SlideShare a Scribd company logo

Legal and privacy implications of IoT

Andres Guadamuz
Andres Guadamuz

Presentation at the IoT Brighton Forum, 23/03/2016

Technology
1 of 15
Download to read offline
L E G A L A N D P R I VA C Y I M P L I C AT I O N S O F I O T D R A N D R E S G U A D A M U Z , U N I V E R S I T Y O F S U S S E X
A P O L O G I E S
A N D S O M E T O I L E T H U M O U R
L E G A L I S S U E S • Cybercrime • Liability • Security • Intellectual property (patents, database and data mining) • Standards • Data protection / privacy
E X I S T I N G L E G A L F R A M E W O R K • Mostly unregulated at the moment. • IoT covered by traditional aspects of the law: Tort, contract, Terms of Use, database rights. • Hacking an IoT device is a criminal offence (Computer Misuse Act). • The most regulated area is data protection.
T H E U K 1 9 9 8 D ATA P R O T E C T I O N A C T • Principles for data controllers, rights for data subjects. • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing. • Restriction on transferring personal data to countries that do not provide adequate data protection.
D ATA S E C U R I T Y E N F O R C E M E N T • Crown Prosecution Service fined £200,000 for data security breach. • Most enforcement orders involve minor incidents (sending email to wrong recipient). • Major incidents on the increase (loss or theft of unencrypted devices).
S A F E H A R B O U R • System enacted to allow enterprises to send data to the United States, which does not provide as a country adequate levels of protection. • Was working until…
M A X I M I L L I A N S C H R E M S V D ATA P R O T E C T I O N C O M M I S S I O N E R ( C - 3 6 2 / 1 4 ) • Austrian law student and privacy advocate Maximilian Schrems initiated legal proceedings against the Irish Data Protection Commissioner (DPC) because he is a European Facebook user, and as such he signed up to the terms of use set by Facebook Ireland, the European subsidiary of the US company. • He claimed that Snowden’s revelations of mass surveillance mean that US does not adequately protect European citizen’s personal data. • Court agreed, and they declare safe harbour agreement invalid.
P R I VA C Y S H I E L D • New system that replaces safe harbour, just signed. • “…effective supervision mechanisms to ensure that companies respect their obligations including sanctions or exclusion if they do not comply”. • Companies with bad security could be excluded and/or fined.
G E N E R A L D ATA P R O T E C T I O N R E G U L AT I O N ( G D P R ) • Will come into effect later this year (July most probably). • Overhauls the existing DP regime, bringing several directives and rights under one roof (cookies, right to be forgotten, etc). • Creates a few new rights, principles and concepts that could apply to IoT. • Existing principles regarding export and security remain.
P R I VA C Y B Y D E S I G N • Art 23 enacts data protection by design and default. • “The controller shall implement appropriate technical and organisational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed…”
F O R T H C O M I N G I O T E U A C T I O N • Commission has agreed to consult industry on next steps. Possible action includes: • Open data • Standardisation and interoperability • Data protection • Telecoms: roaming, spectrum, numbering, etc. • Authentication of objects.
C O N C L U D I N G …
B E WA R E O F G E E K S B E A R I N G G I F T S @ T E C H N O L L A M A

Recommended

Intellectual Property in Cyberspace
Intellectual Property in CyberspaceIntellectual Property in Cyberspace
Intellectual Property in CyberspaceMindaugas Kiskis
 
A Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information TechnologyA Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information TechnologyLaguna State Polytechnic University
 
Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2Neha Raju k
 
Cyberlaws
CyberlawsCyberlaws
Cyberlawsmaneeshchandran1
 
Apt510 legal issues
Apt510 legal issuesApt510 legal issues
Apt510 legal issuesBreonnPooler
 
Policy and Technical Solutions for Online Cross-Border Legal Problems in Asia
Policy and Technical Solutions for Online Cross-Border Legal Problems in AsiaPolicy and Technical Solutions for Online Cross-Border Legal Problems in Asia
Policy and Technical Solutions for Online Cross-Border Legal Problems in AsiaAPNIC
 
The Patriot Act and Cloud Security - Busting the European FUD
The Patriot Act and Cloud Security - Busting the European FUDThe Patriot Act and Cloud Security - Busting the European FUD
The Patriot Act and Cloud Security - Busting the European FUDResilient Systems
 
Introduction privacy and drones130902.pptx (alleen lezen)
Introduction privacy and drones130902.pptx (alleen lezen)Introduction privacy and drones130902.pptx (alleen lezen)
Introduction privacy and drones130902.pptx (alleen lezen)schermerbw
 

Recommended

Intellectual Property in Cyberspace
Intellectual Property in CyberspaceIntellectual Property in Cyberspace
Intellectual Property in CyberspaceMindaugas Kiskis
 
A Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information TechnologyA Case Study on Issues and Violations on Information Technology
A Case Study on Issues and Violations on Information TechnologyLaguna State Polytechnic University
 
Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2Computer forensics and investigation module 1 topic 2
Computer forensics and investigation module 1 topic 2Neha Raju k
 
Cyberlaws
CyberlawsCyberlaws
Cyberlawsmaneeshchandran1
 
Apt510 legal issues
Apt510 legal issuesApt510 legal issues
Apt510 legal issuesBreonnPooler
 
Policy and Technical Solutions for Online Cross-Border Legal Problems in Asia
Policy and Technical Solutions for Online Cross-Border Legal Problems in AsiaPolicy and Technical Solutions for Online Cross-Border Legal Problems in Asia
Policy and Technical Solutions for Online Cross-Border Legal Problems in AsiaAPNIC
 
The Patriot Act and Cloud Security - Busting the European FUD
The Patriot Act and Cloud Security - Busting the European FUDThe Patriot Act and Cloud Security - Busting the European FUD
The Patriot Act and Cloud Security - Busting the European FUDResilient Systems
 
Introduction privacy and drones130902.pptx (alleen lezen)
Introduction privacy and drones130902.pptx (alleen lezen)Introduction privacy and drones130902.pptx (alleen lezen)
Introduction privacy and drones130902.pptx (alleen lezen)schermerbw
 
legal and ethcal issues of e business
legal and ethcal issues of e businesslegal and ethcal issues of e business
legal and ethcal issues of e businessKdnk Kiriti
 
It legislation
It legislationIt legislation
It legislationdoogstone
 
legal aspects in e marketing
legal aspects in e marketinglegal aspects in e marketing
legal aspects in e marketingSHIVANI SINGH
 
AIIM 2015 - Data Privacy
AIIM 2015 - Data PrivacyAIIM 2015 - Data Privacy
AIIM 2015 - Data PrivacyAlan Pelz-Sharpe
 
Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internetmoldovaictsummit2016
 
ECTA - Notification and Takedown in Italy
ECTA - Notification and Takedown in ItalyECTA - Notification and Takedown in Italy
ECTA - Notification and Takedown in ItalyMariano Cunietti
 
Fundamental of copy right law
Fundamental of copy right lawFundamental of copy right law
Fundamental of copy right lawRajalingam Balakrishnan
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Dione McBride, CISSP, CIPP/E
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeDani Ann Eunice Vargas Espelico
 
File000167
File000167File000167
File000167Desmond Devendran
 
Current Privacy and Data Issues (for people who care about open data!)
Current Privacy and Data Issues (for people who care about open data!)Current Privacy and Data Issues (for people who care about open data!)
Current Privacy and Data Issues (for people who care about open data!)EmilyDShaw
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technologyWillislwhite12
 
Chap 4 (1)
Chap 4 (1)Chap 4 (1)
Chap 4 (1)UNIVERSITAS TEKNOKRAT INDONESIA
 
ICANN Contract vs National Law
ICANN Contract vs National LawICANN Contract vs National Law
ICANN Contract vs National LawBlacknight
 
Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)YUSRA FERNANDO
 
The Right to be Forgotten - It's About Time, or is it? (CPDP2014)
The Right to be Forgotten - It's About Time, or is it? (CPDP2014)The Right to be Forgotten - It's About Time, or is it? (CPDP2014)
The Right to be Forgotten - It's About Time, or is it? (CPDP2014)Jausloos
 
An introduction to cyber law
An introduction to cyber lawAn introduction to cyber law
An introduction to cyber lawshreya sanghvi
 
Privacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and AvoidancePrivacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and AvoidanceAmy Purcell
 
Chapter2
Chapter2Chapter2
Chapter2Pibi Lu
 
DAB_IOT_PRIVACY_V2
DAB_IOT_PRIVACY_V2DAB_IOT_PRIVACY_V2
DAB_IOT_PRIVACY_V2David Wright
 
The Privacy Advantage 2016 - Ian Ferguson
The Privacy Advantage 2016 - Ian FergusonThe Privacy Advantage 2016 - Ian Ferguson
The Privacy Advantage 2016 - Ian FergusonKrowdthink
 
What hope for privacy in an IoT world?
What hope for privacy in an IoT world? What hope for privacy in an IoT world?
What hope for privacy in an IoT world? kotahinet
 

More Related Content

What's hot

legal and ethcal issues of e business
legal and ethcal issues of e businesslegal and ethcal issues of e business
legal and ethcal issues of e businessKdnk Kiriti
 
It legislation
It legislationIt legislation
It legislationdoogstone
 
legal aspects in e marketing
legal aspects in e marketinglegal aspects in e marketing
legal aspects in e marketingSHIVANI SINGH
 
Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internetmoldovaictsummit2016
 
ECTA - Notification and Takedown in Italy
ECTA - Notification and Takedown in ItalyECTA - Notification and Takedown in Italy
ECTA - Notification and Takedown in ItalyMariano Cunietti
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Dione McBride, CISSP, CIPP/E
 
Current Privacy and Data Issues (for people who care about open data!)
Current Privacy and Data Issues (for people who care about open data!)Current Privacy and Data Issues (for people who care about open data!)
Current Privacy and Data Issues (for people who care about open data!)EmilyDShaw
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technologyWillislwhite12
 
ICANN Contract vs National Law
ICANN Contract vs National LawICANN Contract vs National Law
ICANN Contract vs National LawBlacknight
 
Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)YUSRA FERNANDO
 
The Right to be Forgotten - It's About Time, or is it? (CPDP2014)
The Right to be Forgotten - It's About Time, or is it? (CPDP2014)The Right to be Forgotten - It's About Time, or is it? (CPDP2014)
The Right to be Forgotten - It's About Time, or is it? (CPDP2014)Jausloos
 
An introduction to cyber law
An introduction to cyber lawAn introduction to cyber law
An introduction to cyber lawshreya sanghvi
 
Privacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and AvoidancePrivacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and AvoidanceAmy Purcell
 
Chapter2
Chapter2Chapter2
Chapter2Pibi Lu
 

What's hot (19)

legal and ethcal issues of e business
legal and ethcal issues of e businesslegal and ethcal issues of e business
legal and ethcal issues of e business
 
It legislation
It legislationIt legislation
It legislation
 
legal aspects in e marketing
legal aspects in e marketinglegal aspects in e marketing
legal aspects in e marketing
 
AIIM 2015 - Data Privacy
AIIM 2015 - Data PrivacyAIIM 2015 - Data Privacy
AIIM 2015 - Data Privacy
 
Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internet
 
ECTA - Notification and Takedown in Italy
ECTA - Notification and Takedown in ItalyECTA - Notification and Takedown in Italy
ECTA - Notification and Takedown in Italy
 
Fundamental of copy right law
Fundamental of copy right lawFundamental of copy right law
Fundamental of copy right law
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
File000167
File000167File000167
File000167
 
Current Privacy and Data Issues (for people who care about open data!)
Current Privacy and Data Issues (for people who care about open data!)Current Privacy and Data Issues (for people who care about open data!)
Current Privacy and Data Issues (for people who care about open data!)
 
Legal issues in technology
Legal issues in technologyLegal issues in technology
Legal issues in technology
 
Chap 4 (1)
Chap 4 (1)Chap 4 (1)
Chap 4 (1)
 
ICANN Contract vs National Law
ICANN Contract vs National LawICANN Contract vs National Law
ICANN Contract vs National Law
 
Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)Chp 05 anonymity, security, privacy and civil liberties (shared)
Chp 05 anonymity, security, privacy and civil liberties (shared)
 
The Right to be Forgotten - It's About Time, or is it? (CPDP2014)
The Right to be Forgotten - It's About Time, or is it? (CPDP2014)The Right to be Forgotten - It's About Time, or is it? (CPDP2014)
The Right to be Forgotten - It's About Time, or is it? (CPDP2014)
 
An introduction to cyber law
An introduction to cyber lawAn introduction to cyber law
An introduction to cyber law
 
Privacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and AvoidancePrivacy and Data Security: Risk Management and Avoidance
Privacy and Data Security: Risk Management and Avoidance
 
Chapter2
Chapter2Chapter2
Chapter2
 

Viewers also liked

DAB_IOT_PRIVACY_V2
DAB_IOT_PRIVACY_V2DAB_IOT_PRIVACY_V2
DAB_IOT_PRIVACY_V2David Wright
 
The Privacy Advantage 2016 - Ian Ferguson
The Privacy Advantage 2016 - Ian FergusonThe Privacy Advantage 2016 - Ian Ferguson
The Privacy Advantage 2016 - Ian FergusonKrowdthink
 
What hope for privacy in an IoT world?
What hope for privacy in an IoT world? What hope for privacy in an IoT world?
What hope for privacy in an IoT world? kotahinet
 
IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015HildebrandTech
 
Institutional CC adoption in GLAM
Institutional CC adoption in GLAMInstitutional CC adoption in GLAM
Institutional CC adoption in GLAMAndres Guadamuz
 
Not fudging nudges: What Internet law can teach regulatory scholarship
Not fudging nudges: What Internet law can teach regulatory scholarshipNot fudging nudges: What Internet law can teach regulatory scholarship
Not fudging nudges: What Internet law can teach regulatory scholarshipChris Marsden
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 

Viewers also liked (8)

DAB_IOT_PRIVACY_V2
DAB_IOT_PRIVACY_V2DAB_IOT_PRIVACY_V2
DAB_IOT_PRIVACY_V2
 
The Privacy Advantage 2016 - Ian Ferguson
The Privacy Advantage 2016 - Ian FergusonThe Privacy Advantage 2016 - Ian Ferguson
The Privacy Advantage 2016 - Ian Ferguson
 
What hope for privacy in an IoT world?
What hope for privacy in an IoT world? What hope for privacy in an IoT world?
What hope for privacy in an IoT world?
 
IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015
 
Institutional CC adoption in GLAM
Institutional CC adoption in GLAMInstitutional CC adoption in GLAM
Institutional CC adoption in GLAM
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
 
Not fudging nudges: What Internet law can teach regulatory scholarship
Not fudging nudges: What Internet law can teach regulatory scholarshipNot fudging nudges: What Internet law can teach regulatory scholarship
Not fudging nudges: What Internet law can teach regulatory scholarship
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 

Similar to Legal and privacy implications of IoT

Individual and Technology
Individual and TechnologyIndividual and Technology
Individual and TechnologyMr Shipp
 
Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...IISPEastMids
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsResilient Systems
 
identifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxidentifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxmckerliejonelle
 
How your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacyHow your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacyTechSoup Canada
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1MohsinMughal28
 
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_ProvidersJon-Michael C. Brook, CISSP
 
IT law : the middle kingdom between east and West
IT law : the middle kingdom between east and WestIT law : the middle kingdom between east and West
IT law : the middle kingdom between east and WestLilian Edwards
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012lilianedwards
 
US eDiscovery v UK eDisclosure
US eDiscovery v UK eDisclosureUS eDiscovery v UK eDisclosure
US eDiscovery v UK eDisclosureJ. David Morris
 
Topic 3 Current Legislation.pptx
Topic 3 Current Legislation.pptxTopic 3 Current Legislation.pptx
Topic 3 Current Legislation.pptxAmandaWeaver21
 
The Countdown is on: Key Things to Know About the GDPR
The Countdown is on: Key Things to Know About the GDPRThe Countdown is on: Key Things to Know About the GDPR
The Countdown is on: Key Things to Know About the GDPRCase IQ
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxtalhajann43
 
GDPR and Blockchain
GDPR and BlockchainGDPR and Blockchain
GDPR and BlockchainSalman Baset
 
International Cybercrime (Part 1)
International Cybercrime (Part 1)International Cybercrime (Part 1)
International Cybercrime (Part 1)GrittyCC
 
The death of data protection
The death of data protection The death of data protection
The death of data protection Lilian Edwards
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obamaLilian Edwards
 

Similar to Legal and privacy implications of IoT (20)

Individual and Technology
Individual and TechnologyIndividual and Technology
Individual and Technology
 
Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
 
A Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
 
identifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docxidentifies several types of devices on which digital evidence could be.docx
identifies several types of devices on which digital evidence could be.docx
 
How your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacyHow your nonprofit can avoid data breaches and ensure privacy
How your nonprofit can avoid data breaches and ensure privacy
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1
 
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
2013.11.30.Brook-CSA_Congress_EU_Avoiding_US_Cloud_Providers
 
IT law : the middle kingdom between east and West
IT law : the middle kingdom between east and WestIT law : the middle kingdom between east and West
IT law : the middle kingdom between east and West
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and Investigation
 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012
 
US eDiscovery v UK eDisclosure
US eDiscovery v UK eDisclosureUS eDiscovery v UK eDisclosure
US eDiscovery v UK eDisclosure
 
Topic 3 Current Legislation.pptx
Topic 3 Current Legislation.pptxTopic 3 Current Legislation.pptx
Topic 3 Current Legislation.pptx
 
The Countdown is on: Key Things to Know About the GDPR
The Countdown is on: Key Things to Know About the GDPRThe Countdown is on: Key Things to Know About the GDPR
The Countdown is on: Key Things to Know About the GDPR
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptx
 
Mbs r35 b
Mbs r35 bMbs r35 b
Mbs r35 b
 
GDPR and Blockchain
GDPR and BlockchainGDPR and Blockchain
GDPR and Blockchain
 
International Cybercrime (Part 1)
International Cybercrime (Part 1)International Cybercrime (Part 1)
International Cybercrime (Part 1)
 
The death of data protection
The death of data protection The death of data protection
The death of data protection
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
 

More from Andres Guadamuz

Do androids dream of electric copyright?
Do androids dream of electric copyright?Do androids dream of electric copyright?
Do androids dream of electric copyright?Andres Guadamuz
 
Metaverse: Some regulatory musings
Metaverse: Some regulatory musingsMetaverse: Some regulatory musings
Metaverse: Some regulatory musingsAndres Guadamuz
 
These are not the Apes you’re looking for: Why copyright and NFTs don’t work ...
These are not the Apes you’re looking for: Why copyright and NFTs don’t work ...These are not the Apes you’re looking for: Why copyright and NFTs don’t work ...
These are not the Apes you’re looking for: Why copyright and NFTs don’t work ...Andres Guadamuz
 
The Web of Time: The Metaverse Reborn
The Web of Time: The Metaverse RebornThe Web of Time: The Metaverse Reborn
The Web of Time: The Metaverse RebornAndres Guadamuz
 
Understanding the NFT Ecosystem
Understanding the NFT Ecosystem Understanding the NFT Ecosystem
Understanding the NFT Ecosystem Andres Guadamuz
 
Non-fungible tokens (NFTs)
Non-fungible tokens (NFTs)Non-fungible tokens (NFTs)
Non-fungible tokens (NFTs)Andres Guadamuz
 
Ceci n’est pas une pipe: Adventures in NFT-land
Ceci n’est pas une pipe: Adventures in NFT-landCeci n’est pas une pipe: Adventures in NFT-land
Ceci n’est pas une pipe: Adventures in NFT-landAndres Guadamuz
 
Contratos inteligentes en las industrias creativas
Contratos inteligentes en las industrias creativasContratos inteligentes en las industrias creativas
Contratos inteligentes en las industrias creativasAndres Guadamuz
 
Ai and copyright: the way forward
Ai and copyright: the way forwardAi and copyright: the way forward
Ai and copyright: the way forwardAndres Guadamuz
 
AI Copyright international perspective
AI Copyright international perspectiveAI Copyright international perspective
AI Copyright international perspectiveAndres Guadamuz
 
Do Androids Dream of Electric Copyright?
Do Androids Dream of Electric Copyright?Do Androids Dream of Electric Copyright?
Do Androids Dream of Electric Copyright?Andres Guadamuz
 
Cyber-dystopianism: The Internet seen through the lens of nightmares
Cyber-dystopianism: The Internet seen through the lens of nightmaresCyber-dystopianism: The Internet seen through the lens of nightmares
Cyber-dystopianism: The Internet seen through the lens of nightmaresAndres Guadamuz
 
All watched over machines of loving grace amsterdam
All watched over machines of loving grace amsterdamAll watched over machines of loving grace amsterdam
All watched over machines of loving grace amsterdamAndres Guadamuz
 
All watched over machines of loving grace
All watched over machines of loving graceAll watched over machines of loving grace
All watched over machines of loving graceAndres Guadamuz
 
Ready player cat: Internet regulation in the OASIS
Ready player cat: Internet regulation in the OASISReady player cat: Internet regulation in the OASIS
Ready player cat: Internet regulation in the OASISAndres Guadamuz
 
Ai, data and big data: ownership and protection
Ai, data and big data: ownership and protectionAi, data and big data: ownership and protection
Ai, data and big data: ownership and protectionAndres Guadamuz
 

More from Andres Guadamuz (20)

Do androids dream of electric copyright?
Do androids dream of electric copyright?Do androids dream of electric copyright?
Do androids dream of electric copyright?
 
Distinctive brands game
Distinctive brands gameDistinctive brands game
Distinctive brands game
 
AI Copyright Authorship
AI Copyright AuthorshipAI Copyright Authorship
AI Copyright Authorship
 
Metaverse: Some regulatory musings
Metaverse: Some regulatory musingsMetaverse: Some regulatory musings
Metaverse: Some regulatory musings
 
These are not the Apes you’re looking for: Why copyright and NFTs don’t work ...
These are not the Apes you’re looking for: Why copyright and NFTs don’t work ...These are not the Apes you’re looking for: Why copyright and NFTs don’t work ...
These are not the Apes you’re looking for: Why copyright and NFTs don’t work ...
 
The Web of Time: The Metaverse Reborn
The Web of Time: The Metaverse RebornThe Web of Time: The Metaverse Reborn
The Web of Time: The Metaverse Reborn
 
Understanding the NFT Ecosystem
Understanding the NFT Ecosystem Understanding the NFT Ecosystem
Understanding the NFT Ecosystem
 
Non-fungible tokens (NFTs)
Non-fungible tokens (NFTs)Non-fungible tokens (NFTs)
Non-fungible tokens (NFTs)
 
Ceci n’est pas une pipe: Adventures in NFT-land
Ceci n’est pas une pipe: Adventures in NFT-landCeci n’est pas une pipe: Adventures in NFT-land
Ceci n’est pas une pipe: Adventures in NFT-land
 
Contratos inteligentes en las industrias creativas
Contratos inteligentes en las industrias creativasContratos inteligentes en las industrias creativas
Contratos inteligentes en las industrias creativas
 
Ai and copyright: the way forward
Ai and copyright: the way forwardAi and copyright: the way forward
Ai and copyright: the way forward
 
FALL: or Dodge in Hell
FALL: or Dodge in HellFALL: or Dodge in Hell
FALL: or Dodge in Hell
 
AI Copyright international perspective
AI Copyright international perspectiveAI Copyright international perspective
AI Copyright international perspective
 
Do Androids Dream of Electric Copyright?
Do Androids Dream of Electric Copyright?Do Androids Dream of Electric Copyright?
Do Androids Dream of Electric Copyright?
 
Copyright and Art
Copyright and ArtCopyright and Art
Copyright and Art
 
Cyber-dystopianism: The Internet seen through the lens of nightmares
Cyber-dystopianism: The Internet seen through the lens of nightmaresCyber-dystopianism: The Internet seen through the lens of nightmares
Cyber-dystopianism: The Internet seen through the lens of nightmares
 
All watched over machines of loving grace amsterdam
All watched over machines of loving grace amsterdamAll watched over machines of loving grace amsterdam
All watched over machines of loving grace amsterdam
 
All watched over machines of loving grace
All watched over machines of loving graceAll watched over machines of loving grace
All watched over machines of loving grace
 
Ready player cat: Internet regulation in the OASIS
Ready player cat: Internet regulation in the OASISReady player cat: Internet regulation in the OASIS
Ready player cat: Internet regulation in the OASIS
 
Ai, data and big data: ownership and protection
Ai, data and big data: ownership and protectionAi, data and big data: ownership and protection
Ai, data and big data: ownership and protection
 

Recently uploaded

The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 

Recently uploaded (20)

The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 

Legal and privacy implications of IoT

  • 1. L E G A L A N D P R I VA C Y I M P L I C AT I O N S O F I O T D R A N D R E S G U A D A M U Z , U N I V E R S I T Y O F S U S S E X
  • 2. A P O L O G I E S
  • 3. A N D S O M E T O I L E T H U M O U R
  • 4. L E G A L I S S U E S • Cybercrime • Liability • Security • Intellectual property (patents, database and data mining) • Standards • Data protection / privacy
  • 5. E X I S T I N G L E G A L F R A M E W O R K • Mostly unregulated at the moment. • IoT covered by traditional aspects of the law: Tort, contract, Terms of Use, database rights. • Hacking an IoT device is a criminal offence (Computer Misuse Act). • The most regulated area is data protection.
  • 6. T H E U K 1 9 9 8 D ATA P R O T E C T I O N A C T • Principles for data controllers, rights for data subjects. • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing. • Restriction on transferring personal data to countries that do not provide adequate data protection.
  • 7. D ATA S E C U R I T Y E N F O R C E M E N T • Crown Prosecution Service fined £200,000 for data security breach. • Most enforcement orders involve minor incidents (sending email to wrong recipient). • Major incidents on the increase (loss or theft of unencrypted devices).
  • 8. S A F E H A R B O U R • System enacted to allow enterprises to send data to the United States, which does not provide as a country adequate levels of protection. • Was working until…
  • 9. M A X I M I L L I A N S C H R E M S V D ATA P R O T E C T I O N C O M M I S S I O N E R ( C - 3 6 2 / 1 4 ) • Austrian law student and privacy advocate Maximilian Schrems initiated legal proceedings against the Irish Data Protection Commissioner (DPC) because he is a European Facebook user, and as such he signed up to the terms of use set by Facebook Ireland, the European subsidiary of the US company. • He claimed that Snowden’s revelations of mass surveillance mean that US does not adequately protect European citizen’s personal data. • Court agreed, and they declare safe harbour agreement invalid.
  • 10. P R I VA C Y S H I E L D • New system that replaces safe harbour, just signed. • “…effective supervision mechanisms to ensure that companies respect their obligations including sanctions or exclusion if they do not comply”. • Companies with bad security could be excluded and/or fined.
  • 11. G E N E R A L D ATA P R O T E C T I O N R E G U L AT I O N ( G D P R ) • Will come into effect later this year (July most probably). • Overhauls the existing DP regime, bringing several directives and rights under one roof (cookies, right to be forgotten, etc). • Creates a few new rights, principles and concepts that could apply to IoT. • Existing principles regarding export and security remain.
  • 12. P R I VA C Y B Y D E S I G N • Art 23 enacts data protection by design and default. • “The controller shall implement appropriate technical and organisational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed…”
  • 13. F O R T H C O M I N G I O T E U A C T I O N • Commission has agreed to consult industry on next steps. Possible action includes: • Open data • Standardisation and interoperability • Data protection • Telecoms: roaming, spectrum, numbering, etc. • Authentication of objects.
  • 14. C O N C L U D I N G …
  • 15. B E WA R E O F G E E K S B E A R I N G G I F T S @ T E C H N O L L A M A