Here's some questions to consider:
Would you feel confident in testifying truthfully about your company's software development practices in a civil deposition? In open court during a civil trial?
Would you feel confident in talking to the FBI, SEC or other law enforcement agencies about company's software development practices? What about testifying in a criminal trial where your bosses are facing charges and you might be accused as well?
These are both interesting questions.
I personally think that by the time we get to any kind of civil trial or law enforcement are required to be brought in, we have already failed as 'ethical' developers.
As we build our products and services, one of the constant questions that we should be asking is "what are the implications of this". I think to some extent we already do this quite well (certainly we consider the implications of design on a product's performance, we just need to think about the human implications too)!
This is why I mention the possibility that "we could (and possibly should) regulate this to allow ethical concerns to be raised without causing undue stress and worry" - ethical bodies might prevent us from needing to escalate these issues higher!
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.