IoT and Big Data bring new legal requirements
As the Internet of Things and the possibilities of Big Data grow, this means that more and more data about us as individuals are stored. In 2018, the EU adopted a stricter data protection law with greater protection of individuals, which brought changes and restrictions. In order to prevent the law from becoming an obstacle for smaller players to launch digital and database-based products and services, Future by Lund started a project to explore what GDPR can mean and what legal conditions apply.
Finanisär
In May 2018, a major reform of data protection came into force in Europe. The Data Protection Regulation replaced the Personal Data Act, PUL. The changes that occur in connection with the emergence of the Internet of Things affect all actors, whether large or small, public administrations, private companies or organizations. The law was based on practice building and that the solutions would be created by the actors and the market. This is because technological progress is faster than what the law and legal experts can embrace.
In Lund at the moment there were two projects dealing with the Internet of Things, IoT, in public environments - Open City Sensor Network & Smart Public Environments. In connection with these, some of the legal problems that can arise when collecting amounts of data that may be individual were examined. The fact that there were practical cases to be based on was a great advantage when you want to test the law.
- It is Future by Lund's ambition to build test beds that allow you to try things and infrastructures that have not existed before, Katarina Scott said. This applies, for example, to how we manage the LoRa open sensor network. In this project, we think about what we need to rig legally to make it easy and fast for small and resource-poor players such as start-ups and SMEs (Small and Medium-sized Enterprise) to step in.
In addition to clarifying the legal issues and what are crucial issues to watch for in order to increase security and accessibility, it wanted to look at best cases and a number of different actual solutions around legal issues based on real business models for SMEs.
The new data protection law applies throughout the EU, which means that products or services for the Swedish market already have an international adaptation. Conversely, the project creates opportunities for local and national entrepreneurs as well as international ones to participate.
In connection with the work, a number of interviews were conducted with entrepreneurs and companies affected in different ways by the new regulation.
Olgerta Tona: A GDPR perspective based on the individual
Kasper Mai Jörgensen: A perspective from a GDPR expert
Elin Häggberg: GDPR perspective from an influencer
Emelie Svensson: GDPR perspective based on self-employment
Ola Andersson: GDPR perspective based on business development
Maria Richardsson: GDPR perspective from e-handl
Mats Pettersson: GDPR Perspective from a Data-Driven Organization
What was the result?
The big result was that we understood how we can work with an area that is constantly evolving and which problem areas we should pay special attention to. It is clear that there are no simple clear answers, but one must be careful with one's ongoing analyses.
How is the project taken forward?
We have incorporated it into the methodology in the work around our various works and developed different analysis schemes.
Quick Facts Testbed Digitalization - Law SME Startups
Financier: Wastewater
Project Time: 2017-2018
Project Manager: Future by Lund
Project partners: Future by Lund, Lund Municipality, Ideon Innovation, Sällberg Jurists, Lund University. Sensative with more partners in Future by Lund
