The applicability of the GDPR to the Internet of Things

Abstract

Once upon a time internet users accessed the internet via a telephone network, paying for mbps (megabits per second). Now, the Internet of Things (IoT) is one of the biggest technological changes to influence the daily lives of human beings. People are unaware of their daily use of the IoT. Why? Because it is now ‘normal’ to have such devices for daily use. It makes our lives easier; however, the IoT is entering a new era. Recent developments of the IoT include automation, massive data processing and the use of artificial intelligence in systems to improve services and business models. Processing data of individuals falls under the General Data Protection Regulation (GDPR), an EU regulation to ensure the fundamental rights of individuals in cases of personal data processing. This regulation came into force on 25th May, 2018. This regulation aims to protect the rights and freedoms of individuals, and it is necessary, from a business point of view, to protect these rights while improving business models and still keep innovating. This paper indicates the key challenges for recent developments of the IoT, now that the General Data Protection Regulation has come into force; it will also give some practical guidance to keep businesses going while at the same time complying with the GDPR.