Ethical, Social, Legal and Professional issues related to the Internet of
Things (IoT)
The common definition for Internet of things is a network connection between the physical
objects. Internet is not only connected two computers, it will connected into a network of all
types and sizes devices such as smart phones, medical instruments, home appliances, people
and etc, these all are connected and communicating between them and if they need any
information they will sharing the information also. (Keyur K and Sunil M, 2016)
IoT has the unique addressing schemes and the ability to transfer the data over the network
without the human-to-human or human-to-computer interaction.(IoT For All, 2019)
When we using the IoT it has so many advantages, first is automated because all the access
will be done through the wireless infrastructure without the human interaction, all operations
will done their own. IoT has more information and it will helps to humans for take a better
decisions. And also you can use “Siri” by using these things they will also save your time.
When using IoT in business it will helps to make decisions by “monitoring consumers trends
and respond to the demand changes in a timely manner. It will helps to make greater sales and
lead greater profits and revenues.” (Odyseed, 2019)
(A) (B)
When discuss about the ethical issues related to the IoT, most general issues related to the IoT
are protection of the privacy, safety, trust, data security, data usability and data user
experience.(Tzafestas, 2018) First discusses about ultra connectivity the connections between
the physical devices is increase in the number. In the Business Insider, according to the
Morgan Stanley’s understandings in 2020 there is more than 75 million devices or objects
will connected to the internet of things. (Danova, 2013) According to this connectivity
transferring data quantity will increase massively (Big Data) and it could be used in harm
way. Through the massive connectivity the data security will be damaged. Example for this
data security issue is in 2016 November hackers will shut down the two buildings heating
system in the city of Lappeenranta, Finland. This attack is memorable because that time
!1
Finland temperature was freezing. (Wallen, 2017) This incident was violating ‘Value-based
ethics theory’ (J.Dewey) because in this incident devices and people get more damaged in
economically and social wise. (Tzafestas, 2018)
Next issue will be a protection of privacy, in earlier 2017 the FDA confirm the St.Jude
Medical cardiac devices like pacemakers and defibrillators are hackable. (Embitel, 2018)
Through this confirmation the patients will be trace out through the pacemaker company and
the hospital. In here the person’s privacy will be damaged. This incident was violating
Liberty principle and also violating the virtue theory (Aristotle, Plato). (Tzafestas, 2018)
Next issue is FitBit company is shared their customer’s fitness informations to their business
partners. Through this incident the business companies were earn more revenue in their
business. Because they were send advertisements to the consumers mail, make a phone call to
them through this they earn revenue. But it will be a treachery for the consumers because
they trust and buy FitBit products. (Emon, 2018) This incident was violating Difference
principle because through this, FitBit company and related business companies were earn
revenue only. And it will violate Utilitarian theory also because consumers were
physiologically down through this incident. (Tzafestas, 2018)
Next issue will be Teddy bear which are connected with the Internet those teddy bears were
record and leak 2 million recording of parents and their children. User account credentials
records like messages were exposed in the internet for anyone to see and listen. The exposed
data has more than 800″,000 users emails and passwords. (Bicchierai, 2017) Through this
incident safety of the consumers and the protection of the privacy was collapse. And also
users email and passwords was hacked it was a data security issue. Through the message
leaks Civil rights theory and Liberty principle was violated. (Tzafestas, 2018)
When talking about the legal issues, above telling all the incidents were connected with the
legal issues too. Because when they violating the theories and principle that time they will
under the ethical issue. And if they violating the laws they will came under the legal issue.
Legal and the ethical issues are most commonly related between them.
!2
According to the European Data Production Regulation EU DPR-2012, EU GDPR(European
General Data Protection Regulation-2016) it will protect the ‘personal data’ of the
individuals. (Tzafestas, 2018) FitBit company is shared their customer’s fitness informations
to their business partners. (Emon, 2018) In paragraph 8 to 14 they tell how the data protection
principles apply to the Internet of things in EU Data Production Law. So it will violating this
law. So it will be a legal issue to the FitBit company.
Next is in 2016 many major attacks were done most memorable is “Mirai botnet”. This
specific botnet was infected IoT devices like older routers and IP cameras. After collecting
their details it used to create a flood DNS provider and make a DDoS attack. ‘Mirai botnet
took down the GitHub, Netflix, Twitter and other major websites. This attack was done easily
because when it running the old version of the Linux kernel most of the users will not change
the default username and password of their devices. (Wallen, 2017) It will violating EU
Directive-2013/40 this law directive deals with “Cybercrime”’. It will be a Cybercrime
related issue.
“In 2014 a malicious computer worm called Stuxnet was responsible for causing damage to
Iran’s nuclear project. This was a case of internet of things security issue.” (Embitel, 2018)
This case is violating EU NIS Directive-2016 this network and security directive concerns
cybersecurity issues. (Digital Single Market – European Commission, 2018) through the
network hackers will attack the government.
Next issue is a hackable sniper rifles. In 2015 at the black hat hacker conference two security
researchers will demonstrated how a wirelessly connected sniper rifle of a company of
TrackPoint, can be hacked. In that time demonstrators were shows how the wifi connected
devices allows the software remotely over the network. This done by logging the gun’s
network with the default password and allowing to connected. After that hackers will access
the API and change the target. (Embitel, 2018) This incident is violating EU
Directive-2013/40 law (cybercrime) and EU NIS Directive-2016 (cybersecurity) law. (Digital
!3
Single Market – European Commission, 2018) (Tzafestas, 2018) This will be a hacking
related issue.
And also Teddy bear which are connected with the Internet those teddy bears were record and
leak 2 million recording of parents and their children. This incident also violating the
provisions relating to data protection of individual personal information are covered under the
“Information Technology Act, 2000 (“ITA”) and the “Reasonable practices and procedures
and sensitive personal data or information Rules, 2011″ issued under Section 43A of the ITA.
(Sarin, 2018) These laws under Indian Government and according to European Data
Production Regulation EU DPR-2012, EU GDPR(European General Data Protection
Regulation-2016) it will protect the ‘personal data’ of the individuals. (Tzafestas, 2018)
Some of the social issues related to IoT is, laziness; when using all the access through the
Internet of things on the same place. Example Mozilla is to create a technology platform to
the consumers that could issue a device give such commands as “turn off the lights
downstairs” by using these technology consumer never use the switch for off the lights. And
also the new Nespresso coffeemaker that lets you start the brewing from a mobile app, so
you don’t have to leave the chair or bed. (Martin, 2016)
By using of the Internet of things unemployment will be increased. Because when
introducing the new IoT technology that time the device will do many jobs and also new
types of jobs will emerge because of the IoT. New jobs like designers fo medical robots, grid
modernization managers like new jobs are rise in the future so that time employees need
knowledge about the new technology, like software development. (Kvochko, Wan and
Banerjee, 2014) According to the study carried out by the Harvard academics, there is ‘47
percent of U.S jobs are in the high risk category for the replacement of the automation’. And
also according to the government telecommunications leader Aruna Sundararajan said IoT
will create up 15 million new jobs over the next few years. (Matthews, 2018)
!4
When we using the Internet of Things our brain productivity will be damaged because when
we using the IoT devices they will alert us and remember the thing what we want to do. In a
study by Science Magazine, student were asked the types of pieces of trivia, and then
depending on their group the information would be saved or erased. The group that was told
their data would be saved less likely to remember. Through this study it will indicate the
people have lower level of recall when they can expect to be able to access information in
future. And the concentration level also suffered. (OnlineCollege.org, 2019)
When talking about the social issue related to the Internet of things a person will not attach
with another person and also with the environment. Because when using IoT devices for the
day today life human interaction is less, and the interaction between human and the machine
will be high, some time humans will emotionally connected with the machines. Example
when you buy a first phone, and later you will buy so many phones but some of will protect
the first phone if even it doesn’t work. And also in earlier every one has hobby like playing
with other friends, gardening like wise after the IoT development interaction between the
human and environment will be down. And connected with the machines will be increased.
When comes to the professional issues in IoT, first is a fitness tracker’s data can be shared
with the health insure, third party apps, on social network and also the device manufacturing
company; in here “the person information gathered for the specific purpose , and used for
other purposes without the person’s consent” so it will violating respect privacy code of
conduct. And also honor confidentiality code of conduct because of leaks the clients datas.
(Pai, 2016) and also this issue will violating BCS Code of Conduct 1 (a) and BCS Code of
Conduct 3 (d) (Bcs.org, 2015)
Next issue will be a which toys are connected with the internet those microphones and
cameras will access by unauthorized person and those toys will make screaming obscenities
in the baby rooms in the midnight. (McDonald, 2018) This issue will violating BCS Code of
Conduct 2 (f) and BCS Code of Conduct 1 (c) the reason for code of conduct 1 is it will tells
!5
discrimination of sexual orientation but obscenities sounds will mentally affect the children
because the sounds will come form their toys. (Bcs.org, 2015)
In January of 2017 U.S. Food and Drug Administration will said cardiac devices (pacemakers
& defibrillators) will accessible by others. That will be tell it will design to send those
patients details to the physician. And also these devices will connected with the wireless to
the hub in the internet connection. (McDonald, 2018) This issue will violating BCS Code of
Conduct 2 (f) because of accessing the cardiac device of a specific person, and also it will
violate BCS Code of Conduct 1 (a) because of send the health details and privacy without his
permission. (Bcs.org, 2015)
(C)
Under the social issues site unemployment is take a major part in the society. According to
the Dr.Kristina Dervijeda (Senior manager, Innovation and Development at PwC”,
Netherlands) perspective issues will ‘raised looked at the consequences of the job automation
for low vs highly skills jobs, and also employees need to reskill growing number of the
people with out-of-date education and skills’ and also it will take implications for the next
generation career choices too. Through PwC in a study commissioned by the European
Commission 45 percent of the activities could be automated by using already demonstrated
IoT technology. Through her article she will tell some specific jobs can’t replace by machines
such as creativity, empathy and intuitiveness related jobs. (Dervijeda, 2017)
According to Prithviraj Banerjee, Dadong Wan and Elena Kvochko understating they will
divided the jobs under 5 category according to the job that will affected in the society. Those
‘Traditional jobs in hybrid verticals, like IT and medicine, IT and energy, robotics and
agriculture; related jobs are software developer, hardware designer and data scientist. Next is
New jobs in hybrid verticals like designers of medical robots, grid modernization managers
and transportation network engineers; for those jobs employees need hard skills(software
developer) rather than soft skill(team management). Third is Traditional jobs in traditional
verticals after the IoT development unsafe jobs are replaced by the technology and robots;
!6
example Rio Tinto, a British-Australian mining company like wise. Forth one is New jobs in
traditional verticals like companies will search software developers with knowledge of cloud
computing and also new type security and privacy protection jobs placements were increase.
Last is Jobs less likely to be affected such as creativity, intuitiveness and empathy related jobs
are play major part like nurses, counsellors, psychologists, and home-helpers.’ (Kvochko”,
Wan and Banerjee, 2014)
Through the analysis both writes will says creativity, intuitiveness and empathy related jobs
are play major role in future so those kind of jobs have a big opportunity in next generation.
According to the Ethics and Law in the Internet of Things World review which is written by
Spyros G. Tzafestas, he will specify some of the ethical issues based on IoT characteristics
that may cause ethical problems, such as ‘ubiquity, IoT is using everywhere and the users will
attract to IoT and absorbed by it; and there is no clear way for out’. Next problem is ‘property
right of the data and the information through this characteristic it is difficult to identifying the
humans and things, and also difficult to identify the owner of the data retrieve by IoT
sensors’.
Next characteristic is vulnerability, ‘in here the possible vulnerability issue in IoT is more
scaring, it will applicable in the home appliances, to hospitals, and also the traffic lights
systems, food distribution and the transportation system.’ Fourth characteristic is accessibility
of data, ‘in here PC might be get an attack and cause of information loss. A virus or hacker
will attack in IoT will take a serious effect on human life’ example is on the life of a driver of
the car which is connected to IoT. Fifth characteristic is omnipresence ‘through this character
it will makes an invisible boundaries between the public and the private space, so any one
can’t find where there informations will be ends up.’ (Tzafestas, 2018)
!7
(D)
For the ‘Cold in Finland’ attack that time the management did not check the network
frequently. So if they check their network needs frequently they will monitored the DDoS and
the other attacks. And also they can find and see the suspect activity on the network act. So
frequently monitor the network is essential for avoid the attacks. (Wallen, 2017)
The issue which is connected cardiac device with the IoT device will be hacked; through
avoiding these issues the company should developed and implement a patch fix for the
existing bugs and also they should frequently developed the updates is necessary. (Embitel”,
2019)
In the Stuxnet attack the management should not connected the mission critical devices on a
standard computer platform through the WAN unless it’s necessary. And also they should
makes a safeguarded from the unauthorized personnels. (Embitel, 2019) (Wallen, 2017)
Mirai botnet attack will happened because of many companies cut the manufacturing costs
for including not enough storage spaces on their devices for the Linux kernel update. Because
of the update issues most of the IoT devices were running the kernel with the vulnerabilities.
If the manufacturing company will give a regular schedule kernel updates, this issue is
resolved, otherwise IoT devices will suffer under these types of attacks. (Embitel, 2019)
(Wallen, 2017)
For the solution for hacked sniper rifles issue will be the TargetPoint management should
developed a patch fix for the existing hackable rifle’s software. And also they should
maintain the security also for that they can make a consultation form the IoT solutions
providers because these days they will developing the foolproof IoT systems. (Embitel, 2019)
In generally we should have broader mindset for IoT security, encryption of the data is a first
defense for the IoT, and in the companies should evaluate security like identity and
authentication of access. (Lopez, 2016)
!8
In the teddy bear issue there is more than 800″,000 emails and passwords exposed. Because
the password is not much enough strong and crack the password by hashing function bcrypt.
So if the users will use most complex passwords, this large number of cracks will not
happened so in here recommend don’t use the default passwords and make your passwords to
complex. (Bicchierai, 2017)
Develop harsh laws by the government according to any privacy Information will collect
without the permission of a specific person and stored those information in Unauthorized
manner through IoT devices.
“Organizations should tune the modalities to manage and control the smart IoT devices for
material and measurable improvement by developing strong analytic and data management
capabilities and training talents to manage IoT technology. IoT developers should make
development related to the security, user experience, resiliency and adaptability when a
device, sensor or any other IoT components is being design for develop.” (Patrick, 2018)
IoT Device manufactures should need to improve the security in the consumer devices side
and the vendor managed devices side ‘security should be build into the device by design and
tested vigorously.’
The term of use should clearly explained and any data collections and usage of IoT data as
well as opt-out options. ‘HIPAA should extended to protect the user generated health
data.’ (Patrick, 2018)
(E)
!9
IoT Device manufacturing company will take the responsible or liable for patching of the IoT
devices, routers and the cloud connections. And also they will give a correct updates to their
products. And giving the warranty for their products, through these, society will used most of
the devices and connected with their life easily.
When using the IoT, if the user wants opt out, then give the option for the users choice;
through giving the options to the users choice it will help for them because if they need any
advertisements then only they accept it, or otherwise declined that option so they don’t get
any disturb from the device.
When comes to the data collection manufacturing company will collect the data under the
government laws. And also maintain the datas securely and if the company will collect the
data for different purposes company will tell the issue in earlier to the users and get the
approval from the users and government.
If the IoT Device acts without the consent of its owner or acts in unintended ways company
and the device insurance company will take the responsibility for this event, and then
company and the insurance will give the damage amount for that unintended event which
done by IoT Device.
Through the manufacturing of IoT company should take care of the environment. And also
the organisation should shows the commitment with the direct and the indirect impact on the
nature. And also the products should be promote the green technology. And also these product
should recyclable so then it will environmental friendly.
When talking about the general ethical approach in IoT, will define the quality of the lifecycle
of all people, and it is use their skills for the benefit of the environment, members and the
surroundings. And it will promote environmental sustainability in locally and globally; this
approach will defines through; “contribute to society and human well being, acknowledging
that all people are stakeholders in computing” ethical principle. IoT should be transparent and
!10
provide full capabilities, limitations and potential problems to the appropriate parties. IoT
should be honest about the qualifications and about the limitations in complete a task. It will
taken under “be honesty and trustworthy” general ethical principle. IT professional should
maintain confidential information such as client data, trade secrets, financial information”,
research data and patent application. It will be honor confidentiality ethical principal.
IT professionals should seek and utilize and stakeholders reviews. They should also provide
constructive, critical reviews of other’s work, this is accept and provide appropriate
professional review under professional ethical principal. IT professional should maintain and
support high quality work from them and with their colleagues too. The dignity of employers”,
users, clients and if any one affected directly or indirectly by the work should be respected
throughout the process. This will be under “strive to achieve high quality in both the
processes and products of professional work” in professional responsibilities ethical
principals. Through this IT professional can develop their team management skills by
respecting the ethical principle approaches.
IT professional should keep focus on explicit consideration when evaluating the tasks
associate with the researches, designing, testings, validations, and disposal. There is no
matter which methodologies or techniques they use in their practice, this is under “ensure that
the public good is the central concern during all professional computing work” with the
professional leadership ethical principal. Through this principal, IT professional can develop
their leadership qualities.
!11
Be First to Comment