SlideShare a Scribd company logo

Warsaw IT & Privacy Seminar: IoT Legal Issues

Download as PPTX, PDF
Darek Czuchaj
Darek Czuchaj

This document summarizes a seminar on legal issues related to the Internet of Things. It discusses definitions of IoT, categories of data collected, applicable laws around personal data protection, telecommunications, and cybersecurity. It also examines issues around determining data controllers, anonymizing personal data, critical infrastructure regulations, and ownership of IoT-collected business data.

Law
1 of 23
Warsaw IT & Privacy Seminar Internet of Things and the legal issues Dariusz Czuchaj, Senior Associate Karol Laskowski, Senior Associate
IoT and the expectations 2015 2 Source: Gartner Inc. : http://na2.www.gartner.com/imagesrv/newsroom/images/HC_ET_2014.jpg
What is „Internet of Things” 2015 3 uniquely identifiable embedded computing devices • directly or indirectly process data connected to telecommunication networks
Categories of data 2015 4 Related to a thing/state Related to a person Related to a person’s health, etc.
Applicable laws 2015 5 •Protection of personal data •Telecommunication laws •Cybersecurity •Ownership
Personal data
What is personal ? 2015 7 „any information relating to an identified or identifiable natural person” Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, concerning health or sex life. Personal data Sensitive data
Is it personal ? Is it sensitive ? 2015 8 IP address Device fingerprint Location Voice sample Daily number of steps Sleep pattern House energy use pattern
When data is no longer „personal”? 2015 9 Can we get rid of „personal” ? Pseudonymous data Anonymous data ISO 29100:2011 Are you sure the data is anonymous ?
Am I a data controller ? (1) 2015 10 Data controller vs data processor Many actors processing the data What your DPA thinks about it ?
Group Article 29 Opinion on recent developments of Internet of Things 2015 11 • Most of the actors classified as data controllers • Consent of a data subject • „legitimate interest” – likely to be insufficient • Right to access to data includes „raw data”
Draft of the New Data Protection Regulation (1/2) 2015 12 • Application to non-EEA countries • Penalties • Data subject may claim for a monetary compensation • Profiling framed
Draft of the New Data Protection Regulation (2/2) 2015 13 • Data breach notification • Certification • One – stop shop • Coming into force – 2017 ?
Telecommunication
Telecommunication 2015 15 Providing the services by „permanent roaming” Using the frequencies for M2M data transfers Numbering issue –IP or reparate numbering for M2M? Regulatory issues – data retention
Cybersecurity
NIS Directive Draft (1/2) 2015 17 Critical infrastructure providers Cloud computing, social media providers ? New obligations: • Notification of critical incidents • Obligatory external audits of cybersecurity • Obligatory documentation • Penalties for non compliance
NIS Directive Draft (2/2) 2015 18 Pros and cons of the new regulation Legal obligation = clear basis for IT spending on cybersecurity solutions Are the written policies really helpful ?
(re)Structuring your agreements 2015 19 • agreements should oblige software vendors to: • Update software permanently • Deliver updates immediately upon reported security issues • Access to code: • Plan B (1) –escrow of source code in case of failure to react • Plan B (2) – consider use of Open Source * need of indemnification clauses in the supply chain
Ownership of data
Harvesting Data 2015 21 • American Farm Bureau Federation: • „Companies that are collecting these data may be able to see how much grain is being harvested, minute by minute, from tens of thousands of fields. That's valuable information.”
Harvesting Data 2015 22 • No clear answers but … • Existing EU Directive on database protection • New type of vendor lock-in – business data • Structuring of an effective agreement
Thank you Dariusz Czuchaj, Senior Associate, IT & Data Protection lawyer Karol Laskowski, Senior Associate, TMT lawyer

Recommended

Legal issues of the Internet of Things
Legal issues of the Internet of ThingsLegal issues of the Internet of Things
Legal issues of the Internet of ThingsGiulio Coraggio
 
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...#Privacy Matters - Come il regolamento privacy europeo da un problema può div...
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...Giulio Coraggio
 
Legal issues on social media
Legal issues on social mediaLegal issues on social media
Legal issues on social mediaGiulio Coraggio
 
Drones and logistics - What legal issues and how to handle them
Drones and logistics - What legal issues and how to handle themDrones and logistics - What legal issues and how to handle them
Drones and logistics - What legal issues and how to handle themGiulio Coraggio
 
Wearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemWearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemGiulio Coraggio
 
What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...Giulio Coraggio
 
Ethical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTEthical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTLuckeylama
 
Iot and ethics
Iot and ethicsIot and ethics
Iot and ethicsErling Hesselberg
 

Recommended

Legal issues of the Internet of Things
Legal issues of the Internet of ThingsLegal issues of the Internet of Things
Legal issues of the Internet of ThingsGiulio Coraggio
 
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...#Privacy Matters - Come il regolamento privacy europeo da un problema può div...
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...Giulio Coraggio
 
Legal issues on social media
Legal issues on social mediaLegal issues on social media
Legal issues on social mediaGiulio Coraggio
 
Drones and logistics - What legal issues and how to handle them
Drones and logistics - What legal issues and how to handle themDrones and logistics - What legal issues and how to handle them
Drones and logistics - What legal issues and how to handle themGiulio Coraggio
 
Wearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemWearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemGiulio Coraggio
 
What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...Giulio Coraggio
 
Ethical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTEthical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTLuckeylama
 
Iot and ethics
Iot and ethicsIot and ethics
Iot and ethicsErling Hesselberg
 
What changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesWhat changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesGiulio Coraggio
 
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp
 
Scaling IoT Security
Scaling IoT SecurityScaling IoT Security
Scaling IoT SecurityBill Harpley
 
Internet of things ecosystem: The quest for value
Internet of things ecosystem: The quest for valueInternet of things ecosystem: The quest for value
Internet of things ecosystem: The quest for valueDeloitte United States
 
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greeneA smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greenebmcmenemy
 
Smart City Lecture 1: How to build a Smart City
Smart City Lecture 1: How to build a Smart CitySmart City Lecture 1: How to build a Smart City
Smart City Lecture 1: How to build a Smart CityPeter Waher
 
Encryption by Default BoF by Gihan Dias [APRICOT 2015]
Encryption by Default BoF by Gihan Dias [APRICOT 2015]Encryption by Default BoF by Gihan Dias [APRICOT 2015]
Encryption by Default BoF by Gihan Dias [APRICOT 2015]APNIC
 
IoT Policy and Regulatory Framework
IoT Policy and Regulatory FrameworkIoT Policy and Regulatory Framework
IoT Policy and Regulatory FrameworkGwanhoo Lee
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTAbdullahi Arabo Jr (MEng, MBCS, PhD)
 
Securing the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOSecuring the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOThe Economist Media Businesses
 
2015 Data Security Solutions @SFK - Working and living in digital work of future
2015 Data Security Solutions @SFK - Working and living in digital work of future2015 Data Security Solutions @SFK - Working and living in digital work of future
2015 Data Security Solutions @SFK - Working and living in digital work of futureAndris Soroka
 
Smart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CitySmart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CityPeter Waher
 
20150519.io t.london
20150519.io t.london20150519.io t.london
20150519.io t.londonHamid Falaki
 
Iot tunisia forum 2017 security, confidentiality and privacy in iot
Iot tunisia forum 2017 security, confidentiality and privacy in iot Iot tunisia forum 2017 security, confidentiality and privacy in iot
Iot tunisia forum 2017 security, confidentiality and privacy in iot IoT Tunisia
 
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...Andris Soroka
 
IoT security reference architecture
IoT security reference architectureIoT security reference architecture
IoT security reference architectureElias Hasnat
 
IoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected WorldIoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected WorldCharles Mok
 
É possível existir segurança para IoT?
É possível existir segurança para IoT?É possível existir segurança para IoT?
É possível existir segurança para IoT?Anchises Moraes
 
How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...
How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...
How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...John Boruvka
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot deviceMayank Pandey
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015bmcmenemy
 

More Related Content

What's hot

What changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesWhat changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesGiulio Coraggio
 
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp
 
Scaling IoT Security
Scaling IoT SecurityScaling IoT Security
Scaling IoT SecurityBill Harpley
 
Internet of things ecosystem: The quest for value
Internet of things ecosystem: The quest for valueInternet of things ecosystem: The quest for value
Internet of things ecosystem: The quest for valueDeloitte United States
 
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greeneA smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greenebmcmenemy
 
Smart City Lecture 1: How to build a Smart City
Smart City Lecture 1: How to build a Smart CitySmart City Lecture 1: How to build a Smart City
Smart City Lecture 1: How to build a Smart CityPeter Waher
 
Encryption by Default BoF by Gihan Dias [APRICOT 2015]
Encryption by Default BoF by Gihan Dias [APRICOT 2015]Encryption by Default BoF by Gihan Dias [APRICOT 2015]
Encryption by Default BoF by Gihan Dias [APRICOT 2015]APNIC
 
IoT Policy and Regulatory Framework
IoT Policy and Regulatory FrameworkIoT Policy and Regulatory Framework
IoT Policy and Regulatory FrameworkGwanhoo Lee
 
Securing the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOSecuring the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOThe Economist Media Businesses
 
2015 Data Security Solutions @SFK - Working and living in digital work of future
2015 Data Security Solutions @SFK - Working and living in digital work of future2015 Data Security Solutions @SFK - Working and living in digital work of future
2015 Data Security Solutions @SFK - Working and living in digital work of futureAndris Soroka
 
Smart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CitySmart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CityPeter Waher
 
20150519.io t.london
20150519.io t.london20150519.io t.london
20150519.io t.londonHamid Falaki
 
Iot tunisia forum 2017 security, confidentiality and privacy in iot
Iot tunisia forum 2017 security, confidentiality and privacy in iot Iot tunisia forum 2017 security, confidentiality and privacy in iot
Iot tunisia forum 2017 security, confidentiality and privacy in iot IoT Tunisia
 
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...Andris Soroka
 
IoT security reference architecture
IoT security reference architectureIoT security reference architecture
IoT security reference architectureElias Hasnat
 
IoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected WorldIoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected WorldCharles Mok
 
É possível existir segurança para IoT?
É possível existir segurança para IoT?É possível existir segurança para IoT?
É possível existir segurança para IoT?Anchises Moraes
 
How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...
How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...
How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...John Boruvka
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot deviceMayank Pandey
 

What's hot (20)

What changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesWhat changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling Companies
 
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
 
Scaling IoT Security
Scaling IoT SecurityScaling IoT Security
Scaling IoT Security
 
Internet of things ecosystem: The quest for value
Internet of things ecosystem: The quest for valueInternet of things ecosystem: The quest for value
Internet of things ecosystem: The quest for value
 
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greeneA smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
A smarter, more secure io t gartner iam summit uk 2015 - netiq - travis greene
 
Smart City Lecture 1: How to build a Smart City
Smart City Lecture 1: How to build a Smart CitySmart City Lecture 1: How to build a Smart City
Smart City Lecture 1: How to build a Smart City
 
Encryption by Default BoF by Gihan Dias [APRICOT 2015]
Encryption by Default BoF by Gihan Dias [APRICOT 2015]Encryption by Default BoF by Gihan Dias [APRICOT 2015]
Encryption by Default BoF by Gihan Dias [APRICOT 2015]
 
IoT Policy and Regulatory Framework
IoT Policy and Regulatory FrameworkIoT Policy and Regulatory Framework
IoT Policy and Regulatory Framework
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoT
 
Securing the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEOSecuring the internet of things: The conversation you need to have with your CEO
Securing the internet of things: The conversation you need to have with your CEO
 
2015 Data Security Solutions @SFK - Working and living in digital work of future
2015 Data Security Solutions @SFK - Working and living in digital work of future2015 Data Security Solutions @SFK - Working and living in digital work of future
2015 Data Security Solutions @SFK - Working and living in digital work of future
 
Smart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CitySmart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart City
 
20150519.io t.london
20150519.io t.london20150519.io t.london
20150519.io t.london
 
Iot tunisia forum 2017 security, confidentiality and privacy in iot
Iot tunisia forum 2017 security, confidentiality and privacy in iot Iot tunisia forum 2017 security, confidentiality and privacy in iot
Iot tunisia forum 2017 security, confidentiality and privacy in iot
 
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...
2015 - Data Security Solutions @Dienas Bizness Exigen IBM - Business Data Pro...
 
IoT security reference architecture
IoT security reference architectureIoT security reference architecture
IoT security reference architecture
 
IoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected WorldIoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected World
 
É possível existir segurança para IoT?
É possível existir segurança para IoT?É possível existir segurança para IoT?
É possível existir segurança para IoT?
 
How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...
How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...
How the Emerging IoT will Prompt Asset Management Issues - IAITAM Spring ACE ...
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot device
 

Similar to Warsaw IT & Privacy Seminar: IoT Legal Issues

Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015bmcmenemy
 
Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Cyril Soeri
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
IOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringIOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringPotato
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things NetIQ
 
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainSensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainHeather Vescent
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
Open Data Economy.pdf
Open Data Economy.pdfOpen Data Economy.pdf
Open Data Economy.pdfODE Infinity
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT Ahmed Banafa
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Ulf Mattsson
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeUlf Mattsson
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyUlf Mattsson
 
IoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the futureIoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the futureFacundo Mauricio
 
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPiwik PRO
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMwareVMUG IT
 

Similar to Warsaw IT & Privacy Seminar: IoT Legal Issues (20)

Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...
 
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
A Smarter, more Secure Internet of Things from NetIQ at Gartner IAM Summit 2015
 
Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)
 
nerfslides.pptx
nerfslides.pptxnerfslides.pptx
nerfslides.pptx
 
IOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringIOT Security - ICCT College of Engineering
IOT Security - ICCT College of Engineering
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
 
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainSensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
Open Data Economy.pdf
Open Data Economy.pdfOpen Data Economy.pdf
Open Data Economy.pdf
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacy
 
IoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the futureIoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the future
 
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital Setup
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
 

Recently uploaded

如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书FS LS
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Companyaneesashraf6
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxNeeteshKumar71
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书SD DS
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsAbdul-Hakim Shabazz
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaAbheet Mangleek
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书SD DS
 
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxmarielouisetulaytay
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书FS LS
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...shubhuc963
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Dr. Oliver Massmann
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》o8wvnojp
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一st Las
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书Fir sss
 
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSVIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSDr. Oliver Massmann
 
如何办理纽约州立大学石溪分校毕业证学位证书
如何办理纽约州立大学石溪分校毕业证学位证书 如何办理纽约州立大学石溪分校毕业证学位证书
如何办理纽约州立大学石溪分校毕业证学位证书Fir sss
 
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书SD DS
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxAbhishekchatterjee248859
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceMichael Cicero
 

Recently uploaded (20)

如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
 
Difference between LLP, Partnership, and Company
Difference between LLP, Partnership, and CompanyDifference between LLP, Partnership, and Company
Difference between LLP, Partnership, and Company
 
The Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptxThe Prevention Of Corruption Act Presentation.pptx
The Prevention Of Corruption Act Presentation.pptx
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
 
Rights of under-trial Prisoners in India
Rights of under-trial Prisoners in IndiaRights of under-trial Prisoners in India
Rights of under-trial Prisoners in India
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
 
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptxSports Writing for PISAYyyyyyyyyyyyyyy.pptx
Sports Writing for PISAYyyyyyyyyyyyyyy.pptx
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书
 
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTSVIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
 
如何办理纽约州立大学石溪分校毕业证学位证书
如何办理纽约州立大学石溪分校毕业证学位证书 如何办理纽约州立大学石溪分校毕业证学位证书
如何办理纽约州立大学石溪分校毕业证学位证书
 
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
 

Warsaw IT & Privacy Seminar: IoT Legal Issues

  • 1. Warsaw IT & Privacy Seminar Internet of Things and the legal issues Dariusz Czuchaj, Senior Associate Karol Laskowski, Senior Associate
  • 2. IoT and the expectations 2015 2 Source: Gartner Inc. : http://na2.www.gartner.com/imagesrv/newsroom/images/HC_ET_2014.jpg
  • 3. What is „Internet of Things” 2015 3 uniquely identifiable embedded computing devices • directly or indirectly process data connected to telecommunication networks
  • 4. Categories of data 2015 4 Related to a thing/state Related to a person Related to a person’s health, etc.
  • 5. Applicable laws 2015 5 •Protection of personal data •Telecommunication laws •Cybersecurity •Ownership
  • 7. What is personal ? 2015 7 „any information relating to an identified or identifiable natural person” Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, concerning health or sex life. Personal data Sensitive data
  • 8. Is it personal ? Is it sensitive ? 2015 8 IP address Device fingerprint Location Voice sample Daily number of steps Sleep pattern House energy use pattern
  • 9. When data is no longer „personal”? 2015 9 Can we get rid of „personal” ? Pseudonymous data Anonymous data ISO 29100:2011 Are you sure the data is anonymous ?
  • 10. Am I a data controller ? (1) 2015 10 Data controller vs data processor Many actors processing the data What your DPA thinks about it ?
  • 11. Group Article 29 Opinion on recent developments of Internet of Things 2015 11 • Most of the actors classified as data controllers • Consent of a data subject • „legitimate interest” – likely to be insufficient • Right to access to data includes „raw data”
  • 12. Draft of the New Data Protection Regulation (1/2) 2015 12 • Application to non-EEA countries • Penalties • Data subject may claim for a monetary compensation • Profiling framed
  • 13. Draft of the New Data Protection Regulation (2/2) 2015 13 • Data breach notification • Certification • One – stop shop • Coming into force – 2017 ?
  • 15. Telecommunication 2015 15 Providing the services by „permanent roaming” Using the frequencies for M2M data transfers Numbering issue –IP or reparate numbering for M2M? Regulatory issues – data retention
  • 17. NIS Directive Draft (1/2) 2015 17 Critical infrastructure providers Cloud computing, social media providers ? New obligations: • Notification of critical incidents • Obligatory external audits of cybersecurity • Obligatory documentation • Penalties for non compliance
  • 18. NIS Directive Draft (2/2) 2015 18 Pros and cons of the new regulation Legal obligation = clear basis for IT spending on cybersecurity solutions Are the written policies really helpful ?
  • 19. (re)Structuring your agreements 2015 19 • agreements should oblige software vendors to: • Update software permanently • Deliver updates immediately upon reported security issues • Access to code: • Plan B (1) –escrow of source code in case of failure to react • Plan B (2) – consider use of Open Source * need of indemnification clauses in the supply chain
  • 21. Harvesting Data 2015 21 • American Farm Bureau Federation: • „Companies that are collecting these data may be able to see how much grain is being harvested, minute by minute, from tens of thousands of fields. That's valuable information.”
  • 22. Harvesting Data 2015 22 • No clear answers but … • Existing EU Directive on database protection • New type of vendor lock-in – business data • Structuring of an effective agreement
  • 23. Thank you Dariusz Czuchaj, Senior Associate, IT & Data Protection lawyer Karol Laskowski, Senior Associate, TMT lawyer