There’s no doubt that the Internet of Things (the “IoT”) - a world where just about everything is connected - is on the verge of becoming integral to our everyday lives. Posing unique and significant challenges in the areas of privacy and data protection, debate on the merits or otherwise of the IoT is rife.
Representing everything from wearable computing to health sensors and monitors, the IoT depends on connectivity which has the potential to expose users to significant privacy and security risks. Key data protection issues arising include the user’s lack of control over their data, the quality of the user’s consent, the use of data for purposes not originally intended by the user, intrusive behaviour analysis, difficulties in ensuring anonymity and security risks.
A recent opinion from the European Commission recommends that stakeholders in the IoT’s development should consider preventative measures to avoid potential data breaches from the outset of the product development cycle.
The European Commission suggests companies go beyond current EU data protection requirements – requirements which will soon be expanded once the proposed EU Data Protection Regulation comes into effect. Intended to be finalised in 2015, the Regulation will apply to all businesses selling their products into the EU, even if they are not based there – a reform with the potential to considerably reshape the international data protection landscape.