The Ethical Use of Surrounding Biometrics

Topic: Ethics Words: 1667 Pages: 6

Introduction

The pace of the development of modern technology opens up many unique possibilities for ordinary people. Some electronic tools, previously only visible on the screens of science fiction films, are now found in the devices of the vast majority of users around the world. Many such systems have come into society’s daily life from the security sphere, for example, fingerprint scanners, retina scanners, and face recognition systems (North-Samardzic, 2019). However, such widespread adoption of such devices that collect personal data from users raises several ethical questions.

Also, the actively developing concept of the Internet of Things (IoT) contributes to the active study of this issue. The above devices are primarily related to the areas of personal security, for example, phone locking. However, at the moment, IoT includes almost all modern household devices, including even children’s toys (Nagel et al., 2018). They collect a vast amount of data about their user and, most importantly, store and exchange it without active human participation. As a result, three normative ethics principles are called into question: autonomy, confidentiality, and respect for the individual. This paper aims to analyze the problem of the ethical use of IoT tools that collect biometric data and propose policies that can correct the negative aspects of this problem.

Matrix

Ethical issue: ethical use of biometrics collected by the IoT.
Stakeholders	Autonomy	Confidentiality	Respect for Person
Person	Each person has the right independently, and not using machine algorithms, to determine the degree of information collection and the modes of operation of devices.	Everyone has the right to the confidentiality of specific data about themselves, as well as must respect the confidentiality of the data of other people.	Each person must respect other people, their rights, and not use them as simple tools to achieve goals.
Device companies	Manufacturing companies must respect the human right to autonomy and not give too many options to their devices or clearly communicate them to users.	Manufacturing companies must ensure the confidentiality of the data they collect, not transfer it to third parties, and use it only to secure IoT systems’ operation.	Manufacturing companies must respect each user and their rights and not use them as tools to make a profit.
Government	Government structures should ensure at the legislative level the autonomy of decision-making by people and limit the degree of independence of electronic devices.	State structures should monitor the preservation of residents’ privacy and protect them from attempts to illegally collect data.	Governments should respect personal freedom and notify users of how their information is processed, rather than use it secretly for government purposes.

Why I Chose This Dilemma?

Collecting biometric data using IoT technologies is becoming extremely popular today. The number of devices in this network significantly exceeds the number of people on Earth, thereby changing the very principle of interaction between people and technology (Allhoff and Henschke, 2018). Such widespread use of such gadgets allows collecting a considerable amount of data about people, ranging from habits and ending with increased secrecy data, such as fingerprints. Autonomous devices that are permanently connected are difficult to analyze and therefore make it difficult to define the boundaries of their responsibilities (Ustek-Spilda et al., 2019). Currently, a large amount of data is used unethically, which requires regulation, so I chose this dilemma.

Why I Chose These Three Principles?

The principles I have chosen, namely autonomy, confidentiality, and respect for the individual, reflect the fundamental ethical aspects that must be respected by any IoT system. The concept of autonomy governs to what extent the systems in question should operate without human intervention. Confidentiality is a significant concern in this case, as it is the excessive collection of data that causes an ethical dilemma. Finally, respect for the individual combines the last two terms and combines them with showing respect for other people.

An Analysis of the Research Used to Identify the Actions in the Matrix

The analysis carried out allows establishing the levels of control over the ethical issue from three main stakeholders’ points of view. It directly depends on the user what information he will transmit through various settings and the choice of installed systems. In addition, before starting work, any user confirms his consent to the user agreement, which specifies the methods of obtaining information. Manufacturing companies should enable it to do this by introducing adjustments to the device’s autonomy level to maximize operational efficiency and maintain an ethical perspective (Janiesch et al., 2018). At the same time, companies must inform the user about all the data they collect in the user agreement, using wording with precise wording.

The state can regulate this issue by introducing legislation and ensuring its implementation. Acts on the protection of information, as well as notable acts regulating the types of permitted collected biometric data, can serve as such acts. The introduction of a biometric system by the prepared legislative framework will ensure the observance and respect of user rights (Baichoo et al., 2018). Finally, from the point of view of respect for the individual and the company, the state must respect human rights and not use its position to gain control over a person’s life. While obtaining data from such systems opens up many opportunities, it is unethical to use it to gain an advantage over the user. Therefore, the state should also regulate the subsequent use of biometric information. Simultaneously, the government should not have direct access to its citizens’ data, since such actions also violate users’ privacy.

Organization Policy

Overview

Smart Things employees must respect the rights of the company’s users as individuals to autonomy and maintain their biometric data confidentiality, protecting them from damage and unauthorized use, both accidentally and intentionally. To comply with this condition, it is necessary to develop a package of documentation, software, and engineering solutions that will maximally protect users’ data from negative influence. These solutions must be created by information privacy laws, regulations, and policies. Smart Things reserves the right to conduct regular checks to identify and eliminate possible emerging risks associated with a potential leak or unauthorized use of biometric data. If such violations are found, the company undertakes to take all measures to identify the source of the problem and eliminate it.

Purpose

The purpose of this policy is to describe the acceptable ways of collecting, maintaining, sharing, and disposal of collected biometric data. The adopted rules are created to comply with the moral rights of users as much as possible. All biometrics workers should be familiar with the following guidelines. Failure to comply with these rules may expose Smart Things to risks, including personal data leakage and compromise, as well as legal issues. This document will be used to resolve disputes between the company and its employees, as well as between the company and its customers.

Scope

This policy is intended for use by Smart Things employees, i.e., consultants, engineers, developers, computer professionals, and authorized third parties. All listed persons are responsible for maintaining the company’s customers’ confidentiality by company standards and local regulations. The rules below describe the methods of collecting personal information, acceptable methods of use, and the necessary means of storing and disposing of biometric data. The main person representing the company in this matter is the Chief Information Officer (CIO), who is responsible for the implementation and maintenance of the company’s privacy policy and compliance by all of the above persons with the laws.

Policy

Employee Compliance to Policy

The information collected by Smart Things stored on electronic and computing devices, whether owned or leased by the employee or a third party, remains the personal data of customers and is not the company’s property. Employees must ensure that this information is protected through legal or technical means by the Data Protection Standard.
Employees have a responsibility to promptly report the theft, loss, or unauthorized disclosure of the collected information.
Employees may access, use, or share Smart Things’ data only to the extent it is authorized and necessary to fulfill their assigned job duties.
Individual departments are responsible for creating guidelines for the use and processing of client information by the specifics of the work of a particular department. In the absence of specific guidance, employees must follow federal law and contact a manager or supervisor in the event of uncertainty.
Each employee is obliged to avoid possible leakage of personal biometric data by any means: verbal, written, using computer systems.
Employees should not collect and process personal biometric information in the absence of authorization, and if available, they should work only with the required amount of data.
The information collected and processed by employees must be free from errors and be as accurate as possible, for which it is necessary to use all available hardware and software.
Personal use of company resources by employees is prohibited, unethical, and will be punished with sanctions.

Company Policy

The Smart Things Privacy Program monitors all available systems, both internal and client-side, to maximize biometric data collection systems’ privacy and ethics.
Smart Things reserves the right to periodically research and process the collection, storage, processing, and disposal of biometric data to ensure compliance with laws and organization policies.
Smart Things is committed to developing and releasing necessary hardware and software updates for the best personal biometric data collection.
Smart Things will only collect information required for the supported systems to operate by the existing technical requirements.
Smart Things undertakes to collect only biometric information that is legal.
Smart Things will notify the user about the amount, type, methods of gathering information, and how it is processed.
Smart Things undertakes to maintain the most responsible policy from the point of view, not violating customers’ personal space, respecting their rights to autonomy and confidentiality, and preventing attempts to assassinate them by employees.

Sanctions/Enforcement

This policy has no exceptions, individual permissions, or any additional rules. Violations and non-compliance with this policy will result in disciplinary action, which may include termination of employment.

References

Allhoff, F., & Henschke, A. (2018). The internet of things: Foundational ethical issues. Internet of Things, 1, 55-66. Web.

Baichoo, S., Khan, M. H. M., Bissessur, P., Pavaday, N., Boodoo-Jahangeer, N., & Purmah, N. R. (2018). Legal and ethical considerations of biometric identity card: Case for Mauritius. Computer Law & Security Review, 34(6), 1333-1341. Web.

Janiesch, C., Fischer, M., Winkelmann, A., & Nentwich, V. (2019). Specifying autonomy in the Internet of Things: the autonomy model and notation. Information Systems and e-Business Management, 17(1), 159-194.

Nagel, D., Capurro, R., Britz, J., Hausmanninger, T., Nagenborg, M., Nakada, M., & Weil, F. (2018). Ethical Issues of Networked Toys. International Review of Information Ethics, 27, 1-44.

North-Samardzic, A. (2019). Biometric Technology and Ethics: Beyond Security Applications. Journal of Business Ethics, 1-18.

Ustek-Spilda, F., Powell, A., & Nemorin, S. (2019). Engaging with ethics in Internet of Things: Imaginaries in the social milieu of technology developers. Big Data & Society, 6(2), 1-12.