How much control do we have over how companies, such as Google, collect and use your information? What mechanisms are in place to protect our data against misuse?
In Europe, our data is protected by a relatively new set of rules known as the General Data Protection Regulation (GDPR). Essentially, this means Europe is covered by the world's strongest set of data protection laws, at the moment.
GDPR alters how businesses and public sector organisations can handle the information of their customers. It also boosts the rights of individuals and gives them more control over their information Burgess (2019).
GDPR was introduced as an important update to the previous set of rules, bringing about the greatest change to European data security in the past 20 years. The 1995 Data Protection Directive had become significantly outdated as society and technology continue to rapidly develop, as do products and services we use every day. Products that exist today, such as smart home appliances, have completely changed the view on individuals data and how it is managed by big corporations. GDPR acts as the first step in evolution. However, these rules are only specific to those who reside in Europe. "In the European Union, data protection is considered a fundamental right, which can have far-reaching consequences in all 28 member states" (Scott et. al, 2016).
When collecting my personal data from my Internet of Things devices in my home, all devices were communicating with their home countries, the country the company was set up in - for example, Google Home speakers would communicate with servers in California, USA. This isn't unusual, but I also noticed some of my IoT devices would communicate with places, such as Taiwan, Republic of Korea, Albania, and much more. And for this reason, I am conducting research into the laws that govern our data when they enter these 'unusual' countries.
Article 3 of the GDPR states: if personal data, or behavioral information, is collected from someone in an EU country, the company is subject to the requirements of the GDPR.
The research I am conducting now will explore the data protection laws of these countries, as GDPR stops outside Europe. I aim to expose this knowledge through my interface as the user uses my IoT Scanner Tool.
How does GDPR affect the Internet of Things?
Philips Hue Range: As one of the first smart lighting kits to hit the market, the Hue was an early success in mainstream smart home accessories. One popular feature is the ability to control your lights from anywhere using the Philips Hue App. Philips adapted to the GDPR by requiring users to re-login to their service.
United States
There is no single principal data protection legislation in the United States. Rather, a jumble of hundreds of laws enacted on both the federal and state levels serve to protect the personal data of U.S. residents. worl
Bibliography List:
Phil Lee (2017).The differences between EU and US data protection laws. Available at: https://www.youtube.com/watch?v=-_zLeGKHOpc (Accessed: 27 November 2019).
Scott, M. and Singer, N. (2016). How Europe Protects Your Online Data Differently Than the U.S. Available at: https://www.nytimes.com/interactive/2016/01/29/technology/data-privacy-policy-us-europe.html (Accessed: 27 November 2019).
Buckley, I. (2018). How Could the GDPR Affect Smart Home Devices? 2 Examples of Downed Services. Available at: https://www.makeuseof.com/tag/smart-home-devices-gdpr/ (Accessed: 27 November 2019).
Faitelson, Y. (2017). Council Post: Yes, The GDPR Will Affect Your U.S.-Based Business. Available at: https://www.forbes.com/sites/forbestechcouncil/2017/12/04/yes-the-gdpr-will-affect-your-u-s-based-business/ (Accessed: 27 November 2019).
Reference List:
Burgess, M. (2019). What is GDPR? The summary guide to GDPR compliance in the UK. Available at: https://www.wired.co.uk/article/what-is-gdpr-uk-eu-legislation-compliance-summary-fines-2018 (Accessed: 27 November 2019).
International Comparative Legal Guides International Business Reports. (2019). Data Protection 2019. Available at: https://iclg.com/practice-areas/data-protection-laws-and-regulations/usa (Accessed: 27 November 2019).
Comments