Crucially as far as data collection is concerned, the responsive nature of smart technology means that they need to be permanently on to work effectively, with no involvement from the user.
They also need to be permanently connected to the internet, since the technology is not powerful enough to make decisions without it.
his state of affairs has led to worries about when a device is “listening”, what data it records and stores, and who has access to it.
And, while manufacturers normally say that there will be no human eyes on your data, this is not necessarily true. Take Amazon workers for instance, who would listen to user conversations with Alexa before feeding them into an automation system.
This is particularly scary given that smart technology is now all around us, wherever we are - raising questions about how much information is being collected and who stands to benefit, and giving more opportunities to hackers.
And, while the data collected by one device may not be a problem, it becomes an issue when this data is combined with what is collected from other collected devices - this would give any recipient third party sensitive information about patterns of behavior.
What this also means is that, the more smart devices we use, the more we have to trust that they operate and handle data securely.
Smart Technology & Data Privacy
Given the way that these devices provide third parties with the sensitive personal data of users, they fall under the jurisdiction of data privacy legislation.
And, while each of the 140+ data privacy laws around the world are different, they share the same commitment to protecting the personal data of users.
The data in question may be non-personal (like a vacuum cleaner’s scheduling), it could be personal data (like an email address), or it could be everything they hear (like a speaker).
GDPR is a good example because it is one of the strictest data privacy laws of its kind, and a great many other laws are actually modeled on it.
Smart technology falls under the jurisdiction of this EU law if they process personal data, specifically in the following ways:
- They use acoustic, optical or biometric sensors to process personal data
- The location of these sensors enables knowledge about user behavior
- The device’s app collects personal identifiers about the user
- The device collects IP addresses that mean the user is identifiable
The GDPR remains fairly vague on the specific subject of the Internet of Things, by the European Commission’s “Liability and New Technologies” report shows that authorities are taking action here.
Data privacy laws demand further caution when collecting the personal data of children - a pressing issue now that they can play with interactive dolls, and have smart devices all round their homes.
Keeping Up-to-date With Privacy Laws
Increasing user concerns about data privacy, and the laws that support this, is juxtaposed strangely against the exploding popularity of smart technology.
However, manufacturers and users alike remain uninformed about how their devices are affected by data privacy laws.
Given that regulations are constantly being tweaked, i ists important for companies to regularly follow developments to ensure that any technology they use does not make them the target of data enforcement agencies.
If you’d like to learn more about GDPR and other privacy laws, we have created a comprehensive information portal to this end.
09 February 2022
