Report and PowerPoint
The Importance of Ethics:
Apollo 1 and the Bhopal Disaster
Group 12: Nada Lahjouji, Sadaf Sarwari
March 11, 2020
[brief introduction] For our ethics research we focused on two case studies: Apollo 1 and the Bhopal disaster.
Photo source: https://sloanreview.mit.edu/article/the-false-choice-between-business-and-ethics/
Apollo 1
What Went Wrong
Ethical Issues That Were Violated
How We Could Have Avoided the Disaster
First we will discuss our assigned ethics case study, that of Apollo 1.
Project Apollo was the third American spaceflight program, which set to land the first men on the Moon. Apollo 1 was the first mission of this program, but it unfortunately did not launch.
What is Apollo 1?
First let us define what Apollo 1 is and its significance.
Apollo 1 was led by NASA. It was supposed to be the first mission in the Apollo program set to land men on the moon, but it never launched.
On January 27, 1967, three astronauts participated in a pre-flight test for the first Apollo mission that ended in a tragic fire in the space capsule (command module).
In the pre-flight test for this first mission, a fire in the command module (CM) ended up killing all three astronauts: Vigil Grissom, Edward White, and Roger Chaffee. Although the precise cause of the fire was never determined, investigations stated many potential reasons that we will discuss next.
Photo source: https://www.smithsonianmag.com/science-nature/legacy-apollo-1-disaster-180961917/
Apollo 1
What Went Wrong
Ethical Issues That Were Violated
How We Could Have Avoided the Disaster
The following slides highlight some of the biggest ethical issues surrounding this disaster.
Canon 1, a
If engineers' judgment is overruled under circumstances that endanger life or property, they shall notify their employer or client and such other authority as may be appropriate.
the Apollo team failed to give adequate attention to certain mundane but equally vital questions of crew safety. The Board’s investigation revealed many deficiencies in design and engineering, manufacture, and quality control. Certain conditions overlooked that caused the fire:
A sealed cabin, pressurized with pure oxygen atmosphere
An extensive distribution of combustible materials in the cabin.
Canon 1, Rule of Practice a was one of the principles that was violated. As stated in NASA’s investigation report, the Apollo team failed to give adequate attention to certain mundane but equally vital questions of crew safety. The Board’s investigation revealed many deficiencies in design and engineering, manufacture, and quality control. Certain conditions were overlooked that caused the fire:
A sealed cabin, pressurized with pure oxygen atmosphere
An extensive distribution of combustible materials in the cabin
These choices were not made arbitrarily; NASA headquarters had agreed on putting 15 psi (pound-force per square inch) of pure oxygen in the small space capsule that held the astronauts, knowing that this was an extremely flammable environment. They continued with the Apollo program despite the obvious violations this constituted. Rather than caring about the well-being and safety of the astronauts, NASA only reported the technical aspects of the project over the potential risk of their choices to the government and the public. This means that the project was all based upon unsafe conditions that the engineers knew were dangerous for the pilots but none of it was reported.
Photo source: https://www.nasa.gov/audience/forstudents/5-8/features/symbols-of-nasa.html
Canon 1, f
Engineers having knowledge of any alleged violation of this Code shall report thereon to appropriate professional bodies and, when relevant, also to public authorities, and cooperate with the proper authorities in furnishing such information or assistance as may be required.
NASA did not share the information about the circumstances of the capsule during the mission to the public because it deemed these details as “technical knowledge.”. In addition, the agency had never encountered issues with the same oxygen and pressure settings in prior missions and thus did not question the safety of these conditions.
Canon 1, Rule of Practice f was another one of the principles that was violated. As stated in the previous slide, the entire Apollo 1 team as well as the headquarters of NASA were aware of the circumstances under which the capsule was built and subjected to. This knowledge was not shared with the public and the governmental body overarching NASA, but was rather masked as being technical requirements necessary for the mission despite the potential danger to the astronauts. However, many investigation reports state that NASA had “overlooked” these details rather than “hid” them. This means that NASA’s actions were not premeditated, but were the product of neglect and naivete; NASA had never encountered a problem with the same oxygen and pressure settings when testing them with previous projects, and therefore did not suspect the gravity of these circumstances. Despite this, the ethical violation that NASA completely disregarded the safety of the astronauts still remains. Thus, NASA did not report the unsafe conditions that they had established for Apollo 1’s crew, even though they had decided on the standards, leading directly to a violation of this canon and rule of practice.
Photo source: https://www.nasa.gov/audience/forstudents/5-8/features/symbols-of-nasa.html
Apollo 1
What Went Wrong
Ethical Issues That Were Violated
How We Could Have Avoided the Disaster
We will end our discussion of Apollo 1 with a summary of how this disaster could have potentially been avoided.
Emphasizing safety over meeting space mission deadlines and over solving problems quickly and easily
Conduct intensive testing regardless of precedents
Have more external oversight of NASA operations
Overall, the Apollo 1 disaster was thought not to be a premeditated or intentional violation of ethics, but rather an incident born out of neglect and severe overlook of safety measures. This disaster could therefore have been avoided first and foremost by:
Emphasizing safety over meeting space mission deadlines and over solving problems quickly and easily: NASA headquarters decided on and approved conditions such as high pressurized pure oxygen in the main capsule knowing that this would cause the environment to be extremely flammable. This decision was made in order to solve the problem of the environmental control system of the capsule, which would provide the astronauts with a breathable atmosphere despite the high combustibility. This should not have been passed considering the risk of fire it constituted for the astronauts. Taking more time to find solutions to problems that jeopardize the safety of employees is therefore a sound choice which could have prevented the Apollo 1 fire.
Conduct intensive testing regardless of precedents: Another underlying reason for the Apollo 1 fire was the fact that the circumstances which had caused the fire had been tested beforehand in other projects, such as the Mercury project. After having tested these conditions for an extended period of time, NASA did not see a reason to review their initial pressure and oxygen settings and instead ran Apollo 1 based on those calculations. If they had tested the environmental control system regardless of precedent tests, they would have discovered the faultiness of the system and prevented the fire.
Have more external oversight of NASA operations: Lastly, NASA’s neglect and overlooking of the astronauts’ safety was just as overlooked by overarching authorities. Although the numbers and conditions were reported by NASA, they were not held responsible or questioned for them by any other agency; therefore, they proceeded with the project, thus causing the Apollo 1 fire. A stricter and more rigid oversight of NASA operations by external factors would have undoubtedly prevented the incident, as this would have held NASA accountable for the lack of safety and health measures taken.
Bhopal Disaster
What Went Wrong
Ethical Issues That Were Violated
How We Could Have Avoided the Disaster
We will now discuss an engineering ethics violation that we came across in our research.
On December 2, 1984, Union Carbide accidentally released about thirty tons of a poisonous gas at its pesticide plant in Bhopal, India.
The Bhopal disaster is considered the world’s worst industrial disaster, in which a mix of gas and water caused an exothermic reaction. On the night of December 2, 1984, the US-owned multinational company Union Carbide accidentally released about 30 tons of a poisonous gas called methyl isocyanate at its pesticide plant in Bhopal, India.
Photo source: https://www.theatlantic.com/photo/2014/12/bhopal-the-worlds-worst-industrial-disaster-30-years-later/100864/
The gas immediately affected the 600,000+ citizens living in surrounding areas, causing blindness and many deaths.
Because the plant was in the center of a large number of impoverished towns, it affected the more than 600,000 residents of these areas. The gas cloud stayed very close to the ground, which caused conditions including blindness and death. This ultimately caused the immediate death of about 2000 people; the overall death count is place around 15,000. Of approximately 500,000 injuries, 4000 were permanently disabling. Today, many of those who were exposed to the gas have had children with physical and mental disabilities. The land is still considered to be toxic to both human and animal life.
Photo source: https://www.theatlantic.com/photo/2014/12/bhopal-the-worlds-worst-industrial-disaster-30-years-later/100864/
Bhopal Disaster
What Went Wrong
Ethical Issues That Were Violated
How We Could Have Avoided the Disaster
The following slides highlight some of the biggest ethical issues surrounding this disaster. The full summary can be found in our written report.
Canon 1, Rule of Practice e
Hold paramount the safety, health, and welfare of the public
Engineers shall not aid or abet the unlawful practice of engineering by a person or firm.
The Bhopal plant did not have a computer system that could alert staff about leaks. Management actually relied on workers to sense if a gas was leaking by seeing if their eyes watered; if a worker felt his eyes watering, only then would he report a potential gas leak to his supervisor.
Canon 1, Rule of Practice e was one of the principles that was violated. The Bhopal plant did not have a computer system that could alert staff about leaks. Management instead relied on workers for this; if a worker felt his eyes watering, only then would he report a potential gas leak to his supervisor. This is a blatant violation of this rule of practice because it is morally wrong to ask for workers to put their health at risk as a way to test the plant’s conditions. This also endangers the public since this “test” obviously isn’t as reliable as an automated system would be.
Canon 1, Rule of Practice f
Hold paramount the safety, health, and welfare of the public
Engineers having knowledge of any alleged violation of this Code shall report thereon to appropriate professional bodies and, when relevant, also to public authorities, and cooperate with the proper authorities in furnishing such information or assistance as may be required.
Months earlier, the plant managers had shut down the refrigeration unit that kept methyl isocyanate cool and in a safe environment.
The spare tanks to store gases in the case of an emergency often were not left empty as instructed.
The methyl isocyanate supervisor on duty the night of the disaster ignored the warning on the gauge of the tank that showed the pressure in that tank had increased by five times over one hour.
Canon 1, Rule of Practice f was another one of the principles that was violated.
Months earlier, the plant managers had shut down the refrigeration unit that kept methyl isocyanate cool and lessened the chance of potential chemical reactions. Among the reasons for this shutdown was to save electricity; this was a direct violation of plant procedures as the chemical was specifically required to be contained in a refrigeration unit that was kept on at all times. If this unit had been running, it is estimated that it would have taken two days instead of two hours for the methyl isocyanate reaction to produce the conditions that caused the gas leak, which would have given the plant workers sufficient time to address the issue.
Plant procedures specifically required that in case of an emergency, large spare tanks should be used to hold the dangerous gas in order to avert a major disaster; that is, the gas that was causing the emergency had to be moved into these larger, safer tanks to ensure no chemical reactions would occur. However, workers reported that these spare tanks often were not left empty as instructed; thus, on the night of the accident, there was nowhere for the workers to move the gas when they first noticed that the leak was occurring.
Because the equipment at the plant was known to not report accurate information, the methyl isocyanate supervisor on duty the night of the disaster ignored the warning on the gauge of the tank that showed the pressure in that tank had increased by five times over one hour.
Each of the conditions described above show how many violations the Bhopal plant committed that fall into this canon and rule of practice. The primary issue in every case listed is the fact that there was at least one person who was aware--or who should have made a higher authority aware--of the malpractices and safety breaches occurring at the facility. Although unfortunately the immediate “professional bodies” in this case were often the perpetrators of these violations, as they disregarded safe practices to save time and money, there is an implicit responsibility to report such infractions to the highest authorities that ideally should deal with such situations.
Canon 2, Rule of Practice a
Perform services only in their areas of competence
Engineers shall undertake assignments only when qualified by education or experience in the specific technical fields involved.
The gas leak is purported to have started about two hours after a worker who did not have proper industry training was told by his supervisor to wash out a pipe that was known to not be sealed well.
A final example of a violation occurred with Canon 2, Rule of Practice a.
The gas leak is purported to have started about two hours after a worker who did not have proper industry training was told by his supervisor to wash out a pipe that was known to not be sealed well; this is significant because it is likely that this water reacted with the methyl isocyanate, which led to a chain reaction that culminated in the gas leaking out uncontrollably into the environment.
The situation described above fits into this canon and rule of practice because it represents how dangerous an otherwise potentially manageable gas leak became when people who lacked proper expertise to handle the plant equipment were hired and told to take charge of some of the plant’s most sensitive operations. Because these workers were also not explicitly informed by their supervisors of the gravity of their tasks and how to respond in the case of an emergency, the already-large information gap was compounded and cultivated an environment ripe for this tragic disaster.
Bhopal Disaster
What Went Wrong
Ethical Issues That Were Violated
How We Could Have Avoided the Disaster
We will end our discussion of the Bhopal disaster with a summary of how this disaster could have potentially been avoided.
Place more accountability at the supervisory level
Implement relevant technology at the facility
Emphasize industry training after hiring
Disseminate information to the public about the plant and its emergency procedures
As described earlier, there were a host of violations that ultimately led to this disaster. However, the points shown on the screen summarize the primary precautions and practices that should have been taken and performed in order to prevent this tragedy.
Overall, the violations were reported; it was the supervisory staff that failed to properly act on these warnings. Unfortunately, there is a lot of corruption and abuse of power that permeates these levels of authority. Thus, if there was a mechanism in place that could override these individuals and cause them to be held directly responsible for their actions, there would be more pressure put on them to perform their tasks properly and ethically--especially if their own jobs and salaries were at stake.
The reports following the disaster described the lack of proper working equipment at the facility. There was no lack of technology, as sister companies of Union Carbide in such locations as the United States did have this technology in place. Thus, if the company had taken the important action of fixing and implementing these technologies in the Bhopal facility instead of working with broken or non-existent machinery, it is likely that the plant would have had better, safer working conditions that could have prevented such a large-scale disaster.
In such highly populated places as India where there will always be jobs to fill and people ready to fill them, it is likely that the practice of people without the necessary qualifications for a job being hired will continue. Thus, it is vital to emphasize training upon hiring to ensure that all workers meet the necessary qualifications to do the jobs they have been hired to do and to ensure they know what to do in cases of emergency. Although the workers at the Bhopal plant were given basic training, they were not given the holistic overview of the plant’s machinery and what the plant is responsible for; it is necessary to provide this education so that all workers can take the actions necessary in case disaster strikes.
One of the most essential components about maintaining a facility that deals with toxic materials is to explicitly and clearly disseminate information to the public about what the facility does, how it could pose a risk to the public in case of a disaster, and how the public should react should a disaster occur. If this was emphasized by the Bhopal plant when it was built, then with this increased awareness perhaps many more lives could have been saved.
What does this mean for our remote caregiver interface?
So how does the concept of ethics apply to our remote caregiver interface? We have to be careful about preserving the secure nature of the theoretically “sensitive” data we will be handling, which includes patient health vitals and other identifying information gathered from the results of other groups’ data.
Because our website is hosted by the external third-party vendor Bluehost, by default our domain and all associated information will be vulnerable to any cyber-attacks aimed at that popular, well-renowned company. In addition, in the ideal, “real-life” setting, our application will be handling data related to patients, including information from previous hospital visits, records of the number of times they have fallen, and inventory of the foods in their pantries. This information is sensitive as it can be used to determine such factors as location and health status of the individual, and these qualities could potentially make our application a target of data breaches.
Since our application is hosted online, any device that accesses our application that is infected by a virus or is a victim of any other cybersecurity attack directly endangers our own website if this “infection” has the capacity to track the user’s browser history and/or collect usernames and passwords. These concerns may not be too relevant while we use mock data to populate our application instead of pulling from real data, but they are vital security threats to keep in mind moving forward in order to handle sensitive information securely and not violate our caregiver-patient trust.
With a project based entirely on software, it is vital for us to handle data securely and protect our devices from cybersecurity threats to ensure caregiver/patient confidentiality.
Thus, since our project is purely software-based, as it is a web application, the main concern of the Caregiver Interface is security of the data being transferred. We have taken the following measures to uphold it:
Not using real patient data for this project to prevent potential leaks
Using a secure web hosting service which provides security measures
Photo source: https://www.investors.com/research/ibd-stock-analysis/cybersecurity-stocks-still-under-threat-despite-strong-q3-earnings/
Questions?
Thank you!