The VeriChip is produced by Applied Digital Solutions, a Florida based digital technology development company. It is an implantable device about the size of the tip of a ballpoint pen. It was designed to be implanted under the skin above other medical implanted devices (such as pacemakers) to allow the retrieval and update of settings for the device, to be implanted to store medical information about a person so that emergency personnel can obtain medical history even if the person is not able to convey it, and to be a source of security (just as fingerprints, retinal scans, and voice patterns are).
This case is intended to show the possible ethical issues facing a software engineer working on a VeriChip system and the ethical issues surrounding the VeriChip in general. While the following case does not incorporate all possible uses of the VeriChip it should adequately model a possible situation that could occur.
It has been 5 years since the FDA approval of the VeriChip. Since its release sales of the VeriChip have sky rocketed. Much of this was due to the events that occurred on 11 September 2001, the government has been promoting the VeriChip because not only does it help emergency personnel by giving the immediate access to medical records but it could also assist them in identifying persons in the event of a catastrophe. At this time it is estimated that 75% of Americans have the implantable VeriChip.
Bob Johnson worked for ADS designing and building VeriChip Scanners for 3 ˝ years. He left ADS and for the last year and a half has been working as an independent contractor on VeriChip systems. During this time he has worked on and successfully completed several VeriChip systems for various medical institutions.
Bob is approached by SBC, a large research and development corporation, about the possibility of implementing a security system for their world headquarters that uses VeriChip technology. They want to have a system designed that will utilize walkthrough scanners to verify whether or not personnel have access to certain areas. SBC has a number of highly secure areas and feels that an identification system utilizing VeriChip technology would be more efficient and secure than the standard pass card system.
Bob has told SBC that he needs some time to consider the offer. While considering Bob thinks of a number of ways that this security system could be put to misuse. For example, if SBC were to require all persons entering their building to pass through a scanner, they would have access to information on everyone who entered their building whether an employee or not. It is also possible that this information could be used by SBC to influence their hiring practices based on medical history.
It seems that the VeriChip allows many people access to information that they should not have, does this create any ethical problems with the VeriChip? Should Bob build the system? If SBC is going to replace the traditional pass card security system with a VeriChip security system it would seem that SBC would have to require all of their employees to get the VeriChip. ADS will set up a central database that is accessible from the Internet that will store personal information?
Bob has a wide variety of options available to him that range from simply refusing to build the system to intentionally limiting it in some very critical way. SBC Corp has a definite need for security and they believe the VeriChip is their best choice, both because of the difficulty to modify it and the sheer number of people who already have the chip installed. There are several major ethical issues with Bob’s situation that require careful consideration to make sure the solution is in the best interests of all the parties involved. The stakeholders in this case include Bob, SBC (the corporate entity), SBC’s employees, and the public.
The most important ethical issue that Bob must deal with is the privacy issues surrounding the use of the VeriChip for more than just identification. The VeriChip scanners that Bob has engineered/developed commonly retrieve all information from the VeriChip and not just the identification information. This is a serious privacy risk for all the employees at SBC Corp. considering that their supervisors could get access to their medical history. This is inconsistent with principles 1.03 and 3.12 of the SE Code of Ethics, which both essentially states that a software product should not diminish the privacy of the public. If the VeriChip scanner were built for SBC to the same specifications as hospitals in which Bob has worked, then SBC would then be able to find out if any of their employees are seeking help for depression, taking medications that might impair alertness, among other important factors.
The second major ethical issue arises if SBC decides to make the VeriChip device mandatory for all their employees. Religions such as Jehovah’s Witnesses refuse to implant any such device in their bodies and it would be unethical, not to mention unlawful, for SBC to terminate their employment for just such a reason. If Bob does not bring this issue to the attention of SBC, he would be in violation of principles 1.04, 2.06, and 2.07 that state that Bob should disclose any issues that he perceives as detrimental to the project.
Bob has several options at his disposal in deciding if and how to implement the VeriChip security system. If Bob refuses the offer to build their security system, SBC will obviously pursue other ways to obtain the system of their choice. This would only result in Bob losing a very lucrative business opportunity, while neither SBC’s employees nor the public’s privacy interests might better be represented with another development company. This is definitely a “lose-lose situation” for the majority of the stakeholders involved in this case.
Another option Bob has available to him is limiting the scanner used in the system. His experience in building scanners for the VeriChip would definitely be an asset to this kind of solution. One modification could be that the scanner only validates identity instead of reading all available information on the VeriChip. This would be an ideal solution because it protects both the employee’s privacy and SBC from possible litigation about accessing/archiving medical information on their employees. This is a definite limitation of the abilities of the VeriChip but it is a much more legal and ethical solution than installing the system with everything enabled.
There are several issues that Bob should consult with SBC about before making any decisions about this potential contract. The first and possibly most important issue is, “Will the VeriChip implants be mandatory for all employees?” Given the background on the VeriChip, SBC may intend to capitalize on the large number of people who already have the implant installed. Employees in highly secure areas typically have high paying jobs and enforcing the implant as a condition of employment is a violation of their constitutional rights. Another issue of discussion might include, “Which areas should the VeriChip walk-through scanners protect?” By isolating the most security sensitive areas Bob would be able to limit both the expected cost of both the system and the implants of VeriChips in the employees of those areas.
Given the situation proposed in the background, it is somewhat unlikely that most employees of SBC would object to obtaining the VeriChip if it were implanted completely free of charge, or covered by SBC’s medical insurance plan. The main reason for this is convenience, as employees of secure areas often rely on various keycards, magnetic stripes, passwords, and other methods of authentication that are easily lost or forgotten. There are always exceptions, such as the Jehovah’s Witnesses example above, and an employee could not be forced to be implanted with the chip as a condition of employment.
If Bob reaches an agreement with SBC on how the system should be developed, and has discussed the various ethical and legal concerns with them prior to developing the system then he has done his best to adhere to the SE Code of Ethics. By discussing the possible drawbacks to the system as well as his concerns about the legality and privacy of SBC’s employees, it seems that Bob will have fulfilled his ethical obligation to the SE Code of Ethics as well as his professional obligations to SBC.
The ethical concerns about privacy in the workplace are still being defined , but this hypothetical case is alarming, to say the least. Technologies that promise convenience and ease of use are adopted fairly rapidly in American society, and a 75% implant rate as described in the background is quite possible. The VeriChip has frightening implications, however, that it could be used in tracking and identification, as well as an “eye in the sky” that could follow you everywhere you went. Such technology must be used responsibly and ethically to ensure that such abuses of the system are minimized if not totally eliminated. The security system that SBC wishes to utilize is feasible given the hypothetical situation above, but the VeriChip technology was not originally intended for such uses. Like many technological advances, the VeriChip itself is quite useful and helpful to society at large, but the alternative applications of it may very well prove to be unlawful, unethical, or both. This new technology blinds us to secondary issues. What happens when someone leaves the company? Must they undergo surgery to have the VeriChip removed?
Copyright 2002 J. Ivey, D. Peters, and M. Stout. This case may be published without permission and at no cost as long as it carries the copyright notice.
Applied Digital Solutions, http://www.adsx.com/prodservpart/verichip.html
Jim Goldman (2002). Florida Family to Get VeriChip. TechTV: http://www.techtv.com/news/culture/story/0,24195,3372523,00.html
Medical Record Privacy. Electronic Frontier Foundation: http://www.epic.org/privacy/medical