Universal Privacy Risk Area Assessment Methodology
- 1.4k Downloads
This chapter will describe the Universal Privacy Risk Area Assessment Methodology (UPRAAM) designed to assess the conformance of IoT deployments with personal data protection regulations, such as the European General Data Protection Regulation (GDPR).
KeywordsUPRAAM Risk assessment methodology Internet of things IoT Personal data protection GDPR Cybersecurity
This chapter includes results shared by the European research project Privacy Flag and EuroPrivacy development led by Archimede Solutions. Images are shared on a non-exclusive basis as a courtesy of the contributors.
- 1.EAR-IT FP7 European Research project on IoT-based audio monitoring for smart cities and smart buildings, http://www.ear-it.eu. Accessed 28 July 2016
- 2.Privacy Flag is a European Research project on data protection, http://www.privacy-flag.eu. Accessed 28 July 2016
- 3.S. Ziegler, I.P. Chochliouros, L. Ladid, Privacy flag—collective privacy protection scheme based on structured distributed risk assessment, in Proceedings of the IEEE World Forum on Internet of Things (WF-IoT), Milano, Italy, 14–16 Dec 2015Google Scholar
- 4.Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)(EU) 2016/679, in eur-lex.europa.eu
- 5.S. Ziegler, P.M. Kémo Sonko, P. Maló, Privacy risk area assessment tool for audio monitoring—providing a pragmatic solution, in Proceedings of the ICT Law Conference 2013, Porto, Portugal, 8–9 Nov 2013Google Scholar
- 6.S. Ziegler, P.M. Kémo Sonko, Privacy risk area assessment tool for audio monitoring—from legal complexity to practical applications. J. Int. Commer. Law Technol. 9(3), 138 (2014). http://www.jiclt.com/index.php/jiclt/article/viewFile/210/207Google Scholar
- 7.Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (“Directive on electronic commerce”), in eur-lex.europa.eu
- 8.Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (“Directive on privacy and electronic communications”), in eur-lex.europa.eu