI Computer Science tutor — ask any INFO2222 Ethics, Privacy and Professional Responsibility question and get a clear, step-by-step explanation grounded in how INFO2222 is taught and assessed. Read this chapter free, then take your hardest questions to Sia.

A+Everything unlocked
Unlocks this Bible + all 38 of your University of Sydney subjects - and 1,000+ Bibles across every Australian university.
Sia - your INFO2222 tutor, unlimited, worked the way the exam marks it
The full 8-page Bible + practice bank with worked solutions
Chrome extension - sync your LMS so Sia knows your deadlines
Bilingual EN / Chinese on every Bible and every Sia answer
$25/ month
30-day money-back · cancel in one tap · how it works
Unlock the full INFO2222 Bible + 38 University of Sydney subjects解锁完整 INFO2222 Bible + University of Sydney 38 门科目
$25/mo