Realising the Right to Data Portability for the Domestic Internet of Things

by   Lachlan Urquhart, et al.

There is an increasing role for the IT design community to play in regulation of emerging IT. Article 25 of the EU General Data Protection Regulation (GDPR) 2016 puts this on a strict legal basis by establishing the need for information privacy by design and default (PbD) for personal data-driven technologies. Against this backdrop, we examine legal, commercial and technical perspectives around the newly created legal right to data portability (RTDP) in GDPR. We are motivated by a pressing need to address regulatory challenges stemming from the Internet of Things (IoT). We need to find channels to support the protection of these new legal rights for users in practice. In Part I we introduce the internet of things and information PbD in more detail. We briefly consider regulatory challenges posed by the IoT and the nature and practical challenges surrounding the regulatory response of information privacy by design. In Part II, we look in depth at the legal nature of the RTDP, determining what it requires from IT designers in practice but also limitations on the right and how it relates to IoT. In Part III we focus on technical approaches that can support the realisation of the right. We consider the state of the art in data management architectures, tools and platforms that can provide portability, increased transparency and user control over the data flows. In Part IV, we bring our perspectives together to reflect on the technical, legal and business barriers and opportunities that will shape the implementation of the RTDP in practice, and how the relationships may shape emerging IoT innovation and business models. We finish with brief conclusions about the future for the RTDP and PbD in the IoT.



There are no comments yet.


page 1

page 2

page 3

page 4


Demonstrably Doing Accountability in the Internet of Things

This paper explores the importance of accountability to data protection,...

White Noise from the White Goods? Conceptual and Empirical Perspectives on Ambient Domestic Computing

Within this chapter we consider the emergence of ambient domestic comput...

Powering the Internet of Things with RIOT: Why? How? What is RIOT?

The crucial importance of software platforms was highlighted by recent e...

Eavesdropping Whilst You're Shopping: Balancing Personalisation and Privacy in Connected Retail Spaces

Physical retailers, who once led the way in tracking with loyalty cards ...

A Generic Information and Consent Framework for the IoT

The Internet of Things (IoT) raises specific issues in terms of informat...

Dark Patterns and the Legal Requirements of Consent Banners: An Interaction Criticism Perspective

User engagement with data privacy and security through consent banners h...

Putting Privacy into Perspective – Comparing Technical, Legal, and Users' View of Data Sensitivity

Web 2.0, social media, cloud computing, and IoT easily connect people ar...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.