Privacy and security in the IoT—Legal issues

This chapter begins with a discussion of the normative framework applicable to Internet of things (IoT) by taking into account the suitability of regulatory measures as well as the current state of regulation and the strategies being proposed for future regulation. It discusses the privacy and security challenges in light of data protection rights and obligations before addressing specific issues in the context of IoT. These issues are based on the nature of the technology and thus require for the most part technological solutions. The legal framework for data privacy and data security issues of the IoT could be based on five different strategies. The strategies include right-to-know legislation, prohibition legislation, information technology security legislation, utilization legislation, and task force regulation. The general security risks in the IoT have a further exposure in the context of cybersecurity causing new and unique challenges.