Tom Lodge
Privacy Engineering for Domestic IoT: Enabling Due Diligence
Lodge, Tom; Crabtree, Andy
Abstract
The EU’s General Data Protection Regulation (GDPR) has recently come into effect and insofar as IoT applications touch EU citizens or their data, developers are obliged to exercise due diligence and ensure they undertake Data Protection by Design and Default (DPbD). GDPR mandates the use of Data Protection Impact Assessments (DPIAs) as a key heuristic enabling DPbD. However, research has shown that developers generally lack the competence needed to deal effectively with legal aspects of privacy management and that the difficulties of complying with regulation are likely to grow considerably. Privacy engineering seeks to shift the focus from interpreting texts and guidelines or consulting legal experts to embedding data protection within the development process itself. There are, however, few examples in practice. We present a privacy-oriented, flow-based integrated development environment (IDE) for building domestic IoT applications. The IDE enables due diligence in a) helping developers reason about personal data during the actual in vivo construction of IoT applications; b) advises developers as to whether or not the design choices they are making occasion the need for a DPIA; and c) attaches and makes available to others (including data processors, data controllers, data protection officers, users and supervisory authorities) specific privacy-related information that has arisen during an application’s development.
Citation
Lodge, T., & Crabtree, A. (2019). Privacy Engineering for Domestic IoT: Enabling Due Diligence. Sensors, 19(20), Article 4380. https://doi.org/10.3390/s19204380
Journal Article Type | Article |
---|---|
Acceptance Date | Sep 28, 2019 |
Online Publication Date | Oct 10, 2019 |
Publication Date | Oct 10, 2019 |
Deposit Date | Oct 3, 2019 |
Publicly Available Date | Oct 10, 2019 |
Journal | Sensors |
Electronic ISSN | 1424-8220 |
Publisher | MDPI |
Peer Reviewed | Peer Reviewed |
Volume | 19 |
Issue | 20 |
Article Number | 4380 |
DOI | https://doi.org/10.3390/s19204380 |
Keywords | Electrical and Electronic Engineering; Analytical Chemistry; Atomic and Molecular Physics, and Optics; Biochemistry |
Public URL | https://nottingham-repository.worktribe.com/output/2742945 |
Publisher URL | https://www.mdpi.com/1424-8220/19/20/4380 |
Contract Date | Oct 3, 2019 |
Files
Privacy Engineering for Domestic IoT: Enabling Due Diligence
(2 Mb)
PDF
Downloadable Citations
About Repository@Nottingham
Administrator e-mail: discovery-access-systems@nottingham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search