IoT-NGIN Ethics Compliance

IoT-NGIN Ethics Evaluation

Internet of Things (IoT) is one of the quickest developing segments within the ICT ecosystem. However, due to numerous positive effects of the IoT this concept generates societal and economic challenges. One of the greatest challenges is to leverage existing technology strengths to develop solutions that sustain the European industry as well as European values.

The IoT-NGIN project applies novel research and innovation concepts, acting as the “IoT Engine” that will fuel the Next Generation of IoT as a part of the European Next Generation Internet. The IoT Engine has multifold benefits contributing not only to the tech domain but broader social context.

Since the IoT-NGIN project is an EU funded project, all project actions shall comply with ethical principles and relevant Union, national and international legislation, including the  Charter of Fundamental Rights of the European Union and the European Convention on Human Rights and its Supplementary Protocols. For satisfying the high legal and ethical standards the IoT-NGIN has gone through the process known as the Ethics Appraisal Schema. The main objective of this process is to evaluate all relevant project factors that could bring about ethical challenges.

The IoT-NGIN Ethics Appraisal Process

The implementation of the EU Ethics Appraisal Process allowed the IoT-NGIN to be processed more easily during the selection procedure. Also, it ensures compliance with applicable international, EU and national law; contributes to the responsible implementation of the IoT-NGIN project thereby increasing its social acceptance; and allows the project results to be published more easily in internationally refereed journals (especially important for research projects).

IoT-NGIN Ethics Compliance Challenges

Before the official start of the IoT-NGIN project, the Ethics Review (the sub-process of the Ethics Appraisal Scheme) has been conducted. The ethics reviewer has identified several ethical challenges grouped in the following four categories:

Research activities involving humans

Ethics review has found that procedures and criteria used to identity/recruit participants must be developed/improved. Also, project partners had to develop informed consent procedures that will be implemented for the participation of humans.  Finally, informed consent/assent form and information sheet had to be created.

Protection of personal data

Project partners had to appoint a Data Protection Officer (DPO) and the contact details of the DPO had to be made available to all data subjects involved in the research. For host institutions not required to appoint a DPO under the GDPR a detailed data protection policy for the project had to be submitted. Also, project partners that process personal data within their activities had to explain how all of the data they intend to process is relevant and limited to the purposes of the research project as well as whether and why the research data will not be anonymized/pseudonymized. A description of the technical and organizational measures including anonymization/pseudonymization techniques that will be implemented to safeguard the rights and freedoms of the data subjects/research participants had to be explained.

In cases the research involves profiling, project partners had to provide explanation how the data subjects will be informed of the existence of the profiling, its possible consequences and how their fundamental rights will be safeguarded. Finally, in case of further processing of previously collected personal data an explicit confirmation that the beneficiary has lawful basis for the data processing and that the appropriate technical and organizational measures are in place to safeguard the rights of the data subjects had to be submitted.

Misuse of research findings

The requirement related to the misuse of the research findings imposed the risks assessments as well as providing details about measures for prevention of misuse of research findings.

Environmental protection and safety

The ethics reviewer has requested information about the possible harm to the environments tested in the different trials caused by the research and the measures that will be taken to mitigate the risks. Also, the project partners engaged in research activities had to demonstrate that appropriate health and safety procedures conforming to relevant local/national guidelines/legislation are followed by staff involved in IoT-NGIN project.

IoT-NGIN Ethics Compliance: roles & responsibilities

Due to its transversal nature, ethics has significant importance for all working packages and tasks within the project. From the formal point of view, the ultimate responsibility for ethics compliance should be assigned to the project coordinator. Nevertheless, it is worth stressing that Privanova as an expert organization is dedicated to ensuring compliance with privacy, data protection and ethics principles within the IoT-NGIN. Privanova supports the Project Consortium during the research & innovation phase and the implementation of the final solution. In addition, all project partners are responsible to carry out their research activities in compliance with ethical and legal standards. Therefore, all project partners are expected to follow instructions provided by the expert organization and the coordinator. Finally, collaborative work is essential for solving any ethical and legal compliance challenges.

How we did it: IoT-NGIN Ethics Compliance Strategy

The regulatory framework that serves as the source of self-regulation for research activities carried out within IoT-NGIN has been established. For this purpose, the relevant legal and ethical requirements are outlined, interpreted, organized, and properly structured. They are documented and recognized by the Consortium as important sources for the project regulation. Therefore, all project partners should follow the requirements laid down by these sources and consult the them when it is necessary. In addition, as per need ad hoc opinions and advice related to legal and ethical issues are provided by Privanova.

Led by the project coordinator, project partners have been working on deliverables that contain all relevant information and documents to satisfy ethical requirements requested by the ethics reviewer. It is important to underline that the development and submission of these deliverables in due time is not just a ‘checkbox task’. These deliverables confirm the dedication and efforts of all project partners to conduct research activities, achieve the project goals, and realize the IoT-NGIN in accordance with the highest legal and ethical standards.

IoT-NGIN Ethics Compliance Monitoring

Monitoring ethics compliance is the foundation of a stable structure for steering the project realization. Also, it contributes to the successful realization of the project tasks and the development of the project deliverables. As the project advances from the initial phase (requirements identification and analysis) and goes toward an active development and afterwards final phases, the nature of compliance activities will shift from the interpretation and implementation of the received Ethics Requirements towards continuous monitoring of agreed solutions that satisfy the requirements. Thus, compliance monitoring is one of the core aspects of compliance management. It must be stressed that compliance monitoring is not an exclusive task of project partners (actually some of them). In projects of this kind, it is possible for project partners to establish external bodies such as Security Advisory Board or Ethics Advisory Board. These bodies can be consulted about ethical and legal issues and take an active role in compliance monitoring.