From the Mind to the Cloud: Personal Data in the Age of the Internet of Things

Abstract

Society is undergoing a major digital transformation affecting all areas of human activity. While the expected benefits of this societal turn are many, the use of IoT technologies presents challenges and risks from the viewpoint of fundamental human rights, such as privacy, that should not be underestimated. The legislative framework is constantly adapting to address these emerging needs: in Europe, the introduction of the General Data Protection Regulation (GDPR) was a milestone towards an enhanced citizens’ data protection. However, the GDPR does have its limitations, both from the viewpoint of its practical applicability and the grey areas, mostly related to specific technologies and applications. Two case studies are presented, namely on connected and automated driving and domestic social robots. Despite the GDPR, mechanisms allowing citizens to have adequate control over their personal data are still not in place, and the advent of the IoT is likely to increase such challenges.