Page 109 - Trends in Telecommunication Reform 2016
P. 109
context of transactions and companies’ existing • by learning from consumer behaviour, such
relationships with consumers. Similarly, the EU as through privacy preferences set on other Chapter 3
data protection authorities have noted that IoT related devices .
122
data collected for one purpose may be analysed
and matched with other data, leading to a range Data minimization remains an important privacy-
of repurposing. Such data reuse should be protective principle for consumer IoT devices,
compatible with the original purpose of collection limiting the amount of personal data collected
and known to the user (this is known as “purpose or retained, and hence reducing risks from data
limitation”). breaches and misuse. The FTC foresees more
flexibility for IoT services in collecting data not
A range of mechanisms could be used to obtain initially required to provide a service, while under
consent, including: stricter European rules the EU data protection
authorities “cannot share this analysis” .
123
• choices at point of sale or device setup;
Table 5 below identifies possible measures
• QR codes or barcodes on a device that could regulators can consider to foster development of
take a user to a website; the IoT.
• privacy dashboards, for example in smart
phones; and
Table 3.4: Potential IoT regulatory measures
Potential regulatory measures
Licensing and • Further experimentation with use of white-space and shared-space technology.
spectrum
management • Encourage development of LTE-A and 5G networks, and review the need for IoT-spe-
cific spectrum.
Switching and • Global agreement on updated E.212 standards, making appropriate use of GSMA stan-
roaming dards, and provision of Mobile Network Codes to IoT service providers.
Addressing and • Universal IPv6 adoption by governments in their own services and procurements, and
numbering other incentives for private sector adoption.
Competition • Consider measures to increase interoperability through competition and consumer
law, and give users a right to easy access to personal data.
• Support global standardization and deployment of remotely provisioned SIMs for
greater M2M competition.
Privacy and • R&D on more hardware and software security and privacy mechanisms for
security resource-constrained IoT systems, particularly targeted towards start-ups and individ-
ual entrepreneurs that lack resources to easily develop this functionality.
• Incentives for companies to develop new mechanisms to improve transparency of IoT
personal data use, and for gaining informed consent from individuals concerned when
sensitive data is gathered or inferences drawn.
• Greater use of privacy impact assessments by organizations building and configuring
IoT systems.
• Development of further guidance from global privacy regulators on application of the
principles of data minimization and purpose limitation in IoT systems.
• More cooperation between telecommunication and other regulators such as privacy/
data protection agencies.
Trends in Telecommunication Reform 2016 91
