The views expressed by contributors are their own and not the view of The Hill

Human microchip implants take center stage

The novelty of replacing one’s “home key” with a microchip implant is gaining worldwide interest, but there’s another more compelling story under the surface. Why is this technology — an integrated circuit the size of a grain of rice — reviled by some and celebrated by self-proclaimed human cyborgs?

Arguably, William Shakespeare’s “Hamlet” offers the most elegant explanation: “Nothing is neither good nor bad, but thinking makes it so.” However, it would be prudent to tell Prince Hamlet that not all microchip implants are designed alike, and understanding the technological design enables one to better evaluate the competing viewpoints. Today, more than 50,000 people have elected to have a subdermal chip surgically inserted between the thumb and index finger, serve as their new swipe key, or credit card. In Germany, for example, more than 2,000 Germans have opted to receive these implants; one man even used it to store a link to his last will and testament. As chip storage capacity increases, perhaps users could even link to the complete works of Shakespeare.

Chip implants are just one of the many types of emerging technologies in the Internet of Things (IoT) — an expanding digital cosmos of wirelessly connected internet-enabled devices. Some technologists are worried, however, that hackers targeting IoT vulnerabilities in sensors and network architecture also may try to hack chip implants. Radio-frequency identification (RFID) chips are identifying transponders that typically carry a unique identification number and can be tagged with user data such as health records, social media profiles, and financial information.

RFID chips are passive transponders, which means the digital reader must be positioned a few inches away from the user’s microchipped hand to communicate. In contrast, near field communication (NFC) chips use electromagnetic radio fields to wirelessly communicate to digital readers in close proximity, much like smartphones and contactless credit cards. A benefit of NFC over RFID is international use, reasons Biohax: “With the power of existing infrastructure and the wide variety of services and products already supporting the NFC standard globally, one huge benefit of ours is that we overlap virtually any private or public sector already using NFC or mobile tech.”

According to a 2021 United Kingdom-based consumer survey by Propeller Insights on digital payment trends in Europe, 51 percent of the approximately 2,000 respondents said they would consider getting a chip implant to pay for services. This technology is especially popular in Sweden as a substitute for paying with cash. “Only 1 in 4 people living in Sweden use cash at least once a week,” writes NPR. More than 4,000 Swedes have replaced keycards for chip implants to use for gym access, e-tickets on railway travel, and to store emergency contact information.

The technology also may offer increased mobility for people with physically limiting health conditions, such as rheumatoid arthritis, multiple sclerosis, and motor neurone disease, according to BioTeq, a UK-based tech firm. For example, “a wheelchair-mobile person can approach a door and the reader will unlock the door, avoiding the need for keys that the person may not be able to use for themselves.” BioTeq is also exploring providing microchip services for those who are visually impaired to create “trigger audible or touch-sensory signals” in the home. Despite these benefits, the Bulletin of the Atomic Scientists avers that the main challenges to chip implants are security, safety and privacy.

A general security concern with NFC technology is that it could allow third parties to eavesdrop on device communication, corrupt data, or wage interception attacks, warns NFC.org.  Interception attacks are when someone intercepts the data transmitted between two NFC devices and then alters the data as it’s being relayed. Like any device, these personal chips have security vulnerabilities and potentially could be hacked, even if embedded underneath the skin.

With regard to health safety concerns, a 2020 study with the American Society for Surgery of the Hand indicated that RFID chip implants may carry potential health risks such as adverse tissue reaction and incompatibility with some magnetic resonance imaging (MRI) technology. Several social scientists also are apprehensive about the risks to privacy and human rights if the body becomes a type of “human barcode.” According to microbiologist Ben Libberton at Stockholm’s Karolinska Institute, chip implants can reveal sensitive personal information about your health and even “data about your whereabouts, how often you’re working, how long you’re working, if you’re taking toilet breaks and things like that.” Interestingly, the first person to implant a microchip in himself was professor Kevin Warwick of Reading University in 1998; he wanted to determine whether his computer could wirelessly track his movements at work.

To date, at least 10 state legislatures in the United States have passed statutes to ban employers from requiring employees to receive human microchip implants. The most recent state was Indiana, which prohibited employers from requiring employees to be chipped as a condition of employment and discriminating against job applicants who refuse the implant. Nevada’s legislation is the most restrictive — although not a total ban, as proposed in 2017, Nevada Assembly Bill 226 prohibits an officer or employee of Nevada from “establishing a program that authorizes a person to voluntarily elect to undergo the implantation of such a microchip or permanent identification marker.”

As the impact and influence of chip implants increases in the United States, it will raise complex questions for state legislatures and courts to consider, such as third-party liability for cybersecurity, data ownership rights, and Americans’ rights under the Fourth Amendment and the protection of sensitive digital data under the Supreme Court’s 2018 decision in Carpenter v. United States.

Microchips offer alluring benefits of convenience and mobility, but they carry potential cybersecurity, privacy and health risks. The onus cannot be on the law alone, however, to protect consumers. Instead, it is a shared responsibility among consumers to understand their data rights as part of digital literacy, and among technologists to promote cybersecurity-informed engineering at each phase of product development. Further, lawmakers must be mindful of the delicate balance between protecting the flame of technological innovation and advancement, while guarding against misapplication and abuse. As technology historian Melvin Kranzberg noted, “Technology is neither good nor bad, nor is it neutral.”

Zhanna L. Malekos Smith is a nonresident adjunct fellow with the Strategic Technologies Program at the Center for Strategic and International Studies (CSIS) in Washington and an assistant professor in the Department of Systems Engineering at the U.S. Military Academy at West Point, where she also is a Cyber Law and Policy Fellow with the Army Cyber Institute and affiliate faculty with the Modern War Institute. The opinions expressed here are solely those of the author and not those of CSIS, the U.S. government or Department of Defense.