The dangers of malware-infected dishwashers made headlines last month with the discovery of a security vulnerability in a Miele dishwasher. Any denial-of-dishwashing attack should be considered a serious crime in itself, we would all agree, but this particular case was made more concerning by the fact that the dishwasher in question was designed for use in hospitals – its hacking could open the door to the theft of private medical information or the disruption of a hospital’s computer network.
It is clear that the pervasive character of the Internet of Things (IoT) raises new questions around the security of connected devices and the privacy of personal information. IoT will impact the business of every industry sector, and all companies – even manufacturers of dishwashers – need to develop a culture of cybersecurity awareness.
A European Commission ‘Staff Working Document,’ Advancing the Internet of Things in Europe, highlights that, as regards personal data and privacy, the European Union is committed to the highest standards of protection guaranteed by the General Data Protection Regulation (GDPR) of the Charter of Fundamental Rights.
The GDPR calls for “data protection by design and by default.” To protect personal data, the GDPR promotes techniques such as anonymisation (removing personally identifiable information where it is not needed), pseudonymisation (replacing personally identifiable material with artificial identifiers), and encryption (encoding messages so only those authorised can read it).
The European Commission’s working document asserts that the GDPR “will increase trust in digital services and IoT, as individuals, public administrations and businesses will profit from clear data protection rules that are fit for the digital age, that give strong protection and at the same time create opportunities and encourage innovation in a European Digital Single Market.”
The implications of the GDPR will feature as an important part of the discussions at International IoT Week in Geneva, 6-9 June 2017.
Over 200 sessions and activities will assess the latest developments in the IoT domain, looking at emerging IoT technologies, industry and market evolution, and the relevance of IoT to the pursuit of the UN Sustainable Development Goals. A track of sessions dedicated to ‘IoT Security and Privacy’ will tackle a series of questions of great importance to the success of IoT technology, taking deep dives into topics such as:
The relevance of the GDPR to IoT
Emerging trends in encryption
Addressing constrained devices security
Privacy and ethics
Learn more about International IoT week at www.iot-week.eu.