PHILADELPHIA, PA—(Marketwired – February 26, 2018) – The European Union's forthcoming General Data Protection Regulation (GDPR) will reshape the rules of data management and raise both the cost of complying with laws governing people's personal data and the risks and considerable financial liabilities involved in mishandling it. The rule has implications across the corporate spectrum, from the general counsel's office, to chief revenue officers (CROs), corporate strategy groups, chief security officers (CSOs), chief information officers, to the developers' suite. Microshare's new white paper, available at: https://microshare.io/2018/02/22/iot–and–gdpr–a–data–convergence–that–pits–the–bold–against–the–cautious/ is particularly focused on GDPR's implications on the vast streams of data generated by the Internet of Things (IoT) which will be particularly vexing due to its volume, the disparate nature of its sources, and the lack of common standards across IoT networks. GDPR and other regulatory and security initiatives will complicate efforts to store, analyze, share and sell IoT data, a problem that threatens to undermine bullish forecasts about the potential size of the IoT data market. The advent of IoT will require new thinking with regard to data management and ownership, which currently assumes data has a single owner and that data transactions involve two parties (or three, if the regulator is included). This cozy concept — the norm since the start of the information economy — is being overturned by the speed, quantity, portability and diffuse demand for the valuable information now generated by billions of new IoT sensors. Yet with the right mix of standards, privacy and compliance controls, context, and auditable micro–contracts, a sharing economy fed by the powerful firehose of IoT can flourish and transform digital business models even in the age of GDPR. Microshare, uniquely, exists between the IoT networking layer and the standards–free edge, precisely the right place to ensure data is shared with only the right people and at the right time and under the proper circumstances.
The regulatory environment for IoT — like the security environment — is immature and shot through with contradictions. Technology focused businesses, like nature, abhor a vacuum. But they abhor regulations even more, even when the establishment of some standards might clarify the risk factors and lead to an accelerating expansion of use cases and market adoption. Such is the case today with GDPR and IoT. Europe has devised a characteristically burdensome set of regulations around the capture and uses of data generated by citizens of the European Union, the world's largest and wealthiest economic market. The penalties for violating GDPR provide Brussels' regulators with the stick they need to make an example out of companies that stumble early on. This combination, along with recent aggressive actions by the EU's anti–trust Commissioner Margrethe Vestager targeting Google, Amazon, Qualcomm and others, will lead some corporate decision makers to advise caution and may slow adoption of IoT for fear of inadvertently violating GDPR's strict privacy rules.
This is understandable. A steady drumbeat of doom — and invitations to webinars and other free forums to stoke these fears — emanate from the world's largest law firms and consultancies ever since GDPR's May 2018 deadline was first aired. This has general counsels and other risk–averse corporate actors convinced that an aggressive IoT data business model is akin to Dante's crossing of the River Styx. This kind of legal hyperventilation no doubt will inflate retainers for the firms who will be called upon by general counsels to provide outside assessments of innovative new data sharing business models. And, of course, legal opinions must be obtained whenever the regulatory ground shifts. But C–suite decision makers would be well advised to take some of this with a grain of salt. Similar warnings surrounded the 2015 conclusion of the so–called “Safe Harbor” [i]framework negotiated by the US and EU regarding the transfer of data across jurisdictional lines. This was said to be a 'digital Armageddon' for US corporates with significant interests inside the EU's borders. In practice, it merely clarified the rules of the road, updated best practices in data transfer, and probably ended some abuses at the margins.
GDPR represents a far more ambitious and fundamental change in the regulatory landscape. And, as previously noted, it coincides with a rapidly expanding new eco–system in IoT that stands to revise conventional assumptions about digital business models as comprehensively as anything since the development of the World Wide Web itself.
Happily, as with the Internet itself, technological solutions exist to help corporate strategists and data managers navigate these tricky new currents. Cloud providers offer rudimentary storage and curation options that may work for the simplest use cases. But more sophisticated business models will need a more granular and responsive data management approach to avoid triggering GDPR and other privacy red flags. Microshare's approach to the leveraging of IoT data ensures complete control and instant auditability. We turn the torrents of undifferentiated data that IoT sensors have unleashed into permissioned, annotated, contextualized, and compliant packets, before that data is ever offered to multiple third–party owners that require something more robust. Sometimes the best way to avoid mistakes is to do nothing. At Microshare, we have a better idea: Do everything, just do it right from the start.
Click here for the complete Microshare white paper: https://microshare.io/2018/02/22/iot–and–gdpr–a–data–convergence–that–pits–the–bold–against–the–cautious/
Microshare.io provides a highly scalable data management solution for the Internet of Things, enabling data storage and controlled access whilst maintaining privacy, security, confidentiality and applying context through a ready–built single API. The solution can be used as a cloud service or embedded inside a more complete offering. Microshare has offices in Philadelphia, New York, and in the United Kingdom.