Presentation is loading. Please wait.

Presentation is loading. Please wait.

Business Challenges in the evolution of HOME AUTOMATION (IoT)

Published byBathsheba Grant Modified over 8 years ago

Similar presentations

Presentation on theme: "Business Challenges in the evolution of HOME AUTOMATION (IoT)"— Presentation transcript:

1 Business Challenges in the evolution of HOME AUTOMATION (IoT)

2 Alessandro Cosenza Chief Information Security Officer - BTicino alessandro.cosenza@bticino.it http://it.linkedin.com/in/alessandrocosenzait.linkedin.com/in/alessandrocosenza Enrico Valtolina Innovation & Partnership Manager – Legrand Group enrico.valtolina@legrand.com http://it.linkedin.com/in/enricovaltolinait.linkedin.com/in/enricovaltolina About the speakers …

3 The global specialist in electrical and digital building infrastructures Over 200 000 catalogue items in 78 product families 4.5 billion euro of sales in 2014 Established in more than 80 countries and sold in close to 180 countries Close to 36,000 employees

4 Home Automation: Internet of Things for Home Cloud ADSL modem Home Automation gateway LAN

5 What’s going to happen outside the home Cloud Insurance companies Caregivers ESCO

6 Legrand Privacy and Security requirements framework constituted a work-group in order to capture the privacy and security requirements. it made up of representatives from the business units of the company. it is a multidisciplinary team : Privacy and security office, Legal, Product Manager, R&D, Marketing,.. the Mission of the group is: Building a methodological framework to model the privacy and security requirements specifications for IoT in order to deal with its mission critical nature. Developing such a requirements engineering framework in order to ensure proper development of IoT with security and privacy taken into account from the earliest stages (Privacy and Security by Design). Define Internal Standard Privacy and Security Policy Give expert advices (best practices), regarding the development of all IoT projects keep a focus on standards,laws, (eg. EU Privacy) in order to ensure compliance with international regulations

7 ARTICLE 30 - Security of processing Having regard to the state of the art and the costs of implementation and taking into account the nature, scope, context and purposes of the processing as well as the risk of varying likelihood and severity for the rights and freedoms of individuals, the controller and the processor shall implement appropriate technical and organizational measures, to ensure a level of security appropriate to the risk, including inter alia, as appropriate: ARTICLE 33 - Data protection impact assessment Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk for the rights and freedoms of individuals, the controller shall, prior to the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data. A single assessment may address a set of similar processing operations that present similar high risks. Risk Management – Data Protecion Impact Assessment (DPIA) By The EU General Data Protection Regulation (GDPR)

8 Definition: the Internet of Things (IoT) refers to an infrastructure in which billions of sensors embedded in common, everyday devices – “things” as such, or things linked to other objects or individuals – are designed to record, process, store and transfer data and, as they are associated with unique identifiers, interact with other devices or systems using networking capabilities Working Party ARTICLE 29 : Opinion 8/2014 Collection exceeding purpose : The increase of the amount of data generated by the IoT in combination with modern techniques related to data analysis and cross-matching may lend this data to secondary uses, whether related or not to the purpose assigned to the original processing. Third parties requesting access to data collected by other parties may thus want to make use of this data for totally different purposes Continue …

9 Working Party ARTICLE 29 : Opinion 8/2014 Profiling:.. domotics raise specific data protection and privacy challenges as an analysis of usage patterns in such a context is likely to reveal the inhabitants’ lifestyle details, habits or choices or simply their presence at home. Possibility to withdraw consent and to oppose: Data subjects must have a possibility to revoke any prior consent given to a specific data processing and to object to the processing of data relating to them. The exercise of such rights must be possible without any technical or organisational constraints or hindrances and the tools provided to register this withdrawal should be accessible, visible and efficient.

10 D PIA can be carried out for the purpose of: identifying privacy risks and responsibilities; providing input to design for privacy protection (sometimes called Privacy by Design); reviewing a new information system`s privacy impact; providing input to planning a response for privacy impacts; maintaining later updates or upgrades with additional functionality likely to impact the PII that are handled; aiding in a stakeholder engagement where privacy may be a sensitive issue; providing evidence relating to compliance, where compliance is required; or providing the basis for provision of privacy information to PII principals on residual risks and any PII principal mitigation action necessary.

11 - New Services to be proposed (also in collaboration with other companies) - Reduce the costs to deliver old services - Improve efficiency / reliability of devices - Improve the “end user” contacts - Data Privacy & Security - Costumer respect & awareness Laws & Regulations Data means “economical values” to be balanced with Privacy & Security

12 Thank You

Download ppt "Business Challenges in the evolution of HOME AUTOMATION (IoT)"

Similar presentations

1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.

1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
RESPECT Guidelines regarding data protection aspects whithin socio-economic research Y. Poullet, K. Rosier, I. Vereecken CRID-FUNDP in cooperation with.

RESPECT Guidelines regarding data protection aspects whithin socio-economic research Y. Poullet, K. Rosier, I. Vereecken CRID-FUNDP in cooperation with.
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.

Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
Company Confidential How to implement privacy and security requirements in practice? Tobias Bräutigam, OTT Senior Legal Counsel, Nokia 8 October 2012 1.

Company Confidential How to implement privacy and security requirements in practice? Tobias Bräutigam, OTT Senior Legal Counsel, Nokia 8 October
Finance and Governance Workshop Data Protection and Information Management 10 June 2014.

Finance and Governance Workshop Data Protection and Information Management 10 June 2014.
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.

Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
Privacy Impact Assessments Iain Bourne, Group Manager, Policy Delivery Information Commissioner’s Office, UK Workshop on data protection and the internet:

Privacy Impact Assessments Iain Bourne, Group Manager, Policy Delivery Information Commissioner’s Office, UK Workshop on data protection and the internet:
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
The Data Protection Act 1998. What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;

The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
The Framework for Privacy Policies in the UK: Is telling people what information is gathered about them part of the framework? Does it need to be? Emma.

The Framework for Privacy Policies in the UK: Is telling people what information is gathered about them part of the framework? Does it need to be? Emma.
The Internet of Things and Consumer Protection

The Internet of Things and Consumer Protection
International Atomic Energy Agency Roles and responsibilities for development of disposal facilities Phil Metcalf Workshop on Strategy and Methodologies.

International Atomic Energy Agency Roles and responsibilities for development of disposal facilities Phil Metcalf Workshop on Strategy and Methodologies.
Threat Prevention and Detection (within Critical Infrastructures) under EU Data Protection Legislation– Purpose Specification and Limitation. Laurens Naudts.

Threat Prevention and Detection (within Critical Infrastructures) under EU Data Protection Legislation– Purpose Specification and Limitation. Laurens Naudts.
Castlebridge associates |www.castlebridge.ie | www.dataprotectionofficer.ie Castlebridge changing how people think about information How to Implement the.

Castlebridge associates | | Castlebridge changing how people think about information How to Implement the.
The EU General Data Protection Regulation Frank Rankin.

The EU General Data Protection Regulation Frank Rankin.
Data protection—training materials [Name and details of speaker]

Data protection—training materials [Name and details of speaker]
Www.clarkholt.com Clark Holt Limited (Co. No. 8774683), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.

Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.
Job offer IT Infrastructure Specialist We are currently looking for an IT infrastructure specialist in order to respond to one key-account customer demand.

Job offer IT Infrastructure Specialist We are currently looking for an IT infrastructure specialist in order to respond to one key-account customer demand.

Similar presentations

Ads by Google