We have already removed so much liability in other licensed professions, either through law or practice. It's almost impossible to obtain a malicious prosecution or SLAPP judgement against attorneys. Malpractice lawsuits have been legally capped all over the USA against doctors. Engineering liability is a joke outside of rare circumstances.
The social will for having real accountability and professional ethics just isn't there. If you license software, large companies will just outsource the stamps to small contractors who will legally assume responsibility while nothing else changes. All real accountability will be so sparse and random that all ethical complaints will be ignored. If this liability becomes large enough to effect anything, all tech companies will band together to bribe politicians to limit legal remedies in the laws themselves.
In the end, the only thing that will happen is that large companies will use these regulations to bludgeon smaller competition like they already do.
Licensing also means corrupted busy bodies and gate keepers; it doesn't necessarily increase quality, but it surely decrease supply of service providers and give a rather dangerous power to a selected (by whom?) group
Yes, licensing does reduce supply compared to a free-for-all. But that’s the point, it filters out people who shouldn’t be doing the work in the first place. For engineers, the PE designation means you’re legally responsible for your work.
Licensing is a poor filter. Have you ever gotten a bad haircut? Is there a hairstylist or barber at your usual shop that you avoid? Those folks are licensed too.
The author isn’t wrong but is it the right battle to fight?
They talk about dams and bridges being the birth of the engineering profession. Software though isn’t some newbuild home or bridge foundation or aircraft turbine blade, where I have to have faith in a system that stops crooks from selling me a house that will fall down, a bridge that will collapse, or a jet engine that explodes.
In fact, given the source code, build system, and some documentation, I — little old me! — can find bugs, fix them, and ship a working build. So can thousands of other fellow consumers.
I would rather advocate for statutory openness and freedom than trying to force quality control on what’s left of the closed, proprietary status quo. It would be a utopia indeed if we could get out of this rut where I (and my community of consumer tinkerers) are forbidden from unlocking our iPhones and Subarus and LGTVs to their full potential.
Software developers are fully capable of writing good quality software without a need for licensing, but managers and product people come in the way. If I had to write 5x tests covering every branch, my software would never complete.
What I suggest considering instead of licensing is a voluntary GAP (good authorship practices) certification for a project, unique to each approved programming language, comparable to GMP (good manufacturing practices) in the pharmaceutical and food processing industries. Customers should then develop a culture of licensing commercial software only if it has this certification. As for who will certify, on what basis, at what cost, and how will it keep up with changes in the real world, all of these are good questions.
(Please focus on his discussion of PE licensure, not on what developers should call themselves)
He says some software can be designed in our usual way: informal, fast, iterative, democratized, agile. But more and more software needs to be designed like a PE designing a public bridge: carefully, to stand strong for 100 years.
Some software maybe, like aerospace, but I have the option of not going to a doctor and trying to make myself healthier, so I should be able to write software also, and if anyone else wants to use it, that's their choice,
Aerospace already has software standards for certification like DO-178C which is critical for certification from the FAA. You don't have to be licensed to write the software, but if it doesn't meet standards required for certification, well you have to fix it.
It will never ever ever happen, because the nearly the entire software industry actively works against anything that inhibits pace of development.
Software is mostly created by businesses. Business want to make money above all else. Creating software needs to take the absolute minimum amount of time and money and quality, both in code and the program functioning itself, is an afterthought.
Because software isn't a tangible product, like a car or a bridge or a building, there is a prejudice against having certification for the engineers. It's not "important" like tangible objects that easily (most of the time) have their flaws exposed. Less important means less emphasis on craft, and you shouldn't need a certificate to prove you can add code to a project.
This cat has been out of the bag for so long it's just preposterous to think it will change. The current model of, "just get anything that can move the project forward," be it offshore, AI, hordes, long hours, whatever, will always be the strategy.
If you want quality write it for yourself. Early on in my career I built a carefully curated set of moonlight clients that my employer(s) did not know about. Here I wrote high quality software on my own timelines, emphasizing quality over everything else, because I am a one man team and don't have time for support. Now those clients pay me more each month than my employer. Most months I just get a check in the mail and don't have to do anything. As one said, "It just keeps working and we even forget it's there." (most of the software is integration related).
So it can be done, you just have to have the priority be different than a business that is in it for the money alone.
I am sympathetic to the motivations and argument in the article, but the analogy with bridge building is flawed.
In engineering, if your assumptions are correct and you apply the formulas correctly, the bridge will not fall.
This is _not_ true of software, since it suffers from mathematical incompleteness. Computation is isomorphic to mathematics, and, just as there is no way to objectively estimate how long it will take to prove a theorem, there is no way _objectively_ estimate program properties, even simple things like "will this program ever print the string "xx". The proofs are variations of the Halting problem.
that is basically the point the author missed. The PE license is to grant an individual a license for them to certify theirs and others works meets established guidelines. Now over time this may become true that something like level 2,3,4 are vague guidelines now but in future they will become more concrete. At that point it might become necessary to certify that a companies system meets those guidelines for the algorithms used.
No doubt there are tons of lawyers & "certification and Licensure" companies & "nonprofits" of dubious value that have infested various software related industries salivating over the opportunity to get rent-seeking via broad regulated software "engineering" licensure.
Surgeons are not exclusive about cutting people open.
First Assists regularly do it, and their backgrounds are as:
Surgical techs
RNs
PAs
I recognize a great value in medical education & experience since that is the primary difference between a surgeon, and a nurse practicioner.
However, for surgeons, they are normally qualified, assessed and evaluated a number of times throughout their career with things like MCAT, then USMLE or COMLEX and then hundreds of surgeries. One of the final ways is through board certification which requires typically, a book of cases, an exam, a large number of surgeries for the specific specialization, sometimes a fellowship, and finally, a defense and sometimes an oral interview.
The first time this matters greatly. But, for busy surgeons that are dual-board certified, should they have to go through the entire process again every 10 years? This is where the accusation of rent-seeking behaviors come in, because previously board certs were considered lifetime. Now, only good for 10 years depending on sanctioning body and they also come with some hefty Continuing Medical Education (CME) requirements too.
The pushback against this has likewise come from Surgeons pushing back saying if we are doing 1000 surgeries a year and are a surgeon in good standing, why do we really need to get re-certified again? This is why doctors are unhappy with Specialty Board Certification Exams, Maintenance of Certification (MOC) exams, State-specific licensing exams, and the requirements around CMEs which some consider excessive.
We see the same thing in IT also, where people regularly let vendor certs stagnate after initial certification.
An MBA is sort of a de facto license. I'm given to understand that you basically won't get into upper management without one (unless you found your own company, of course).
Good luck with this. Requiring licensure to publish software is as tractable as requiring licensure to publish news or literature or music. The barrier to create software is perhaps a bit higher, but not meaningfully so.
I call myself a Softwate Developer. I have an Engineering degree (Computer Engineering), but I don't wear a stripey hat, so I'm clearly not an engineer.
Employers are welcome to title me as they please, within the law. I enjoyed being titled as a Technical Yahoo, but only one company seemed to prefer that title.
> Is software free speech? In the US, yes Bernstein v. United States, but causing public harm or encroaching on others' rights is not protected.
> So my WordPress blog needs a sign off for each post? That's publishing, not software, and requiring sign off on writing would encroach on free speech.
Would the WordPress blog need a sign off each time the style is updated... maybe, css is software, fonts are software. If you adjust a plugin or something, that probably needs a signoff.
Do you need a signoff when you update an excel sheet? Maybe only if it's published.
Do we need specific licensing to assign liability for public harm? Could we just not legislate liability on the operators of software causing public harm, and then people would be less likely to operate software in public unless the operator deems the risk low or the provider of the software offers indemnity (most likely in exchange for $$$$$).
I am ambivalent about this, leaning towards negative.
I have some open questions, though this is more implementation than concept - what categories of software would need what licensing? Is there a delineation for platforms with more or less effective sandboxing, e.g., mobile vs desktop platforms? Do we need licensing for non-mission-critical software like game development (not a trivial question given multiplayer transmits and parses data)? Memory-safe versus memory-unsafe languages?
Now, I can think of some good situations that should maybe require formal licensing, e.g., cryptography, though how to delineate that could be tricky. Certainly I would want someone building a cryptographic vault or library to have very good knowledge of cryptography - I am not sure this is needed if you are effectively dispatching to a known good library, but it is still possible to build highly insecure protocols on top of it. Wondering if I would want a single large license, or some kind of specialty licenses for such cases, though.
My biggest gripe though, is that I feel most of the problems of software come from companies behaving irresponsibly - collecting too much data, rushing features through, pushing top-down control and schedules making it difficult for engineers to push back for needs and to build systems effectively. A lot of corporations pretty much give marching orders to their engineers. Maybe if software engineers were licensed, and there was personal liability against one's license to disobey, it would create a strong incentive to not implement such systems. I have my doubts this would get implemented in the USA though, as we have already unfortunately mostly stood against regulations like the GDPR. Maybe the EU would do this - but I am not sure if it is a better strategy, if that is the intent, versus focusing the state on attacking companies with malicious intent and sending them directly out of business.
I suppose I should add, I largely fear more and more regulation around software, especially at the level of "commercial vs. not" - one, much commercial software uses open source; two, I am extraordinarily wary that we may lose pretty much all digital freedom to increasingly authoritarian societies - I sort of expect such licensing requirements to keep pushing that along and breaking any possibility of making modern technology less bad, instead burdening the field such that only major corporations may effectively contribute, and cutting off all funding to independent developers. It's already grim in that respect to be sure. Licensure feels like it is on the path to whitewash intense restrictions on computation in the language of protection and security.
Many big technology companies have zero ethics or desire for it. I only have faith in smaller groups and independent developers, and I don't want to stifle them if they have some path to come back and compete.
Hell, at this point my main computer is Linux, with a mixture of open source and donation-driven (this could be considered commercial!) software. My desktop environment is made by someone in a bedroom in Poland and it's better than anything Apple or god forbid Microsoft can ship. I would prefer to not have some licensing body to come and make it illegal for me to use that desktop and send this developer money so he can pay his rent.
Ahh yes, regulation... It's that insane people would suggest this especially now that anyone can build their ideas. Rather than wanting to regulate more, let's educate people how to research their vendors or providers better.
The social will for having real accountability and professional ethics just isn't there. If you license software, large companies will just outsource the stamps to small contractors who will legally assume responsibility while nothing else changes. All real accountability will be so sparse and random that all ethical complaints will be ignored. If this liability becomes large enough to effect anything, all tech companies will band together to bribe politicians to limit legal remedies in the laws themselves.
In the end, the only thing that will happen is that large companies will use these regulations to bludgeon smaller competition like they already do.