A Port in the Data-Sharing Storm: The GDPR and the Internet of Things
44 Pages Posted: 19 Oct 2018 Last revised: 21 Oct 2018
Date Written: October 10, 2018
The onward march of the ‘Internet of Things’ (IoT) heralds an all-encompassing data-driven society where the collection, analysis, sharing, and retention of personal data by service providers, machines, and objects will be pervasive and ubiquitous, thereby normalizing sustained data gathering from any source possible. In other words, the full realisation of the IoT would best be described as a data-sharing storm where there are no controls or safeguards on what data is shared, who it is shared with, or for what purposes data is used or re-used. As a legal framework that stipulates key principles and safeguards that must be employed when processing of personal data takes place within its application, the EU General Data Protection Regulation (GDPR) represents a port in the data-sharing storm put forward by this vision of the IoT. More specifically, this article examines what role the recent major upgrade of EU data protection law, under the GDPR, may play in addressing the data protection implications and challenges posed by the IoT.
Keywords: Accountability; AI; EU Data Protection Law; Data Portability; Data Privacy; Data Security; GDPR; Internet of Things (IoT); Transparency
Suggested Citation: Suggested Citation