Internet of Things

ePrivacy advises companies during the development phase and subjects Internet of Things (IoT) products to compliance checks designed to identify areas of weakness from a data protection and data security perspective. Certification in the form of the recognized ePrivacyseal data protection seal will be possible where a product meets the stringent requirements as to data protection and data security to an exemplary degree.

What is the Internet of Things (IoT)?

The Internet of Things (also often abbreviated to IoT) is composed of everyday objects and an IT structure which links these objects with each other and with computer devices via the Internet. The objects in question must be clearly identifiable for this purpose. They are able (e.g. by means of integrated sensors) automatically collect data and transmit this data-to-data processing centers. Such "intelligent" products connect the real world to the Internet and render information which was previously unavailable in digital form analyzable and usable to a great extent.

Examples of products and services relating to the Internet of Things

  • Identification of packages and consignment tracking on the Internet
  • Collection of data relating to operational and system status (fill levels of printer cartridges)
  • Smart home applications for controlling heating levels or protecting against burglaries
  • Control and inter-linking of kitchen appliances with apps
  • Monitoring of health and fitness levels by means of fitness trackers or other so-called wearables and apps
  • "Intelligent" TVs capable of communicating with TV transmitters (smart TVs)
  • Collection of information on driving behavior, technical status reports which are of relevance from a maintenance standpoint or traffic situations by intelligent cars (connected cars)
  • Automation of payment processes in the retail context

As a general rule, "Internet of Things" products also collect data on their users and their behavior and interests, which are of great interest to companies. Much of this data is, from a legal perspective, to be classified as personal data and is therefore particularly deserving of protection. For this reason, providers of services relating to the "Internet of Things" must take extensive measures to ensure data protection and data security. 

It is to be expected that new business models will arise in the wake of the rapid development of the Internet of Things in technological terms and the legal framework conditions will be subject to continuous change. As a result, many employees of ePrivacy GmbH have been participating in pertinent working groups for some time, actively collaborating on the drafting of discussion papers on specific applications of the Internet of Things, for example. 

Services provided by ePrivacy with regard to IoT products

  • Review of data protection policies and possible data protection settings
  • Verification of compliance with currently relevant data protection regulations and security standards
  • Advice on privacy by design and privacy by default approaches to new IoT products and services
  • Data privacy impact assessment for IoT products 
  • Technical verification of apps on the basis of potential current and future attack scenarios 
  • Certification of apps with ePrivacyApp
  • Training on the subject of "cyber security"
  • Designing of processes for the indication of consent

ePrivacy will assist you in designing your products, technologies and services in line with the extremely stringent requirements imposed by applicable data protection legislation. We will help you and your employees to ensure the secure handling of data relating to the "Internet of Things". 

Do you have questions or recommendations for us?

We are glad to receive your comments.