The value of personal data generated and managed by smart devices which comprise the Internet of Things (IoT) is unquestionable. The EU General Data Protection Regulation (GDPR) that has been recently put in force, sets the cornerstones regarding the collection and processing of personal data, for the benefit of Data Subjects and Controllers. However, applying this regulation to the IoT ecosystem is not a trivial task. This paper proposes ADvoCATE, a user-centric solution that allows data subjects to easily control consents regarding access to their personal data in the IoT ecosystem and exercise their rights defined by GDPR. It also assists Data Controllers and Processors to meet GDPR requirements. A blockchain infrastructure ensures the integrity of personal data processing consents, while the quality thereof is evaluated by an intelligence service. Finally, we present some preliminary details of a partial implementation of the proposed framework.
CITATION STYLE
Rantos, K., Drosatos, G., Demertzis, K., Ilioudis, C., Papanikolaou, A., & Kritsas, A. (2019). ADvoCATE: A consent management platform for personal data processing in the IoT using blockchain technology. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11359 LNCS, pp. 300–313). Springer Verlag. https://doi.org/10.1007/978-3-030-12942-2_23
Mendeley helps you to discover research relevant for your work.