Ethical, social, legal and professional issues related to the internet of

Ethical, Social, Legal and Professional issues related to the Internet of

Things (IoT)

The common definition for Internet of things is a network connection between the physical

objects. Internet is not only connected two computers, it will connected into a network of all

types and sizes devices such as smart phones, medical instruments, home appliances, people

and etc, these all are connected and communicating between them and if they need any

information they will sharing the information also. (Keyur K and Sunil M, 2016)

IoT has the unique addressing schemes and the ability to transfer the data over the network

without the human-to-human or human-to-computer interaction.(IoT For All, 2019)

When we using the IoT it has so many advantages, first is automated because all the access

will be done through the wireless infrastructure without the human interaction, all operations

will done their own. IoT has more information and it will helps to humans for take a better

decisions. And also you can use “Siri” by using these things they will also save your time.

When using IoT in business it will helps to make decisions by “monitoring consumers trends

and respond to the demand changes in a timely manner. It will helps to make greater sales and

lead greater profits and revenues.” (Odyseed, 2019)

(A) (B)

When discuss about the ethical issues related to the IoT, most general issues related to the IoT

are protection of the privacy, safety, trust, data security, data usability and data user

experience.(Tzafestas, 2018) First discusses about ultra connectivity the connections between

the physical devices is increase in the number. In the Business Insider, according to the

Morgan Stanley’s understandings in 2020 there is more than 75 million devices or objects

will connected to the internet of things. (Danova, 2013) According to this connectivity

transferring data quantity will increase massively (Big Data) and it could be used in harm

way. Through the massive connectivity the data security will be damaged. Example for this

data security issue is in 2016 November hackers will shut down the two buildings heating

system in the city of Lappeenranta, Finland. This attack is memorable because that time

!1

Finland temperature was freezing. (Wallen, 2017) This incident was violating ‘Value-based

ethics theory’ (J.Dewey) because in this incident devices and people get more damaged in

economically and social wise. (Tzafestas, 2018)

Next issue will be a protection of privacy, in earlier 2017 the FDA confirm the St.Jude

Medical cardiac devices like pacemakers and defibrillators are hackable. (Embitel, 2018)

Through this confirmation the patients will be trace out through the pacemaker company and

the hospital. In here the person’s privacy will be damaged. This incident was violating

Liberty principle and also violating the virtue theory (Aristotle, Plato). (Tzafestas, 2018)

Next issue is FitBit company is shared their customer’s fitness informations to their business

partners. Through this incident the business companies were earn more revenue in their

business. Because they were send advertisements to the consumers mail, make a phone call to

them through this they earn revenue. But it will be a treachery for the consumers because

they trust and buy FitBit products. (Emon, 2018) This incident was violating Difference

principle because through this, FitBit company and related business companies were earn

revenue only. And it will violate Utilitarian theory also because consumers were

physiologically down through this incident. (Tzafestas, 2018)

Next issue will be Teddy bear which are connected with the Internet those teddy bears were

record and leak 2 million recording of parents and their children. User account credentials

records like messages were exposed in the internet for anyone to see and listen. The exposed

data has more than 800″,000 users emails and passwords. (Bicchierai, 2017) Through this

incident safety of the consumers and the protection of the privacy was collapse. And also

users email and passwords was hacked it was a data security issue. Through the message

leaks Civil rights theory and Liberty principle was violated. (Tzafestas, 2018)

When talking about the legal issues, above telling all the incidents were connected with the

legal issues too. Because when they violating the theories and principle that time they will

under the ethical issue. And if they violating the laws they will came under the legal issue.

Legal and the ethical issues are most commonly related between them.

!2

According to the European Data Production Regulation EU DPR-2012, EU GDPR(European

General Data Protection Regulation-2016) it will protect the ‘personal data’ of the

individuals. (Tzafestas, 2018) FitBit company is shared their customer’s fitness informations

to their business partners. (Emon, 2018) In paragraph 8 to 14 they tell how the data protection

principles apply to the Internet of things in EU Data Production Law. So it will violating this

law. So it will be a legal issue to the FitBit company.

Next is in 2016 many major attacks were done most memorable is “Mirai botnet”. This

specific botnet was infected IoT devices like older routers and IP cameras. After collecting

their details it used to create a flood DNS provider and make a DDoS attack. ‘Mirai botnet

took down the GitHub, Netflix, Twitter and other major websites. This attack was done easily

because when it running the old version of the Linux kernel most of the users will not change

the default username and password of their devices. (Wallen, 2017) It will violating EU

Directive-2013/40 this law directive deals with “Cybercrime”’. It will be a Cybercrime

related issue.

“In 2014 a malicious computer worm called Stuxnet was responsible for causing damage to

Iran’s nuclear project. This was a case of internet of things security issue.” (Embitel, 2018)

This case is violating EU NIS Directive-2016 this network and security directive concerns

cybersecurity issues. (Digital Single Market – European Commission, 2018) through the

network hackers will attack the government.

Next issue is a hackable sniper rifles. In 2015 at the black hat hacker conference two security

researchers will demonstrated how a wirelessly connected sniper rifle of a company of

TrackPoint, can be hacked. In that time demonstrators were shows how the wifi connected

devices allows the software remotely over the network. This done by logging the gun’s

network with the default password and allowing to connected. After that hackers will access

the API and change the target. (Embitel, 2018) This incident is violating EU

Directive-2013/40 law (cybercrime) and EU NIS Directive-2016 (cybersecurity) law. (Digital

!3

Single Market – European Commission, 2018) (Tzafestas, 2018) This will be a hacking

related issue.

And also Teddy bear which are connected with the Internet those teddy bears were record and

leak 2 million recording of parents and their children. This incident also violating the

provisions relating to data protection of individual personal information are covered under the

“Information Technology Act, 2000 (“ITA”) and the “Reasonable practices and procedures

and sensitive personal data or information Rules, 2011″ issued under Section 43A of the ITA.

(Sarin, 2018) These laws under Indian Government and according to European Data

Production Regulation EU DPR-2012, EU GDPR(European General Data Protection

Regulation-2016) it will protect the ‘personal data’ of the individuals. (Tzafestas, 2018)

Some of the social issues related to IoT is, laziness; when using all the access through the

Internet of things on the same place. Example Mozilla is to create a technology platform to

the consumers that could issue a device give such commands as “turn off the lights

downstairs” by using these technology consumer never use the switch for off the lights. And

also the new Nespresso coffeemaker that lets you start the brewing from a mobile app, so

you don’t have to leave the chair or bed. (Martin, 2016)

By using of the Internet of things unemployment will be increased. Because when

introducing the new IoT technology that time the device will do many jobs and also new

types of jobs will emerge because of the IoT. New jobs like designers fo medical robots, grid

modernization managers like new jobs are rise in the future so that time employees need

knowledge about the new technology, like software development. (Kvochko, Wan and

Banerjee, 2014) According to the study carried out by the Harvard academics, there is ‘47

percent of U.S jobs are in the high risk category for the replacement of the automation’. And

also according to the government telecommunications leader Aruna Sundararajan said IoT

will create up 15 million new jobs over the next few years. (Matthews, 2018)

!4

When we using the Internet of Things our brain productivity will be damaged because when

we using the IoT devices they will alert us and remember the thing what we want to do. In a

study by Science Magazine, student were asked the types of pieces of trivia, and then

depending on their group the information would be saved or erased. The group that was told

their data would be saved less likely to remember. Through this study it will indicate the

people have lower level of recall when they can expect to be able to access information in

future. And the concentration level also suffered. (OnlineCollege.org, 2019)

When talking about the social issue related to the Internet of things a person will not attach

with another person and also with the environment. Because when using IoT devices for the

day today life human interaction is less, and the interaction between human and the machine

will be high, some time humans will emotionally connected with the machines. Example

when you buy a first phone, and later you will buy so many phones but some of will protect

the first phone if even it doesn’t work. And also in earlier every one has hobby like playing

with other friends, gardening like wise after the IoT development interaction between the

human and environment will be down. And connected with the machines will be increased.

When comes to the professional issues in IoT, first is a fitness tracker’s data can be shared

with the health insure, third party apps, on social network and also the device manufacturing

company; in here “the person information gathered for the specific purpose , and used for

other purposes without the person’s consent” so it will violating respect privacy code of

conduct. And also honor confidentiality code of conduct because of leaks the clients datas.

(Pai, 2016) and also this issue will violating BCS Code of Conduct 1 (a) and BCS Code of

Conduct 3 (d) (Bcs.org, 2015)

Next issue will be a which toys are connected with the internet those microphones and

cameras will access by unauthorized person and those toys will make screaming obscenities

in the baby rooms in the midnight. (McDonald, 2018) This issue will violating BCS Code of

Conduct 2 (f) and BCS Code of Conduct 1 (c) the reason for code of conduct 1 is it will tells

!5

discrimination of sexual orientation but obscenities sounds will mentally affect the children

because the sounds will come form their toys. (Bcs.org, 2015)

In January of 2017 U.S. Food and Drug Administration will said cardiac devices (pacemakers

& defibrillators) will accessible by others. That will be tell it will design to send those

patients details to the physician. And also these devices will connected with the wireless to

the hub in the internet connection. (McDonald, 2018) This issue will violating BCS Code of

Conduct 2 (f) because of accessing the cardiac device of a specific person, and also it will

violate BCS Code of Conduct 1 (a) because of send the health details and privacy without his

permission. (Bcs.org, 2015)

(C)

Under the social issues site unemployment is take a major part in the society. According to

the Dr.Kristina Dervijeda (Senior manager, Innovation and Development at PwC”,

Netherlands) perspective issues will ‘raised looked at the consequences of the job automation

for low vs highly skills jobs, and also employees need to reskill growing number of the

people with out-of-date education and skills’ and also it will take implications for the next

generation career choices too. Through PwC in a study commissioned by the European

Commission 45 percent of the activities could be automated by using already demonstrated

IoT technology. Through her article she will tell some specific jobs can’t replace by machines

such as creativity, empathy and intuitiveness related jobs. (Dervijeda, 2017)

According to Prithviraj Banerjee, Dadong Wan and Elena Kvochko understating they will

divided the jobs under 5 category according to the job that will affected in the society. Those

‘Traditional jobs in hybrid verticals, like IT and medicine, IT and energy, robotics and

agriculture; related jobs are software developer, hardware designer and data scientist. Next is

New jobs in hybrid verticals like designers of medical robots, grid modernization managers

and transportation network engineers; for those jobs employees need hard skills(software

developer) rather than soft skill(team management). Third is Traditional jobs in traditional

verticals after the IoT development unsafe jobs are replaced by the technology and robots;

!6

example Rio Tinto, a British-Australian mining company like wise. Forth one is New jobs in

traditional verticals like companies will search software developers with knowledge of cloud

computing and also new type security and privacy protection jobs placements were increase.

Last is Jobs less likely to be affected such as creativity, intuitiveness and empathy related jobs

are play major part like nurses, counsellors, psychologists, and home-helpers.’ (Kvochko”,

Wan and Banerjee, 2014)

Through the analysis both writes will says creativity, intuitiveness and empathy related jobs

are play major role in future so those kind of jobs have a big opportunity in next generation.

According to the Ethics and Law in the Internet of Things World review which is written by

Spyros G. Tzafestas, he will specify some of the ethical issues based on IoT characteristics

that may cause ethical problems, such as ‘ubiquity, IoT is using everywhere and the users will

attract to IoT and absorbed by it; and there is no clear way for out’. Next problem is ‘property

right of the data and the information through this characteristic it is difficult to identifying the

humans and things, and also difficult to identify the owner of the data retrieve by IoT

sensors’.

Next characteristic is vulnerability, ‘in here the possible vulnerability issue in IoT is more

scaring, it will applicable in the home appliances, to hospitals, and also the traffic lights

systems, food distribution and the transportation system.’ Fourth characteristic is accessibility

of data, ‘in here PC might be get an attack and cause of information loss. A virus or hacker

will attack in IoT will take a serious effect on human life’ example is on the life of a driver of

the car which is connected to IoT. Fifth characteristic is omnipresence ‘through this character

it will makes an invisible boundaries between the public and the private space, so any one

can’t find where there informations will be ends up.’ (Tzafestas, 2018)

!7

(D)

For the ‘Cold in Finland’ attack that time the management did not check the network

frequently. So if they check their network needs frequently they will monitored the DDoS and

the other attacks. And also they can find and see the suspect activity on the network act. So

frequently monitor the network is essential for avoid the attacks. (Wallen, 2017)

The issue which is connected cardiac device with the IoT device will be hacked; through

avoiding these issues the company should developed and implement a patch fix for the

existing bugs and also they should frequently developed the updates is necessary. (Embitel”,

2019)

In the Stuxnet attack the management should not connected the mission critical devices on a

standard computer platform through the WAN unless it’s necessary. And also they should

makes a safeguarded from the unauthorized personnels. (Embitel, 2019) (Wallen, 2017)

Mirai botnet attack will happened because of many companies cut the manufacturing costs

for including not enough storage spaces on their devices for the Linux kernel update. Because

of the update issues most of the IoT devices were running the kernel with the vulnerabilities.

If the manufacturing company will give a regular schedule kernel updates, this issue is

resolved, otherwise IoT devices will suffer under these types of attacks. (Embitel, 2019)

(Wallen, 2017)

For the solution for hacked sniper rifles issue will be the TargetPoint management should

developed a patch fix for the existing hackable rifle’s software. And also they should

maintain the security also for that they can make a consultation form the IoT solutions

providers because these days they will developing the foolproof IoT systems. (Embitel, 2019)

In generally we should have broader mindset for IoT security, encryption of the data is a first

defense for the IoT, and in the companies should evaluate security like identity and

authentication of access. (Lopez, 2016)

!8

In the teddy bear issue there is more than 800″,000 emails and passwords exposed. Because

the password is not much enough strong and crack the password by hashing function bcrypt.

So if the users will use most complex passwords, this large number of cracks will not

happened so in here recommend don’t use the default passwords and make your passwords to

complex. (Bicchierai, 2017)

Develop harsh laws by the government according to any privacy Information will collect

without the permission of a specific person and stored those information in Unauthorized

manner through IoT devices.

“Organizations should tune the modalities to manage and control the smart IoT devices for

material and measurable improvement by developing strong analytic and data management

capabilities and training talents to manage IoT technology. IoT developers should make

development related to the security, user experience, resiliency and adaptability when a

device, sensor or any other IoT components is being design for develop.” (Patrick, 2018)

IoT Device manufactures should need to improve the security in the consumer devices side

and the vendor managed devices side ‘security should be build into the device by design and

tested vigorously.’

The term of use should clearly explained and any data collections and usage of IoT data as

well as opt-out options. ‘HIPAA should extended to protect the user generated health

data.’ (Patrick, 2018)

(E)

!9

IoT Device manufacturing company will take the responsible or liable for patching of the IoT

devices, routers and the cloud connections. And also they will give a correct updates to their

products. And giving the warranty for their products, through these, society will used most of

the devices and connected with their life easily.

When using the IoT, if the user wants opt out, then give the option for the users choice;

through giving the options to the users choice it will help for them because if they need any

advertisements then only they accept it, or otherwise declined that option so they don’t get

any disturb from the device.

When comes to the data collection manufacturing company will collect the data under the

government laws. And also maintain the datas securely and if the company will collect the

data for different purposes company will tell the issue in earlier to the users and get the

approval from the users and government.

If the IoT Device acts without the consent of its owner or acts in unintended ways company

and the device insurance company will take the responsibility for this event, and then

company and the insurance will give the damage amount for that unintended event which

done by IoT Device.

Through the manufacturing of IoT company should take care of the environment. And also

the organisation should shows the commitment with the direct and the indirect impact on the

nature. And also the products should be promote the green technology. And also these product

should recyclable so then it will environmental friendly.

When talking about the general ethical approach in IoT, will define the quality of the lifecycle

of all people, and it is use their skills for the benefit of the environment, members and the

surroundings. And it will promote environmental sustainability in locally and globally; this

approach will defines through; “contribute to society and human well being, acknowledging

that all people are stakeholders in computing” ethical principle. IoT should be transparent and

!10

provide full capabilities, limitations and potential problems to the appropriate parties. IoT

should be honest about the qualifications and about the limitations in complete a task. It will

taken under “be honesty and trustworthy” general ethical principle. IT professional should

maintain confidential information such as client data, trade secrets, financial information”,

research data and patent application. It will be honor confidentiality ethical principal.

IT professionals should seek and utilize and stakeholders reviews. They should also provide

constructive, critical reviews of other’s work, this is accept and provide appropriate

professional review under professional ethical principal. IT professional should maintain and

support high quality work from them and with their colleagues too. The dignity of employers”,

users, clients and if any one affected directly or indirectly by the work should be respected

throughout the process. This will be under “strive to achieve high quality in both the

processes and products of professional work” in professional responsibilities ethical

principals. Through this IT professional can develop their team management skills by

respecting the ethical principle approaches.

IT professional should keep focus on explicit consideration when evaluating the tasks

associate with the researches, designing, testings, validations, and disposal. There is no

matter which methodologies or techniques they use in their practice, this is under “ensure that

the public good is the central concern during all professional computing work” with the

professional leadership ethical principal. Through this principal, IT professional can develop

their leadership qualities.

!11