Abstract
General Data Protection Regulation, the recent update of the world’s most developed legal framework of personal data protection, has been fully in force in the European Union since May 2018. As a new chapter in European data protection development, the Regulation is an instrument of uniformization replacing the older Data Protection Directive framework and its national transposition measures. GDPR also addresses the transfer of personal data outside the EU and EEA areas when required for electronic commerce, information society services such as cloud services, on-demand streaming, and other content services or for more traditional purposes such as civil aviation traffic, cargo and passenger shipping, etc. Compliance with the Regulation in the context of Smart City development strategy now includes analyzing the impact of several evolving technological trends such as the Internet of Things, Big Data and biometrics-enabled video-surveillance, utility payment systems, and all other kinds of services based on gathering large amount of personal data. GDPR has adopted a significant number of compliance mechanisms already familiar from information security standards and infosec legislation. For Smart City data controllers, this means adapting their advancements and deployment of new services and products to meet data protection standards.
This is a preview of subscription content, log in via an institution.
References
Brandeis, L., & Warren, S. D. (1890). The right to privacy. Harvard Law Review, 4, 193.
Charter of Fundamental Rights of the European Union. (2000). Official Journal of the European Communities, C, 364(1).
Consolidated versions of the Treaty on European Union and the Treaty on the Functioning of the European Union. Official Journal of the European Union, C, 115, 2008.
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (No longer in force). Official Journal, L, 281, 0031–0050.
EDPB Guidelines 3/2018 on the territorial scope of the GDPR (Article 3) – version adopted after public consultation. https://edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-32018-territorial-scope-gdpr-article-3-version_en. Accessed 20 Jan 2020.
European Commission, IoT Privacy, Data Protection, Information Security. Available at: http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1753. Accessed 20 Jan 2020.
European Commission: What does data protection ‘by design’ and ‘by default’ mean?. Available at: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/obligations/what-does-data-protection-design-and-default-mean_en. Accessed 20 Jan 2020.
European Data Protection Supervisor, Data Protection Officer (DPO). Available at: https://edps.europa.eu/data-protection/data-protection/reference-library/data-protection-officer-dpo_en. Accessed 20 Jan 2020.
European Union Agency for Fundamental Rights and Council of Europe. (2018). Handbook on European data protection law, fundamental right. Luxembourg: Publications Office of the European Union. https://fra.europa.eu/sites/default/files/fra_uploads/fra-coe-edps-2018-handbook-data-protection_en.pdf. Accessed 20 Jan 2020.
Fuster, G. (2014). The emergence of personal data protection as a fundamental right of the EU. Cham: Springer.
Guidelines on Consent. under Regulation 2016/679 (wp259rev.01), https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=623051. Accessed 20 Jan 2020.
Information Commissioner’s Office, Determining what is personal data, v1.1, 20121212. Available at: https://ico.org.uk/media/for-organisations/documents/1554/determining-what-is-personal-data.pdf. Accessed 20 Jan 2020.
Katulic, T., & Protrka, N. (2019). Information security in principles and provisions of the EU Data Protection Law. In K. Skala (Ed.), MIPRO 2019 42nd international convention proceedings (pp. 1420–1426). Rijeka: MIPRO. https://doi.org/10.23919/mipro.2019.8757153.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union, L, 119(1).
Secure, sustainable smart cities and the IoT. (2019). https://www.gemalto.com/iot/inspired/smart-cities. Accessed 20 Jan 2020.
Voigt, P., & Bussche, A. (2017). The EU General Data Protection Regulation (GDPR) – A practical guide. Cham: Springer.
Vojković, G. (2018). Will the GDPR slow down development of Smart Cities? In K. Skala (Ed.), MIPRO 2018 41st international convention proceedings (pp. 1495–1497). Rijeka: MIPRO. https://doi.org/10.23919/MIPRO.2018.8400234.
Vojković, G., Milenković M., & Katulić, T. (2019). IoT and Smart Home Data Breach Risks from the Perspective of Croatian Data Protection and Information Security Law. In Proceedings of the ENTRENOVA – ENTerprise REsearch InNOVAtion Conference, Zagreb.
WP29 Guidelines on Data Protection Impact Assessment. (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679, WP248 rev.01. https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=611236. Accessed 20 Jan 2020.
WP29 Guidelines on Data Protection Officers. https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612048. Accessed 20 Jan 2020.
WP29 Guidelines on Transparency. under Regulation 2016/679, https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=622227. Accessed 20 Jan 2020.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this entry
Cite this entry
Vojković, G., Katulić, T. (2020). Data Protection and Smart Cities. In: Augusto, J.C. (eds) Handbook of Smart Cities. Springer, Cham. https://doi.org/10.1007/978-3-030-15145-4_28-1
Download citation
DOI: https://doi.org/10.1007/978-3-030-15145-4_28-1
Received:
Accepted:
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-15145-4
Online ISBN: 978-3-030-15145-4
eBook Packages: Springer Reference Computer SciencesReference Module Computer Science and Engineering