Reference : The Unsecure Side of (Meta)Data in IoT Systems
Scientific congresses, symposiums and conference proceedings : Paper published in a journal
Law, criminology & political science : Multidisciplinary, general & others
Security, Reliability and Trust
The Unsecure Side of (Meta)Data in IoT Systems
Chiara, Pier Giorgio mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Ambient Intelligence and Smart Environments
IOS Press
Amsterdam, Berlin, Washington DC
16th International Conference on Intelligent Environments
from 20-07-2020 to 23-07-2020
[en] Metadata ; IoT ; Data Protection
[en] The exponential spreading and deployment of emerging digital
technologies such as the Internet of Things (IoT) has been remarkable: the IoT
market is expected to triple, at least, from USD 170.57 billion in 2017 to USD
561.04 billion by 2022. IoT technologies collect, generate and communicate a huge
amount of different data and metadata, through an increasing number of
interconnected devices and sensors. Current EU legislation on data protection
classifies data into personal and non-personal. The paper aims at charting the
resulting entanglements from an interdisciplinary perspective. The legal analysis,
integrated with a technical perspective, will address firstly the content of IoT
communications, i.e. “data”, and the underlying distinction between personal and
non-personal. Secondly, the focus will shift on the metadata related to
communications. Through a technical analysis of the highly sensitive nature of
metadata, even when the content is encrypted, I will argue that metadata are likely
to undermine even more the ontological and sharp division between personal and
non-personal data upon which the European legal frameworks for privacy and data
protection have been built. The incoming ePrivacy Regulation shall provide
metadata, which should be considered always personal data, the same level of
protection of “content” data. This interpretation might broaden the scope of
application of GDPR and the connected obligations and responsibilities of data
controllers and data processors too much.
Researchers ; Students ; General public
This article is published online with Open Access by IOS Press and distributed under the terms
of the Creative Commons Attribution Non-Commercial License 4.0 (CC BY-NC 4.0).
H2020 ; 814177 - LAST-JD-RIoE - Law, Science and Technology Joint Doctorate: Rights of the Internet of Everything

File(s) associated to this reference

Fulltext file(s):

Open access
The Unsecure Side of (Meta)Data in IoT.pdfPublisher postprint213.22 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.