Reconsidering IoT with respect to the GDPR
The main objective of this thesis is to understand the legal framework and the difference between old European Union (EU) Data Protection Directives and new EU Data Protection Regulation as well as their implications on IoT based industries. A substantial amount of literature study has been done to provide a background of EU Data Protection Directives. Following that, some new Regulations has discussed. Another aim of this thesis was to identify the implications of new Data Protection Regulations. With this purpose, the research was channelized towards two legal frameworks. Research work about the regulations, the information about the various IoT industries holding personal data, their methodologies and implications of the legal framework were carried out. As a final point, the author wants IoT based industries to reconsider their aim of launching new products and focus more on complying new Data Protection Regulations enforced by the European Commission (EC) and perform the necessary amendments before the deadline. Consequently, the thesis proposed some recommendations for compliance and with an aim of avoiding huge fines enforced by the EU. Keywords: Internet of Things, General Data Protection Regulations, European Union, Personal Data
Recommended
Recommended
More Related Content
Similar to Reconsidering IoT with respect to the GDPR
Similar to Reconsidering IoT with respect to the GDPR (20)
Recently uploaded
Recently uploaded (20)
Reconsidering IoT with respect to the GDPR
- 1. Reconsidering Internet of Things (IoT) with respect to the General Data Protection Regulations (GDPR) Parag Devidas Narvekar
- 2. INTRODUCTION
- 3. RESEARCH OBJECTIVE Profiling within Internet Search Engine Industry and Principles mentioned in GDPR1 Data Protection Impact Analysis (DPIA) and Smart Grid industry2 Challenges in Appointing a Data Protection Officer (DPO)3 Challenges in Security and Data Breach Notification4
- 4. RESEARCH METHODS Doctrinal Legal Method1 Directives Vs RegulationsDirective 95/46/EC General Data Protection Regulations Qualitative Research Method2 Case Study Phenomenological Grounded Theory Historical
- 5. RESULTS : Profiling within Internet Search Engine Industry and Principles mentioned in GDPR 1. Transparency and Fairness 2. Purpose of Processing Right to Object 1. Right for Information and Access 2. Right to Data Portability
- 6. RESULTS : Data Protection Impact Analysis & Smart Grid Operatorās Geolocation DPOās study concerning National Regulatory Authorities present in the EU/EEA Conflict between Operators Incident Management Plan Conflict between the Industry and Government European Groups involved in the process
- 7. RESULTS : Challenges in Appointing a Data Protection Officer CIPP/E CIPM Conflict of Interest Interviewerās Knowledge
- 8. RESULTS : Challenges in Security & Data Breach Notification REPUTATION
- 9. CONCLUSION GDPR Organizations ā¢ Increase budget to comply with GDPR ā¢ Develop Skillsets, Certification Programs ā¢ Learn from otherās mistakes Data Protection Impact Analysis ā¢ Involve Data Protection Lawyers ā¢ Involve Third Party ā¢ Avoid Confusion Appoint DPO ā¢ Revise articles in the legal framework ā¢ Introduce more certification centers in non- EU countries. Data Breach Notification ā¢ Legal Agreements ā¢ Revise Business Management ā¢ Display Data Security Certification Profiling ā¢ Art 29. WP should involve while including Terms & Conditions People ā¢ Aware about the Data Protection Regulations ā¢ Read Terms & Conditions Before using the services ā¢ Follow Rights mentioned within the GDPR
- 10. We are rapidly entering the age of no privacy, where everyone is open to surveillance at all times; where there are no secrets from government. ā William Orville Douglas (Supreme Court Justice, Educator, Government Official, Lawyer, Judge)