Tech for good is not a witness-protection program

Tech for good is not a witness-protection program. It is not where people who knowingly designed, led, or sold systems for persistent surveillance, threat ranking, target development, or accelerated force get to exchange proximity to power for moral authority.

I am a technologist. That means I know exactly how moral distance gets manufactured.

Nobody says they are building a machine that can watch, sort, flag, track, and help target human beings at industrial scale. They say they are delivering decision advantage. They do not say surveillance; they say situational awareness. They do not say targeting pipeline; they say data fusion. They do not say they are making organized violence faster and easier to execute; they say they are accelerating the mission.

Then comes the ethical alibi: There is always a human in the loop.

That phrase is not a moral argument. It's just a user interface description, as much as the tech industry likes to pretend otherwise. A system does not have to pull a trigger to determine who enters the targeting funnel, which evidence is elevated, which uncertainty is hidden, or how much time a human has to object. A human click at the end of a machine-compressed process does not baptize everything upstream.

When work like this later disappears behind a new vocabulary—responsible AI, public-interest technology, mission-driven leadership—the change in language proves nothing. A career pivot is not an accounting. Sincerity is not repair. People may change, but change creates no entitlement to somebody else’s trust, labor, platform, network, or community. Certainly not their respect.

Repentance is not reinstatement.

Name the work by what it enables

Defense technology is not one morally uniform category. A payroll database is not an autonomous weapon. A logistics optimizer that gets medicine to a field hospital is not software that ranks suspected targets. Defensive cybersecurity, search and rescue, and administrative systems cannot honestly be collapsed into a kill chain merely because the same institution buys them.

Here is the line I am drawing. I categorically reject systems whose designed purpose or material, foreseeable function is to identify or track people persistently without their consent; fuse personal data to infer association, intent, or threat; nominate or rank people as targets; or compress the path from detection to force. Improving the accuracy of those systems may change how efficiently they operate. It does not make their purpose acceptable.

High-risk technology outside that line may sometimes earn deployment through necessity, proportionality, evidence, and enforceable controls. The systems I have just named do not. For them, the relevant safeguard is refusal.

Responsibility is proportional to function, knowledge, decision authority, proximity, and foreseeable use. An employee doing unrelated administrative work is not interchangeable with an executive selling target-development software. A worker who discovers a harmful use and exposes it is not interchangeable with a leader who understands the use and expands it. Employer affiliation alone proves very little. Knowing, material participation is the issue.

But “I only built the platform” is no defense when the platform was designed for the condemned function. The defense establishment’s own public strategy says what many military systems in this category are for. Its 2023 AI plan (opens in a new tab) named “superior battlespace awareness” and “fast, precise and resilient kill chains” as desired outcomes. Its 2026 strategy (opens in a new tab) describes AI agents operating from campaign planning through “kill chain execution” and AI used to compound military lethality.

Take the institution at its word.

A targeting system is not only the munition. It includes the sensors, data contracts, identity resolution, model, ranking function, analyst dashboard, network, and command software that make a person legible as a target and an action executable at speed. C4ISR (command, control, communications, computers, intelligence, surveillance, and reconnaissance) is a “system of systems” in which communications, sensors, and command software converge, as the Army itself explains (opens in a new tab). Architecture diagrams divide ownership. They do not divide moral responsibility.

There is no morally neutral API call to a kill chain.

The ACM Code of Ethics (opens in a new tab) tells computing professionals to consider data aggregation and emergent behavior, evaluate risks comprehensively, minimize harm, and treat the public good as the central concern. It says that when misuse or harm is predictable or unavoidable, the best option may be not to build the system.

“My component worked as specified” is what an engineer says when the specification is the only moral object they are willing to see.

A human in the loop can reduce harm. It cannot confer legitimacy.

The strongest case for military decision support is not that war is good or that infrastructure is neutral. It is that, when force is already contemplated, better sensing and classification may prevent misidentification, improve discrimination, and help a human withhold force compared with cruder tools. That possibility matters. Preventing civilian harm is morally significant.

But harm reduction is an empirical comparison, not a moral blank check. It must be demonstrated against real alternatives across the whole system: error, scale, tempo, operator deference, mission expansion, and the consequences of making coercive action faster and easier to repeat. A system can reduce one class of mistake while expanding the capacity to inflict harm. Even a genuine reduction in misidentification does not answer whether the surveillance was legitimate, whether the target category was just, whether proportionality holds, or whether the mission should occur at all.

Official weapons policy requires “appropriate levels of human judgment (opens in a new tab)” over the use of force and testing under realistic conditions. Those are better requirements than none. They are not proof that meaningful control exists in a deployed workflow. An operator’s presence says nothing by itself about time, information, workload, incentives, authority, or the ability to challenge the machine.

Human oversight can fail while looking perfectly compliant on a flowchart. People anchor on automated recommendations, defer to systems presented as objective, and hesitate to override an answer when the machine appears to have seen more. Under time pressure, review can collapse into confirmation.

In a 2024 controlled experiment (opens in a new tab), participants preferred an algorithm to an equally accurate human adviser 66 percent of the time. Giving them the power to monitor and adjust its recommendation increased that preference, while the human-in-the-loop condition reduced final accuracy on average. The task concerned student-performance prediction, not combat; it does not establish how trained operators behave in battle. It does refute the assumption that inserting a human automatically inserts safety.

A separate 2024 preregistered experiment (opens in a new tab) asked 9,000 adults in nine countries to identify friendly and adversary aircraft. Equivalent advice labeled as AI made people more likely to switch answers than advice labeled as human; difficult tasks and claims that the adviser was extensively tested increased deference. Again, these were civilians in a hypothetical exercise, not operators under fire. The finding is narrower and still important: interface signals and perceived authority change human judgment.

Meaningful control requires enough information, time, training, and authority to connect judgment to a specific consequence. The International Committee of the Red Cross (opens in a new tab) calls for limits on targets, geography, duration, and scale, along with effective supervision and timely intervention or deactivation.

If a system narrows a thousand possibilities to three, hides the discarded evidence, supplies an opaque confidence score, and measures success by decision speed, then it has already exercised enormous power. The final human may possess formal authority while the machine controls the frame.

Accuracy is not consent

Debates about surveillance technology often get trapped inside model performance: lower the false-positive rate, balance the data, improve calibration, and perhaps the system becomes acceptable.

Performance matters because errors injure real people. It is not the whole moral question.

NIST’s testing of 189 face-recognition algorithms found enormous variation, including false-positive rates for many algorithms that were ten to one hundred times higher for Asian and Black faces than for white faces in one-to-one matching. NIST also found that some of the most accurate algorithms were among the most equitable. The honest conclusion is not that every system fails identically. It is that performance is contextual, demographic disparities can be severe, and a wrong one-to-many match can place an innocent person under suspicion. Those are NIST’s findings. (opens in a new tab)

Deployment repeatedly outran governance. A 2021 federal audit (opens in a new tab) found that all 14 surveyed agencies using face recognition in criminal investigations also used non-federal systems, while only one knew at the time which outside systems its employees used. A 2023 follow-up (opens in a new tab) found that six federal law-enforcement agencies conducted roughly 60,000 searches before requiring staff training. Some agencies subsequently strengthened their controls. That does not erase the order of operations: deploy first, inventory and govern later.

Now imagine that the model becomes nearly perfect. The political question remains: should an institution be able to identify, correlate, and track people across spaces and databases at that scale? Accuracy does not create consent. Precision does not establish legitimacy. A perfectly accurate system can be a more efficient instrument of repression than a sloppy one.

The United Nations human-rights office (opens in a new tab) has documented surveillance’s disproportionate impact on marginalized communities and its chilling effect on expression and peaceful assembly. That chilling effect is not a model bug. Observation changes behavior when it is persistent, consequential, and backed by coercive power.

Responsible AI without veto power is branding

The standard vocabulary sounds excellent: responsible, equitable, traceable, reliable, governable. Transparent methods. Auditable data. Defined uses. Lifecycle testing. The ability to deactivate systems that behave unexpectedly.

The problem is not the nouns. It is what happens when those nouns collide with money, secrecy, mission pressure, and schedule.

This concern is not merely cynical intuition. A 2024 systematic review of 130 records (opens in a new tab) maps digital ethicswashing as the gap between ethical communication and substantive practice, including symbolic principles, corporate AI ethicists used as embellishment, and lobbying against stricter rules. The authors stress that much of the literature is conceptual and requires more empirical testing. Their review maps mechanisms described in the literature; it does not establish how common they are or deliver a universal verdict on everyone who works in ethics.

A separate conceptual analysis in Nature Machine Intelligence argues that AI development lacks the common duties, proven implementation methods, and robust professional accountability that help make principles operational in medicine. Consensus around attractive words can conceal political disagreement and institutional weakness. Principles alone cannot guarantee ethical AI. (opens in a new tab) Together, these analyses identify structural risks. They do not prove that every ethics worker is cynical or every career pivot fraudulent. My conclusion is narrower: a new title, panel, or institutional affiliation, standing alone, is not evidence of repair.

The gap is visible in public military-AI governance. The department describes its Responsible AI Toolkit as a “voluntary process (opens in a new tab).” That describes the toolkit, not every legal or policy obligation surrounding military systems. In 2024, the inspector general found (opens in a new tab) overdue governance documents, unclear roles, and dozens of authoritative documents that still assigned responsibilities to predecessor offices. Implementation guidance issued during the audit closed one recommendation; another policy recommendation remained open when the report was published.

Meanwhile, the 2026 strategy (opens in a new tab) declares that “speed wins,” treats authorization, testing, certification, and contracting as potential blockers, and says the risks of moving too slowly outweigh the risks of “imperfect alignment.” It directs rapid deployment and creates a mechanism for waiving non-statutory requirements.

You do not need to speculate about the conflict. The incentive structure states it.

Lawfulness is a floor, not an ethic. A use can be lawful and still be reckless, disproportionate, dehumanizing, politically corrosive, or morally grotesque. An ethics framework that cannot delay, constrain, or prohibit deployment is not governance. It is advice that power remains free to ignore.

The department says it maintains an internal inventory (opens in a new tab) of AI activities, and classified oversight is not the same as no oversight. But the public cannot inspect the full inventory or evaluate, system by system, intended uses, data provenance, operational error rates, escalation rules, audit findings, incidents, and responsible decision-makers. “Trust us” is not public governance. Secrecy can protect legitimate operations; it does not dissolve accountability.

What governance can and cannot legitimate

For high-risk systems outside the categorical boundary above, responsible technology must be able to stop a project. At minimum, ethics has veto power through:

  • System mapping and an independent impact assessment connecting data collection, models, interfaces, operators, downstream decisions, and foreseeable harms.
  • Documented provenance, contextual false-positive and false-negative rates, subgroup testing where people are classified, and hard limits beyond which the system cannot be used.
  • Meaningful human control: time, contrary evidence, training, logged overrides, and protected authority to slow or stop an unsafe action.
  • Enforced limits on scope, geography, duration, retention, and secondary use, with tested intervention and deactivation mechanisms.
  • Adversarial monitoring, incident disclosure, remedy for people harmed, and automatic stop-work thresholds when performance or use escapes the approved envelope.
  • A named human decision-maker accountable for deployment, alongside protected refusal and reporting rights for technical workers.

These controls can make a governable system answerable. They cannot redeem a system whose intended function is itself the wrong.

Repentance is not reinstatement

When someone moves from surveillance or military targeting into “tech for good,” the move itself proves nothing. A new vocabulary is not an accounting. The burden is not on everyone else to treat a revised biography as evidence of transformation.

Repentance, if the word is going to mean anything, begins with an unforced and specific account: what you built, what it enabled, whom it harmed or placed at risk, what you ignored, what you gained, and why you were wrong. Repair requires conduct: disclosing what can be disclosed, assisting legitimate investigation, supporting affected communities, surrendering power where appropriate, refusing adjacent work, and accepting consequences without demanding applause.

Even that does not purchase access to anyone else’s community.

People may change. That possibility creates no obligation in anyone else. Repair is not erasure, and repentance is not reinstatement. No claimed transformation creates a right to another person’s trust, labor, network, platform, funding, or proximity.

So here is my boundary: I will not hire, refer, fund, platform, partner with, share a stage with, or lend credibility to people who knowingly and materially designed, led, or sold systems built for persistent, nonconsensual person-level surveillance, threat ranking, target development, target selection, or kill-chain acceleration. They are not welcome in the spaces I build.

No job. No referral. No platform. No contract. No collaboration. No respect.

  • Tech for good ethics
  • Military AI ethics
  • Surveillance technology
  • Responsible AI
  • Public-interest technology
  • Technology accountability