Software engineers are facing retaliation from colleagues and employers when reporting wrongdoing, new research has claimed.
A report found ENGPRAX found this retaliation, alongside contractual gagging clauses and a priority on software development speed, are having a knock-on effect on the security of computer systems.
This culture of fear is also stifling engineers from voicing concerns, presenting ideas, or asking questions.
Businesses prioritizing speed over security
Overall, the study found that within the UK software development industry, over half (53%) of engineers suspected wrongdoing at work, and three quarters (75%) said that the last time they reported wrongdoing, they faced backlash from both their colleagues and employers. This amounts to around 145,000 software engineers in the UK having faced retaliation at work.
Moreover, the priorities of software delivery do not align with the priorities of software engineers and the general public. Within the dimensions provided, software engineers were most likely to agree that providing for their families (52%), delivering highly reliable work (51%) and ensuring their work kept data secure (47%) were the top priorities.
For the general public, the priorities reside in data security (62%), data accuracy (55%), and removing serious bugs (55%). In terms of getting the latest features quickly, only 22% of the general public saw this as a priority, with just 33% of engineers ranking rapid work delivery as a key priority.
The investigation also found that some companies are skirting public interest disclosure laws by contractually gagging employees to stop them from making protected disclosures on matters such as legal compliance, miscarriages of justice, environmental damage, and health and safety dangers.
“Recent developments demonstrate the fundamental importance of software engineers being free to raise the alarm when they become aware of potential wrongdoing; unfortunately our research has highlighted that software engineers are not sufficiently protected when they need to do so,” survey overseer Dr Junade Ali commented.
“From software engineers facing mass retaliation for speaking up and banned gagging clauses still being used, to ‘industry-standard’ software development metrics not considering the public’s risk appetite; this investigation has highlighted systematic and profound issues with society-wide impact, given how integral computers are to all our lives.
“Our investigation has shown a tendency for problems to be swept below the rug until they reach boiling point rather than addressed, this is neither compassionate nor honest for those involved.”