16-07-2020 | | By Robin Mitchell
Michigan has banned businesses from forcing employees to be microchipped. What are implantable microchips, how do they work, and why has Michigan banned their forced use?
Implantable microchips are RFID devices designed to be implanted into living tissue. Their size is similar to a grain of rice, and consist of a microchip, control circuitry, and an antenna. Using RFID technology, these chips do not require a power source as the power is provided by readers wirelessly. The physical construction of the implant has to be biologically inert. Otherwise, it would trigger an immune response with the body rejecting the implant. This is achieved using a glass compound called BioGlass, which is comprised of calcium sodium phosphosilicate.
These devices are used extensively with pets such as cats and dogs so that the implanted ID can provide information to local authorities should a stray animal be found. Such devices can also be implanted into humans, and provide a wealth of possible applications. For example, simple RFID devices can be used to store a unique ID that allows users to purchase goods without the need for a card or PIN, or provide certain employees of business access to restricted areas using automated doors. A more complex RFID could be used to store critical medical information such as allergies, blood types, and DNRs. This could be the difference between life and death, whereby individuals prone to medical issues could be quickly identified and helped in an emergency. Of course, RFID devices implanted into humans does carry risks mostly surrounding privacy.
If it's one thing that the end of the 2010s revealed was the value of privacy, and how many in society want to retain it at all costs. For example, the COVID-19 pandemic saw the creation of track-and-trace apps, but these have suffered from both low usage and privacy concerns. For example, the UK government refused to use the system being developed by Apple and Google in favour of a custom centralised solution. However, the project has now been cancelled for several factors, including the refusal by Apple and Google to allow a privacy breaching app to run on their platforms. The same concerns surround the use of implantable RFID systems; anyone with a reader can access at the very least your UID. This is where the fundamental argument against such systems form; you are no longer in control of your data, and it can be accessed against your will.
A UID in itself may seem to be harmless, but a UID that can automatically be collected means you can automatically be identified. If this UID is then linked to visited locations and purchases, then suddenly you can start to create a profile of the said individual. If taken further, the UID can be used against an individual via blackmail if the UID was traced back to visited locations one may want to keep private. However, RFIDs could easily be made to store more information which could easily hold private data such as medical information that some may wish to keep private.
While its adoption is still minuscule, there are companies around the world exploring the use of RFID systems with employees. Currently, there is no evidence showing that any employee has been forced to have an implant (which is not a particularly nice procedure). Still, the state of Michigan have anticipated the use of RFID and stayed ahead of the curve with their new law.
To ensure that businesses cannot force their employees to be implanted with RFID devices, the state of Michigan has brought into law, a bill that bans the use of forced devices. While those devices have been used by companies to allow employees keyless entry into areas, and use vending machines, there is growing concern that those RFID devices will leave employees at privacy risks. There is also a growing concern that companies will use the devices to track their employees' movements. The ability to track their movement does have advantages with regards to health and safety, but that same data can easily be used in surveillance practices. There is also the concern that outside attackers may try to obtain this information. The bill, called the Microchip Protection Act (House Bill 5672), does still allow for employees to be tagged, but only if they consent.
However, an argument in favour of RFID devices can be made when considering high-security sectors. For example, a defence company will have different levels of security depending on the department, and it is safe to assume that R&D would have one of the highest levels. While key cards do provide the ability to give each employee different security levels, they can be lost or stolen. RFID systems can mitigate against this as an RFID chip when implanted, cannot be lost.
The state of Michigan does not currently have any companies that use RFID devices in their employees, but the move to bring in the ban is preventative to protect the privacy rights of workers.