The Centre for Internet and Society
http://editors.cis-india.org
These are the search results for the query, showing results 61 to 66.
An Urgent Need for the Right to Privacy
http://editors.cis-india.org/internet-governance/blog/an-urgent-need-for-the-right-to-privacy
<b>Along with a group of individuals and organisations from academia and civil society, we have drafted and are signatories to an open letter addressed to the Union government and urging the same to "urgently take steps to uphold the constitutional basis to the right to privacy and fulfil it’s constitutional and international obligations." Here we publish the text of the open letter. Please follow the link below to support it by joining the signatories.</b>
<p> </p>
<h4><a href="http://goo.gl/forms/hw4huFcc4b" target="_blank">Read and sign the open letter.</a></h4>
<p> </p>
<h2>Text of the Open Letter</h2>
<p>As our everyday lives are conducted increasingly through electronic communications the necessity for privacy protections has also increased. While several countries across the globe have recognised this by furthering the right to privacy of their citizens the Union Government has adopted a regressive attitude towards this core civil liberty. We urge the Union Government to take urgent measures to safeguard the right to privacy in India.</p>
<p>Our concerns are based on a continuing pattern of disregard for the right to privacy by several governments in the past. This trend has increased as can be plainly viewed from the following developments.</p>
<p>In 2015, the Attorney General in the case of *K.S. Puttaswamy v. Union of India*, argued before the Hon’ble Supreme Court that there is no right to privacy under the Constitution of India. The Hon'ble Court was persuaded to re-examine the basis of the right to privacy upsetting 45 years of judicial precedent. This has thrown the constitutional right to privacy in doubt and the several judgements that have been given under it. This includes the 1997 PUCL Telephone Tapping judgement as well. We urge the Union Government to take whatever steps are necessary and urge the Supreme Court to hold that a right to privacy exists under the Constitution of India.</p>
<p>Recently Mr. Arun Jaitley, Minister for Finance introduced the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016. This bill was passed on March 11, 2016 in the middle of budget discussion on a short notice as a money bill in the Lok Sabha when only 73 of 545 members were present. Its timing and introduction as a money bill prevents necessary scrutiny given the large privacy risks that arise under it. This version of the bill was never put up for public consultation and is being rushed through without adequate discussion. Even substantively it fails to give accountable privacy safeguards while making Aadhaar mandatory for availing any government subsidy, benefit, or service.</p>
<p>We urge the Union Government to urgently take steps to uphold the constitutional basis to the right to privacy and fulfil it’s constitutional and international obligations. We encourage the Government to have extensive public discussions on the Aadhaar Bill before notifying it. We further call upon them to constitute a drafting committee with members of civil society to draft a comprehensive statute as suggested by the Justice A.P. Shah Committee Report of 2012.</p>
<p>Signatories:</p>
<ul><li>Amber Sinha, the Centre for Internet and Society</li>
<li>Japreet Grewal, the Centre for Internet and Society</li>
<li>Joshita Pai, Centre for Communication Governance, National Law University</li>
<li>Raman Jit Singh Chima, Access Now</li>
<li>Sarvjeet Singh, Centre for Communication Governance, National Law University</li>
<li>Sumandro Chattapadhyay, the Centre for Internet and Society</li>
<li>Sunil Abraham, the Centre for Internet and Society</li>
<li>Vanya Rakesh, the Centre for Internet and Society</li></ul>
<p> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/an-urgent-need-for-the-right-to-privacy'>http://editors.cis-india.org/internet-governance/blog/an-urgent-need-for-the-right-to-privacy</a>
</p>
No publishersumandroUIDBig DataPrivacyInternet GovernanceDigital IndiaAadhaarBiometrics2016-03-17T07:40:12ZBlog EntryAdoption of Standards in Smart Cities - Way Forward for India
http://editors.cis-india.org/internet-governance/blog/adoption-of-standards-in-smart-cities-way-forward-for-india
<b>With a paradigm shift towards the concept of “Smart Cities’ globally, as well as India, such cities have been defined by several international standardization bodies and countries, however, there is no uniform definition adopted globally. The glue that allows infrastructures to link and operate efficiently is standards as they make technologies interoperable and efficient.</b>
<p style="text-align: justify; "><b><a href="http://editors.cis-india.org/internet-governance/blog/adoption-of-standards-in-smart-cities.pdf" class="internal-link">Click here to download the full file</a></b></p>
<p style="text-align: justify; ">Globally, the pace of urbanization is increasing exponentially. The world’s urban population is projected to rise from 3.6 billion to 6.3 billion between 2011 and 2050. A solution for the same has been development of sustainable cities by improving efficiency and integrating infrastructure and services <strong>[1]</strong>. It has been estimated that during the next 20 years, 30 Indians will leave rural India for urban areas every minute, necessitating smart and sustainable cities to accommodate them <strong>[2]</strong>. The Smart Cities Mission of the Ministry of Urban Development was announced in the year 2014, followed by selection of 100 cities in the year 2015 and 20 of them being selected for the first Phase of the project in the year 2016. The Mission <strong>[3]</strong> lists the “core infrastructural elements” that a smart city would incorporate like adequate water supply, assured electricity, sanitation, efficient public transport, affordable housing (especially for the poor), robust IT connectivity and digitisation, e-governance and citizen participation, sustainable environment, safety and security for citizens, health and education.</p>
<p style="text-align: justify; ">With a paradigm shift towards the concept of “Smart Cities’ globally, as well as India, such cities have been defined by several international standardization bodies and countries, however, there is no uniform definition adopted globally. The envisioned modern and smart city promises delivery of high quality services to the citizens and will harness data capture and communication management technologies. The performance of such cities would be monitored on the basis of physical as well as the social structure comprising of smart approaches and solution to utilities and transport.</p>
<p style="text-align: justify; ">The glue that allows infrastructures to link and operate efficiently is standards as they make technologies interoperable and efficient. Interoperability is essential and to ensure smart integration of various systems in a smart city, internationally agreed standards that include technical specifications and classifications must be adhered to. Development of international standards ensure seamless interaction between components from different suppliers and technologies <strong>[4]</strong>.</p>
<p style="text-align: justify; ">Standardized indicators within standards benefit smart cities in the following ways:</p>
<ol style="text-align: justify; ">
<li>
<div style="text-align: justify; ">Effective governance and efficient delivery of services.</div>
</li>
<li>
<div style="text-align: justify; ">International and Local targets, benchmarking and planning.</div>
</li>
<li>
<div style="text-align: justify; ">Informed decision making and policy formulation.</div>
</li>
<li>
<div style="text-align: justify; ">Leverage for funding and recognition in international entities.</div>
</li>
<li>
<div style="text-align: justify; ">Transparency and open data for investment attractiveness.</div>
</li>
<li>
<div style="text-align: justify; ">A reliable foundation for use of big data and the information explosion to assist cities in building core knowledge for city decision-making, and enable comparative insight.</div>
</li>
</ol>
<p style="text-align: justify; ">The adoption of standards for smart cities has been advocated across the world as they are perceived to be an effective tool to foster development of the cities. The Director of the ITU Telecommunication Standardization Bureau Chaesub Lee is of the view that “Smart cities will employ an abundance of technologies in the family of the Internet of Things (IoT) and standards will assist the harmonized implementation of IoT data and applications , contributing to effective horizontal integration of a city’s subsystems” <strong>[5]</strong>.</p>
<h3 style="text-align: justify; ">Smart Cities standards in India</h3>
<p style="text-align: justify; ">National Association of Software and Services Companies (NASSCOM) partnered with Accenture <strong>[6]</strong> to prepare a report called ‘Integrated ICT and Geospatial Technologies Framework for 100 Smart Cities Mission’ <strong>[7]</strong> to explore the role of ICT in developing smart cities <strong>[8]</strong>, after the announcement of the Mission by Indian Government. The report, released in May 2015, lists down 55 global standards, keeping in view several city sub-systems like urban planning, transport, governance, energy, climate and pollution management, etc which could be applicable to the smart cities in India.</p>
<p style="text-align: justify; ">Though NASSCOM is working closely with the Ministry of Urban Development to create a sustainable model for smart cities <strong>[9]</strong>, due to lack of regulatory standards for smart cities, the Bureau of Indian Standards (BIS) in India has undertaken the task to formulate standardised guidelines for central and state authorities in planning, design and construction of smart cities by setting up a technical committee under the Civil engineering department of the Bureau. However, adoption of the standards by implementing agencies would be voluntary and intends to complement internationally available documents in this area <strong>[10]</strong>.</p>
<p style="text-align: justify; ">Developing national standards in line with these international standards would enable interoperability (i.e. devices and systems working together) and provide a roadmap to address key issues like data protection, privacy and other inherent risks in the digital delivery and use of public services in the envisioned smart cities, which call for comprehensive data management standards in India to instill public confidence and trust <strong>[11]</strong>.</p>
<h3 style="text-align: justify; ">Key International Smart Cities Standards</h3>
<p style="text-align: justify; ">Following are the key internationally accepted and recognized Smart Cities standards developed by leading organisations and the national standardization bodies of several countries that India could adopt or develop national standards in line with these.</p>
<h4 style="text-align: justify; ">The International Organization for Standardization (ISO) - Smart Cities Standards</h4>
<p style="text-align: justify; ">ISO is an instrumental body advocating and developing for smart cities to safeguard rights of the people against a liveable and sustainable environment. The ISO Smart Cities Strategic Advisory Group uses the following working definition: A ‘Smart City’ is one that dramatically increases the pace at which it improves its social, economic and environmental (sustainability) outcomes, responding to challenges such as climate change, rapid population growth, and political and economic instability by fundamentally improving how it engages society, how it applies collaborative leadership methods, how it works across disciplines and city systems, and how it uses data information and modern technologies in order to transform services and quality of life for those in and involved with the city (residents, businesses, visitors), now and for the foreseeable future, without unfair disadvantage of others or degradation of the natural environment. [For details see ISO/TMB Smart Cities Strategic Advisory Group Final Report, September 2015 ( ISO Definition, June 2015)].</p>
<p style="text-align: justify; ">The ISO Technical Committee 268 works on standardization in the field of Sustainable Development in Communities <strong>[12]</strong> to encourage the development and implementation of holistic, cross-sector and area-based approaches to sustainable development in communities. The Committee comprises of 3 Working Groups <strong>[13]</strong>:</p>
<ul style="text-align: justify; ">
<li>
<div style="text-align: justify; ">Working Group 1: System Management ISO 37101- This standard sets requirements, guidance and supporting techniques for sustainable development in communities. It is designed to help all kinds of communities manage their sustainability, smartness and resilience to improve the contribution of communities to sustainable development and assess their performance in this area <strong>[14]</strong>.</div>
</li>
<li>
<div style="text-align: justify; ">Working Group 2 : City Indicators- The key Smart Cities Standards developed by ISO TC 268 WG 2 (City Indicators) are:</div>
</li>
</ul>
<h4 style="text-align: justify; ">ISO 37120 Sustainable Development of Communities — Indicators for City Services and Quality of Life</h4>
<p style="text-align: justify; ">One of the key standards and an important step in this regard was ISO 37120:2014 under the ISO’s Technical Committee 268 (See Working on Standardization in the field of Sustainable Development in Communities) providing clearly defined city performance indicators (divided into core and supporting indicators) as a benchmark for city services and quality of life, along with a standard approach for measuring each for city leaders and citizens <strong>[15]</strong>. The standard is global in scope and can help cities prioritize city budgets, improve operational transparency, support open data and applications <strong>[16]</strong>. It follows the principles <strong>[17]</strong> set out and can be used in conjunction with ISO 37101.</p>
<p style="text-align: justify; ">ISO 37120 was the first ISO Standard on Global City Indicators published in the year 2014, developed on the basis of a set of indicators developed and extensively tested by the Global City Indicators Facility (a project by University of Toronto) and its 250+ member cities globally. GCIF is committed to build standardized city indicators for performance management including a database of comparable statistics that allow cities to track their effectiveness on everything from planning and economic growth to transportation, safety and education <strong>[18]</strong>.</p>
<p style="text-align: justify; ">The World Council on City Data (WCCD) <strong>[19]</strong> - a sister organization of the GCI/GCIF - was established in the year 2014 to operationalize ISO 37120 across cities globally. The standards encompasses 100 indicators developed around 17 themes to support city services and quality of life, and is accessible through the WCCD Open City Data Portal which allows for cutting-edge visualizations and comparisons. Indian cities are not yet listed with WCCD <strong>[20]</strong>.</p>
<p style="text-align: justify; ">The indicators are listed under the following heads <strong>[21]</strong>:</p>
<ol style="text-align: justify; ">
<li>
<div style="text-align: justify; ">Economy</div>
</li>
<li>
<div style="text-align: justify; ">Education</div>
</li>
<li>
<div style="text-align: justify; ">Environment</div>
</li>
<li>
<div style="text-align: justify; ">Energy</div>
</li>
<li>
<div style="text-align: justify; ">Finance</div>
</li>
<li>
<div style="text-align: justify; ">Fire and Emergency Responses</div>
</li>
<li>
<div style="text-align: justify; ">Governance</div>
</li>
<li>
<div style="text-align: justify; ">Health</div>
</li>
<li>
<div style="text-align: justify; ">Safety</div>
</li>
<li>
<div style="text-align: justify; ">Shelter</div>
</li>
<li>
<div style="text-align: justify; ">Recreation</div>
</li>
<li>
<div style="text-align: justify; ">Solid Waste</div>
</li>
<li>
<div style="text-align: justify; ">Telecommunication and innovation</div>
</li>
<li>
<div style="text-align: justify; ">Transportation</div>
</li>
<li>
<div style="text-align: justify; ">Urban Planning</div>
</li>
<li>
<div style="text-align: justify; ">Waste water</div>
</li>
<li>
<div style="text-align: justify; ">Water and Sanitation</div>
</li>
</ol>
<p style="text-align: justify; ">This International Standard is applicable to any city, municipality or local government that undertakes to measure its performance in a comparable and verifiable manner, irrespective of size and location or level of development. City indicators have the potential to be used as critical tools for city managers, politicians, researchers, business leaders, planners, designers and other professionals <strong>[22]</strong>. The WCCD forum highlights need for cities to have a set of globally standardized indicators to <strong>[23]</strong>:</p>
<ol style="text-align: justify; ">
<li>
<div style="text-align: justify; ">Manage and make informed decisions through data analysis</div>
</li>
<li>
<div style="text-align: justify; ">Benchmark and target</div>
</li>
<li>
<div style="text-align: justify; ">Leverage Funding with senior levels of government</div>
</li>
<li>
<div style="text-align: justify; ">Plan and establish new frameworks for sustainable urban development</div>
</li>
<li>
<div style="text-align: justify; ">Evaluate the impact of infrastructure projects on the overall performance of a city.</div>
</li>
</ol>
<h4 style="text-align: justify; ">ISO/DTR 37121- Inventory and Review of Existing Indicators on Sustainable Development and Resilience in Cities</h4>
<p style="text-align: justify; ">The second standard under ISO TC 268 WG 2 is ISO 37121, which defines additional indicators related to sustainable development and resilience in cities. Some of the indicators include: Smart Cities, Smart Grid, Economic Resilience, Green Buildings, Political Resilience, Protection of biodiversity, etc. The complete list can be viewed on the Resilient Cities website <strong>[24]</strong>.</p>
<p style="text-align: justify; "><strong>Working Group 3:</strong> Terminology - There are no publicly available documents so far, giving details about the status of the activities of this group. The ISO Technical Committee 268 also includes Sub Committee 1 (Smart Community Infrastructure) <strong>[25]</strong>, comprising of the following Working Groups: 1) WG 1 Infrastructure metrics, and 2) WG 2 Smart Community Infrastructure.</p>
<p style="text-align: justify; ">The key Smart Cities Standards developed by ISO under this are:</p>
<ul style="text-align: justify; ">
<li>
<p style="text-align: justify; "><strong>ISO 37151:2015 Smart community infrastructures — Principles and Requirements for Performance Metrics</strong><br />In the year 2015, a new ISO technical specification for smart cities- 37151:2015 for Principles and requirements for performance metrics was released. The purpose of standardization in the field of smart community infrastructures such as energy, water, transportation, waste, information and communications technology (ICT), etc. is to promote the international trade of community infrastructure products and services and improve sustainability in communities by establishing harmonized product standards <strong>[26]</strong>. The metrics in this standard will support city and community managers in planning and measuring performance, and also compare and select procurement proposals for products and services geared at improving community infrastructures <strong>[27]</strong>. <br />This Technical Specification gives principles and specifies requirements for the definition,identification, optimization, and harmonization of community infrastructure performance metrics, and gives recommendations for analysis, regarding interoperability, safety, security of community infrastructures <strong>[28]</strong>. This new Technical Specification supports the use of the ISO 37120 <strong>[29]</strong>.</p>
</li>
<li>
<p style="text-align: justify; "><strong>ISO/TR 37150:2014 Smart Community Infrastructures - Review of Existing Activities Relevant to Metrics<br /></strong>This standard addresses community infrastructures such as energy, water, transportation, waste and information and communications technology (ICT). Smart community infrastructures take into consideration environmental impact, economic efficiency and quality of life by using information and communications technology (ICT) and renewable energies to achieve integrated management and optimized control of infrastructures. Integrating smart community infrastructures for a community helps improve the lifestyles of its citizens by, for example: reducing costs, increasing mobility and accessibility, and reducing environmental pollutants.<br />ISO/TR 37150 reviews relevant metrics for smart community infrastructures and provides stakeholders with a better understanding of the smart community infrastructures available around the world to help promote international trade of community infrastructure products and give information about leading-edge technologies to improve sustainability in communities <strong>[30]</strong>. This standard, along with the above mentioned standards <strong>[31]</strong> supports the multi-billion dollar smart cities technology industry.</p>
</li>
</ul>
<p style="text-align: justify; ">Several other ISO Working Groups developing standards applicable to smart and sustainable cities have been listed in our website <strong>[32]</strong>.</p>
<h4 style="text-align: justify; ">The International Telecommunications Union (ITU)</h4>
<p style="text-align: justify; ">The ITU is another global body working on development of standards regarding smart cities.</p>
<p style="text-align: justify; ">A study group was formed in the year 2015 to tackle standardization requirements for the Internet of Things, with an initial focus on IoT applications in smart cities to address urban development challenges <strong>[33]</strong>, to enable the coordinated development of IoT technologies, including machine-to-machine communications and ubiquitous sensor networks. The group is titled “ITU-T Study Group 20: IoT and its applications, including smart cities and communities”, established to develop standards that leverage IoT technologies to address urban-development challenges and the mechanisms for the interoperability of IoT applications and datasets employed by various vertically oriented industry sectors <strong>[34]</strong>.</p>
<p style="text-align: justify; ">ITU-T also concluded a focused study group looking at smart sustainable cities in May 2015, acting as an open platform for smart city stakeholders to exchange knowledge in the interests of identifying the standardized frameworks needed to support the integration of ICT services in smart cities. Its parent group is ITU-T Study Group 5, which has agreed on the following definition of a Smart Sustainable City:<br />"A smart sustainable city is an innovative city that uses information and communication technologies (ICTs) and other means to improve quality of life, efficiency of urban operation and services, and competitiveness, while ensuring that it meets the needs of present and future generations with respect to economic, social, environmental as well as cultural aspects".</p>
<h4 style="text-align: justify; ">UK - British Standards Institution</h4>
<p style="text-align: justify; ">Apart from the global standards setting organisations, many countries have been looking at developing standards to address the growth of smart cities across the globe. In the UK, the British Standards Institution (BSI) has been commissioned by the UK Department of Business, Innovation and Skills (BIS) to conceive a Smart Cities Standards Strategy to identify vectors of smart city development where standards are needed. The standards would be developed through a consensus-driven process under the BSI to ensure good practise is shared between all the actors. The BIS launched the City's Standards Institute to bring together cities and key industry leaders and innovators to work together in identifying the challenges facing cities, providing solutions to common problems and defining the future of smart city standards <strong>[35]</strong>.</p>
<ul style="text-align: justify; ">
<li>
<p style="text-align: justify; "><strong>PAS 181</strong> <em><strong>Smart city framework- Guide to establishing strategies for smart cities and communities</strong></em> establishes a good practice framework for city leaders to develop, agree and deliver smart city strategies that can help transform their city’s ability to meet challenges faced in the future and meet the goals. The smart city framework (SCF) does not intend to describe a one-size-fits-all model for the future of UK cities but focuses on the enabling processes by which the innovative use of technology and data, together with organizational change, can help deliver the diverse visions for future UK cities in more efficient, effective and sustainable ways <strong>[36]</strong>.</p>
</li>
<li>
<p style="text-align: justify; "><strong>PD 8101</strong> <em><strong>Smart cities- Guide to the role of the planning and development process</strong></em><em> </em>gives guidance regarding planning for new development for smart city plans and<em> </em>provides an overview of the key issues to be considered and prioritized. The document is for use by local authority planning and regeneration officers to identify good practice in a UK context, and what tools they could use to implement this good practice. This aims to enable new developments to be built in a way that will support smart city aspirations at minimal cost <strong>[37]</strong>.</p>
</li>
<li>
<p style="text-align: justify; "><strong>PAS 182<em> Smart city concept model. Guide to establishing a model for data</em></strong><em> </em>establishes an interoperability framework and data-sharing between agencies for smart cities for the following purposes:</p>
<ol style="text-align: justify; ">
<li>To have a city where information can be shared and understood between organizations and people at each level</li>
<li>The derivation of data in each layer can be linked back to data in the previous layer </li>
<li>The impact of a decision can be observed back in operational data. The smart city concept model (SCCM) provides a framework that can normalize and classify information from many sources so that data sets can be discovered and combined to gain a better picture of the needs and behaviours of a city’s citizens (residents and businesses) to help identify issues and devise solutions. PAS 182 is aimed at organizations that provide services to communities in cities, and manage the resulting data, as well as decision-makers and policy developers in cities <strong>[38]</strong>.</li>
</ol> </li>
<li>
<p style="text-align: justify; "><strong>PAS 180 Smart cities <em>Vocabulary</em></strong> helps build a strong foundation for future standardization and good practices by providing an industry-agreed understanding of smart city terms and definitions to be used in the UK. It provides a working definition of a Smart City- “Smart Cities” is a term denoting the effective integration of physical, digital and human systems in the built environment to deliver a sustainable, prosperous and inclusive future for its citizens <strong>[39]</strong>. This aims to help improve communication and understanding of smart cities by providing a common language for developers, designers, manufacturers and clients. The standard also defines smart city concepts across different infrastructure and systems’ elements used across all service delivery channels and is intended for city authorities and planners, buyers of smart city services and solutions <strong>[40]</strong>, as well as product and service providers.</p>
</li>
</ul>
<p style="text-align: justify; "> </p>
<h3 style="text-align: justify; ">Endnotes</h3>
<p style="text-align: justify; "><strong>[1]</strong> See: <a class="external-link" href="http://www.iec.ch/whitepaper/pdf/iecWP-smartcities-LR-en.pdf">http://www.iec.ch/whitepaper/pdf/iecWP-smartcities-LR-en.pdf</a>.</p>
<p style="text-align: justify; "><strong>[2]</strong> See: <a class="external-link" href="http://www.ibm.com/smarterplanet/in/en/sustainable_cities/ideas/">http://www.ibm.com/smarterplanet/in/en/sustainable_cities/ideas/</a>.</p>
<p style="text-align: justify; "><strong>[3]</strong> See: <a class="external-link" href="http://www.thehindubusinessline.com/economy/smart-cities-mission-welcome-to-tomorrows-world/article8163690.ece">http://www.thehindubusinessline.com/economy/smart-cities-mission-welcome-to-tomorrows-world/article8163690.ece</a>.</p>
<p style="text-align: justify; "><strong>[4]</strong> See: <a class="external-link" href="http://www.iec.ch/whitepaper/pdf/iecWP-smartcities-LR-en.pdf">http://www.iec.ch/whitepaper/pdf/iecWP-smartcities-LR-en.pdf</a>.</p>
<p style="text-align: justify; "><strong>[5]</strong> See: <a class="external-link" href="http://www.iso.org/iso/news.htm?refid=Ref2042">http://www.iso.org/iso/news.htm?refid=Ref2042</a>.</p>
<p style="text-align: justify; "><strong>[6]</strong> See: <a class="external-link" href="http://www.livemint.com/Companies/5Twmf8dUutLsJceegZ7I9K/Nasscom-partners-Accenture-to-form-ICT-framework-for-smart-c.html">http://www.livemint.com/Companies/5Twmf8dUutLsJceegZ7I9K/Nasscom-partners-Accenture-to-form-ICT-framework-for-smart-c.html</a>.</p>
<p style="text-align: justify; "><strong>[7]</strong> See: <a class="external-link" href="http://www.nasscom.in/integrated-ict-and-geospatial-technologies-framework-100-smart-cities-mission">http://www.nasscom.in/integrated-ict-and-geospatial-technologies-framework-100-smart-cities-mission</a>.</p>
<p style="text-align: justify; "><strong>[8]</strong> See: <a class="external-link" href="http://www.cxotoday.com/story/nasscom-creates-framework-for-smart-cities-project/">http://www.cxotoday.com/story/nasscom-creates-framework-for-smart-cities-project/</a>.</p>
<p style="text-align: justify; "><strong>[9]</strong> See: <a class="external-link" href="http://www.livemint.com/Companies/5Twmf8dUutLsJceegZ7I9K/Nasscom-partners-Accenture-to-form-ICT-framework-for-smart-c.html">http://www.livemint.com/Companies/5Twmf8dUutLsJceegZ7I9K/Nasscom-partners-Accenture-to-form-ICT-framework-for-smart-c.html</a>.</p>
<p style="text-align: justify; "><strong>[10]</strong> See: <a class="external-link" href="http://www.business-standard.com/article/economy-policy/in-a-first-bis-to-come-up-with-standards-for-smart-cities-115060400931_1.html">http://www.business-standard.com/article/economy-policy/in-a-first-bis-to-come-up-with-standards-for-smart-cities-115060400931_1.html</a>.</p>
<p style="text-align: justify; "><strong>[11]</strong> See: <a class="external-link" href="http://www.longfinance.net/groups7/viewdiscussion/72-financing-financing-tomorrow-s-cities-how-standards-can-support-the-development-of-smart-cities.html?groupid=3">http://www.longfinance.net/groups7/viewdiscussion/72-financing-financing-tomorrow-s-cities-how-standards-can-support-the-development-of-smart-cities.html?groupid=3</a>.</p>
<p style="text-align: justify; "><strong>[12]</strong> See: <a class="external-link" href="http://www.iso.org/iso/iso_technical_committee?commid=656906">http://www.iso.org/iso/iso_technical_committee?commid=656906</a>.</p>
<p style="text-align: justify; "><strong>[13]</strong> See: <a class="external-link" href="http://cityminded.org/wp-content/uploads/2014/11/Patricia_McCarney_PDF.pdf">http://cityminded.org/wp-content/uploads/2014/11/Patricia_McCarney_PDF.pdf</a>.</p>
<p style="text-align: justify; "><strong>[14]</strong> See: <a class="external-link" href="http://www.iso.org/iso/news.htm?refid=Ref1877">http://www.iso.org/iso/news.htm?refid=Ref1877</a>.</p>
<p style="text-align: justify; "><strong>[15]</strong> See: <a class="external-link" href="http://smartcitiescouncil.com/article/new-iso-standard-gives-cities-common-performance-yardstick">http://smartcitiescouncil.com/article/new-iso-standard-gives-cities-common-performance-yardstick</a>.</p>
<p style="text-align: justify; "><strong>[16]</strong> See: <a class="external-link" href="http://smartcitiescouncil.com/article/dissecting-iso-37120-why-new-smart-city-standard-good-news-cities">http://smartcitiescouncil.com/article/dissecting-iso-37120-why-new-smart-city-standard-good-news-cities</a>.</p>
<p style="text-align: justify; "><strong>[17]</strong> See: <a class="external-link" href="http://www.iso.org/iso/catalogue_detail?csnumber=62436">http://www.iso.org/iso/catalogue_detail?csnumber=62436</a>.</p>
<p style="text-align: justify; "><strong>[18]</strong> See: <a class="external-link" href="http://www.cityindicators.org/">http://www.cityindicators.org/</a>.</p>
<p style="text-align: justify; "><strong>[19]</strong> See: <a class="external-link" href="http://www.dataforcities.org/">http://www.dataforcities.org/</a>.</p>
<p style="text-align: justify; "><strong>[20]</strong> See: <a class="external-link" href="http://news.dataforcities.org/2015/12/world-council-on-city-data-and-hatch.html">http://news.dataforcities.org/2015/12/world-council-on-city-data-and-hatch.html</a>.</p>
<p style="text-align: justify; "><strong>[21]</strong> See: <a class="external-link" href="http://news.dataforcities.org/2015/12/world-council-on-city-data-and-hatch.html">http://news.dataforcities.org/2015/12/world-council-on-city-data-and-hatch.html</a>.</p>
<p style="text-align: justify; "><strong>[22]</strong> See: <a class="external-link" href="http://www.iso.org/iso/37120_briefing_note.pdf">http://www.iso.org/iso/37120_briefing_note.pdf</a>.</p>
<p style="text-align: justify; "><strong>[23]</strong> See: <a class="external-link" href="http://www.dataforcities.org/wccd/">http://www.dataforcities.org/wccd/</a>.</p>
<p style="text-align: justify; "><strong>[24]</strong> See: <a class="external-link" href="http://resilient-cities.iclei.org/fileadmin/sites/resilient-cities/files/Webinar_Series/HERNANDEZ_-_ICLEI_Resilient_Cities_Webinar__FINAL_.pdf">http://resilient-cities.iclei.org/fileadmin/sites/resilient-cities/files/Webinar_Series/HERNANDEZ_-_ICLEI_Resilient_Cities_Webinar__FINAL_.pdf</a>.</p>
<p style="text-align: justify; "><strong>[25]</strong> See: <a class="external-link" href="http://www.iso.org/iso/iso_technical_committee?commid=656967">http://www.iso.org/iso/iso_technical_committee?commid=656967</a>.</p>
<p style="text-align: justify; "><strong>[26]</strong> See: <a class="external-link" href="https://www.iso.org/obp/ui/#iso:std:iso:ts:37151:ed-1:v1:en">https://www.iso.org/obp/ui/#iso:std:iso:ts:37151:ed-1:v1:en</a>.</p>
<p style="text-align: justify; "><strong>[27]</strong> See: <a class="external-link" href="http://www.iso.org/iso/home/news_index/news_archive/news.htm?refid=Ref2001&utm_medium=email&utm_campaign=ISO+Newsletter+November&utm_content=ISO+Newsletter+November+CID_4182720c31ca2e71fa93d7c1f1e66e2f&utm_source=Email%20marketing%20software&utm_term=Read%20more">http://www.iso.org/iso/home/news_index/news_archive/news.htm?refid=Ref2001&utm_medium=email&utm_campaign=ISO+Newsletter+November&utm_content=ISO+Newsletter+November+CID_4182720c31ca2e71fa93d7c1f1e66e2f&utm_source=Email%20marketing%20software&utm_term=Read%20more</a>.</p>
<p style="text-align: justify; "><strong>[28]</strong> See: <a class="external-link" href="http://www.iso.org/iso/37120_briefing_note.pdf">http://www.iso.org/iso/37120_briefing_note.pdf</a>.</p>
<p style="text-align: justify; "><strong>[29]</strong> See: <a class="external-link" href="http://standardsforum.com/isots-37151-smart-cities-metrics/">http://standardsforum.com/isots-37151-smart-cities-metrics/</a>.</p>
<p style="text-align: justify; "><strong>[30]</strong> See: <a class="external-link" href="http://www.iso.org/iso/executive_summary_iso_37150.pdf">http://www.iso.org/iso/executive_summary_iso_37150.pdf</a>.</p>
<p style="text-align: justify; "><strong>[31]</strong> See: <a class="external-link" href="http://standardsforum.com/isots-37151-smart-cities-metrics/">http://standardsforum.com/isots-37151-smart-cities-metrics/</a>.</p>
<p style="text-align: justify; "><strong>[32]</strong> See: <a class="external-link" href="http://cis-india.org/internet-governance/blog/database-on-big-data-and-smart-cities-international-standards">http://cis-india.org/internet-governance/blog/database-on-big-data-and-smart-cities-international-standards</a>.</p>
<p style="text-align: justify; "><strong>[33]</strong> See: <a class="external-link" href="http://smartcitiescouncil.com/article/itu-takes-internet-things-standards-smart-cities">http://smartcitiescouncil.com/article/itu-takes-internet-things-standards-smart-cities</a>.</p>
<p style="text-align: justify; "><strong>[34]</strong> See: <a class="external-link" href="https://www.itu.int/net/pressoffice/press_releases/2015/22.aspx">https://www.itu.int/net/pressoffice/press_releases/2015/22.aspx</a>.</p>
<p style="text-align: justify; "><strong>[35]</strong> See: <a class="external-link" href="http://www.bsigroup.com/en-GB/smart-cities/">http://www.bsigroup.com/en-GB/smart-cities/</a>.</p>
<p style="text-align: justify; "><strong>[36]</strong> See: <a class="external-link" href="http://www.bsigroup.com/en-GB/smart-cities/Smart-Cities-Standards-and-Publication/PAS-181-smart-cities-framework/">http://www.bsigroup.com/en-GB/smart-cities/Smart-Cities-Standards-and-Publication/PAS-181-smart-cities-framework/</a>.</p>
<p style="text-align: justify; "><strong>[37]</strong> See: <a class="external-link" href="http://www.bsigroup.com/en-GB/smart-cities/Smart-Cities-Standards-and-Publication/PD-8101-smart-cities-planning-guidelines/">http://www.bsigroup.com/en-GB/smart-cities/Smart-Cities-Standards-and-Publication/PD-8101-smart-cities-planning-guidelines/</a>.</p>
<p style="text-align: justify; "><strong>[38]</strong> See: <a class="external-link" href="http://www.bsigroup.com/en-GB/smart-cities/Smart-Cities-Standards-and-Publication/PAS-182-smart-cities-data-concept-model/">http://www.bsigroup.com/en-GB/smart-cities/Smart-Cities-Standards-and-Publication/PAS-182-smart-cities-data-concept-model/</a>.</p>
<p style="text-align: justify; "><strong>[39]</strong> See: <a class="external-link" href="http://www.iso.org/iso/smart_cities_report-jtc1.pdf">http://www.iso.org/iso/smart_cities_report-jtc1.pdf</a>.</p>
<p style="text-align: justify; "><strong>[40]</strong> See: <a class="external-link" href="http://www.bsigroup.com/en-GB/smart-cities/Smart-Cities-Standards-and-Publication/PAS-180-smart-cities-terminology/">http://www.bsigroup.com/en-GB/smart-cities/Smart-Cities-Standards-and-Publication/PAS-180-smart-cities-terminology/</a>.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/adoption-of-standards-in-smart-cities-way-forward-for-india'>http://editors.cis-india.org/internet-governance/blog/adoption-of-standards-in-smart-cities-way-forward-for-india</a>
</p>
No publishervanyaOpen StandardsBig DataOpen DataInternet GovernanceSmart Cities2016-04-11T03:04:46ZBlog EntryAadhaar Bill 2016 Evaluated against the National Privacy Principles
http://editors.cis-india.org/internet-governance/aadhaar-bill-2016-evaluated-against-the-national-privacy-principles
<b>In this infographic, we evaluate the privacy provisions of the Aadhaar Bill 2016 against the national privacy principles developed by the Group of Experts on Privacy led by the Former Chief Justice A.P. Shah in 2012. The infographic is based on Vipul Kharbanda’s article 'Analysis of Aadhaar Act in the Context of A.P. Shah Committee Principles,' and is designed by Pooja Saxena, with inputs from Amber Sinha.</b>
<p> </p>
<h4>Download the infographic: <a href="https://github.com/cis-india/website/raw/master/infographics/CIS_Aadhaar-2016-Vs-Privacy-Principles_v.1.0.pdf">PDF</a> and <a href="https://github.com/cis-india/website/raw/master/infographics/CIS_Aadhaar-2016-Vs-Privacy-Principles_v.1.0.png">PNG</a>.</h4>
<p> </p>
<p><strong>License:</strong> It is shared under Creative Commons <a href="https://creativecommons.org/licenses/by/4.0/">Attribution 4.0 International</a> License.</p>
<p> </p>
<img src="https://github.com/cis-india/website/raw/master/infographics/CIS_Aadhaar-2016-Vs-Privacy-Principles_v.1.0.png" alt="Aadhaar Bill 2016 Evaluated against the National Privacy Principles" />
<p> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/aadhaar-bill-2016-evaluated-against-the-national-privacy-principles'>http://editors.cis-india.org/internet-governance/aadhaar-bill-2016-evaluated-against-the-national-privacy-principles</a>
</p>
No publisherPooja Saxena and Amber SinhaUIDBig DataPrivacyInternet GovernanceInfographicDigital IndiaAadhaarBiometrics2016-03-21T08:38:34ZBlog EntryAadhaar Bill 2016 & NIAI Bill 2010 - Comparing the Texts
http://editors.cis-india.org/internet-governance/blog/aadhaar-bill-2016-niai-bill-2010-text-comparison
<b>This is a quick comparison of the texts of the Aadhaar Bill 2016 and the National Identification Authority of India Bill 2010. The new sections in the former are highlighed, and the deleted sections (that were part of the latter) are struck out.</b>
<p> </p>
<iframe src="http://cis-india.github.io/aadhaar-bill-2016/" frameborder="0" height="500px" width="100%"> </iframe>
<p> </p>
<p>Source: <a href="http://cis-india.github.io/aadhaar-bill-2016/">http://cis-india.github.io/aadhaar-bill-2016/</a></p>
<p> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/aadhaar-bill-2016-niai-bill-2010-text-comparison'>http://editors.cis-india.org/internet-governance/blog/aadhaar-bill-2016-niai-bill-2010-text-comparison</a>
</p>
No publishersumandroUIDAadhaarBig DataPrivacy2016-03-09T11:25:01ZBlog EntryA Review of the Policy Debate around Big Data and Internet of Things
http://editors.cis-india.org/internet-governance/blog/review-of-policy-debate-around-big-data-and-internet-of-things
<b>This blog post seeks to review and understand how regulators and experts across jurisdictions are reacting to Big Data and Internet of Things (IoT) from a policy perspective.</b>
<h3>Defining and Connecting Big Data and Internet of Things</h3>
<p style="text-align: justify; ">The Internet of Things is a term that refers to networked objects and systems that can connect to the internet and can transmit and receive data. Characteristics of IoT include the gathering of information through sensors, the automation of functions, and analysis of collected data.[1] For IoT devices, because of the <i>velocity</i> at which data is generated, the <i>volume</i> of data that is generated, and the <i>variety</i> of data generated by different sources [2] - IoT devices can be understood as generating Big Data and/or relying on Big Data analytics. In this way IoT devices and Big Data are intrinsically interconnected.</p>
<h3>General Implications of Big Data and Internet of Things</h3>
<p style="text-align: justify; ">Big Data paradigms are being adopted across countries, governments, and business sectors because of the potential insights and change that it can bring. From improving an organizations business model, facilitating urban development, allowing for targeted and individualized services, and enabling the prediction of certain events or actions - the application of Big Data has been recognized as having the potential to bring about dramatic and large scale changes.</p>
<p style="text-align: justify; ">At the same time, experts have identified risks to the individual that can be associated with the generation, analysis, and use of Big Data. In May 2014, the White House of the United States completed a ninety day study of how big data will change everyday life. The Report highlights the potential of Big Data as well as identifying a number of concerns associated with Big Data. For example: the selling of personal data, identification or re-identification of individuals, profiling of individuals, creation and exacerbation of information asymmetries, unfair, discriminating, biased, and incorrect decisions based on Big Data analytics, and lack of or misinformed user consent.[3] Errors in Big Data analytics that experts have identified include statistical fallacies, human bias, translation errors, and data errors.[4] Experts have also discussed fundamental changes that Big Data can bring about. For example, Danah Boyd and Kate Crawford in the article <i>"Critical Questions for Big Data: Provocations for a cultural, technological, and scholarly phenomenon"</i> propose that Big Data can change the definition of knowledge and shape the reality it measures.[5] Similarly, a BSC/Oxford Internet Institute conference report titled " <i>The Societal Impact of the Internet of Things</i>" points out that often users of Big Data assume that information and conclusions based on digital data is reliable and in turn replace other forms of information with digital data.[6]</p>
<p style="text-align: justify; ">Concerns that have been voiced by the Article 29 Working Party and others specifically about IoT devices have included insufficient security features built into devices such as encryption, the reliance of the devices on wireless communications, data loss from infection by malware or hacking, unauthorized access and use of personal data, function creep resulting from multiple IoT devices being used together, and unlawful surveillance.[7]</p>
<h3>Regulation of Big Data and Internet of Things</h3>
<p style="text-align: justify; ">The regulation of Big Data and IoT is currently being debated in contexts such as the US and the EU. Academics, civil society, and regulators are exploring questions around the adequacy of present regulation and overseeing frameworks to address changes brought about Big Data, and if not - what forms of or changes in regulation are needed? For example, Kate Crawford and Jason Shultz in the article <i>"Big Data and Due Process: Towards a Framework to Redress Predictive Privacy Harms"</i>stress the importance of bringing in 'data due process rights' i.e ensuring fairness in the analytics of Big Data and how personal information is used.[8] While Solon Barocas and Andrew Selbst in the article <i>"Big Data's Disparate Impact"</i> explore if present anti-discrimination legislation and jurisprudence in the US is adequate to protect against discrimination arising from Big Data practices - specifically data mining.[9]</p>
<p><strong>The Impact of Big Data and IoT on Data Protection Principles</strong></p>
<p style="text-align: justify; ">In the context of data protection, various government bodies, including the Article 29 Data Protection Working Party set up under the Directive 95/46/EC of the European Parliament, the Council of Europe, the European Commission, and the Federal Trade Commission, as well as experts and academics in the field, have called out at least ten different data protection principles and concepts that Big Data impacts:</p>
<ol>
<li style="text-align: justify; "><strong>Collection Limitation:</strong> As a result of the generation of Big Data as enabled by networked devices, increased capabilities to analyze Big Data, and the prevalent use of networked systems - the principle of collection limitation is changing.[10]</li>
<li><strong>Consent: </strong>As a result of the use of data from a wide variety of sources and the re-use of data which is inherent in Big Data practices - notions of informed consent (initial and secondary) are changing.[11]</li>
<li><strong>Data Minimization:</strong> As a result of Big Data practices inherently utilizing all data possible - the principle of data minimization is changing/obsolete.[12]</li>
<li><strong>Notice:</strong> As a result of Big Data practices relying on vast amounts of data from numerous sources and the re-use of that data - the principle of notice is changing.[13]</li>
<li><strong>Purpose Limitation:</strong> As a result of Big Data practices re-using data for multiple purposes - the principle of purpose limitation is changing/obsolete.[14]</li>
<li><strong>Necessity: </strong>As a result of Big Data practices re-using data, the new use or re-analysis of data may not be pertinent to the purpose that was initially specified- thus the principle of necessity is changing.[15]</li>
<li><strong>Access and Correction:</strong> As a result of Big Data being generated (and sometimes published) at scale and in real time - the principle of user access and correction is changing.[16]</li>
<li><strong>Opt In and Opt Out Choices: </strong>Particularly in the context of smart cities and IoT which collect data on a real time basis, often without the knowledge of the individual, and for the provision of a service - it may not be easy or possible for individuals to opt in or out of the collection of their data.[17]</li>
<li><strong>PI:</strong> As a result of Big Data analytics using and analyzing a wide variety of data, new or unexpected forms of personal data may be generated - thus challenging and evolving beyond traditional or specified definitions of personal information.[18]</li>
<li><strong>Data Controller:</strong> In the context of IoT, given the multitude of actors that can collect, use and process data generated by networked devices, the traditional understanding of what and who is a data controller is changing.[19]</li>
</ol>
<h3 style="text-align: justify; ">Possible Technical and Policy Solutions</h3>
<p style="text-align: justify; ">In a Report titled "<i>Internet of Things: Privacy & Security in a Connected World</i>" by the Federal Trade Commission in the United States it was noted that though IoT changes the application and understanding of certain privacy principles, it does not necessarily make them obsolete.[20] Indeed many possible solutions that have been suggested to address the challenges posed by IoT and Big Data are technical interventions at the device level rather than fundamental policy changes. For example it has been proposed that IoT devices can be programmed to:</p>
<ul>
<li>Automatically delete data after a specified period of time [21] (addressing concerns of data retention)</li>
<li>Ensure that personal data is not fed into centralized databases on an automatic basis [22] (addressing concerns of transfer and sharing without consent, function creep, and data breach)</li>
<li style="text-align: justify; ">Offer consumers combined choices for consent rather than requiring a one time blanket consent at the time of initiating a service or taking fresh consent for every change that takes place while a consumer is using a service. [23] (addressing concerns of informed and meaningful consent)</li>
<li style="text-align: justify; ">Categorize and tag data with accepted uses and programme automated processes to flag when data is misused. [24] (addressing concerns of misuse of data)</li>
<li style="text-align: justify; ">Apply 'sticky policies' - policies that are attached to data and define appropriate uses of the data as it 'changes hands' [25] (addressing concerns of user control of data)</li>
<li style="text-align: justify; ">Allow for features to only be turned on with consent from the user [26] (addressing concerns of informed consent and collection without the consent or knowledge of the user)</li>
<li>Automatically convert raw personal data to aggregated data [27] (addressing concerns of misuse of personal data and function creep)</li>
<li>Offer users the option to delete or turn off sensors [28] (addressing concerns of user choice, control, and consent)</li>
</ul>
<p style="text-align: justify; ">Such solutions place the designers and manufacturers of IoT devices in a critical role. Yet some, such as Kate Crawford and Jason Shultz are not entirely optimistic about the possibility of effective technological solutions - noting in the context of automated decision making that it is difficult to build in privacy protections as it is unclear when an algorithm will predict personal information about an individual.[29]</p>
<p>Experts have also suggested that more emphasis should be placed on the principles and practices of:</p>
<ul>
<li>Transparency,</li>
<li> Access and correction,</li>
<li>Use/misuse</li>
<li>Breach notification</li>
<li>Remedy</li>
<li>Ability to withdraw consent</li>
</ul>
<p style="text-align: justify; ">Others have recommended that certain privacy principles need to be adapted to the Big Data/IoT context. For example, the Article 29 Working Party has clarified that in the context of IoT, consent mechanisms need to include the types of data collected, the frequency of data collection, as well as conditions for data collection.[30] While the Federal Trade Commission has warned that adopting a pure "use" based model has its limitations as it requires a clear (and potentially changing) definition of what use is acceptable and what use is not acceptable, and it does not address concerns around the collection of sensitive personal information.[31] In addition to the above, the European Commission has stressed that the right of deletion, the right to be forgotten, and data portability also need to be foundations of IoT systems and devices.[32]</p>
<h3>Possible Regulatory Frameworks</h3>
<p style="text-align: justify; ">To the question - are current regulatory frameworks adequate and is additional legislation needed, the FTC has recommended that though a specific IoT legislation may not be necessary, a horizontal privacy legislation would be useful as sectoral legislation does not always account for the use, sharing, and reuse of data across sectors. The FTC also highlighted the usefulness of privacy impact assessments and self regulatory steps to ensure privacy.[33] The European Commission on the other hand has concluded that to ensure enforcement of any standard or protocol - hard legal instruments are necessary.[34] As mentioned earlier, Kate Crawford and Jason Shultz have argued that privacy regulation needs to move away from principles on collection, specific use, disclosure, notice etc. and focus on elements of due process around the use of Big Data - as they say "procedural data due process". Such due process should be based on values instead of defined procedures and should include at the minimum notice, hearing before an independent arbitrator, and the right to review. Crawford and Shultz more broadly note that there are conceptual differences between privacy law and big data that pose as serious challenges i.e privacy law is based on causality while big data is a tool of correlation. This difference raises questions about how effective regulation that identifies certain types of information and then seeks to control the use, collection, and disclosure of such information will be in the context of Big Data – something that is varied and dynamic. According to Crawford and Shultz many regulatory frameworks will struggle with this difference – including the FTC's Fair Information Privacy Principles and the EU regulation including the EU's right to be forgotten.[35] The European Data Protection Supervisor on the other hand looks at Big Data as spanning the policy areas of data protection, competition, and consumer protection – particularly in the context of 'free' services. The Supervisor argues that these three areas need to come together to develop ways in which the challenges of Big Data can be addressed. For example, remedy could take the form of data portability – ensuring users the ability to move their data to other service providers empowering individuals and promoting competitive market structures or adopting a 'compare and forget' approach to data retention of customer data. The Supervisor also stresses the need to promote and treat privacy as a competitive advantage, thus placing importance on consumer choice, consent, and transparency.[36] The European Data Protection reform has been under discussion and it is predicted to be enacted by the end of 2015. The reform will apply across European States and all companies operating in Europe. The reform proposes heavier penalties for data breaches, seeks to provide users with more control of their data.[37] Additionally, Europe is considering bringing digital platforms under the Network and Information Security Directive – thus treating companies like Google and Facebook as well as cloud providers and service providers as a critical sector. Such a move would require companies to adopt stronger security practices and report breaches to authorities.[38]</p>
<h3>Conclusion</h3>
<p style="text-align: justify; ">A review of the different opinions and reactions from experts and policy makers demonstrates the ways in which Big Data and IoT are changing traditional forms of protection that governments and societies have developed to protect personal data as it increases in value and importance. While some policy makers believe that big data needs strong legislative regulation and others believe that softer forms of regulation such as self or co-regulation are more appropriate, what is clear is that Big Data is either creating a regulatory dilemma– with policy makers searching for ways to control the unpredictable nature of big data through policy and technology through the merging of policy areas, the honing of existing policy mechanisms, or the broadening of existing policy mechanisms - while others are ignoring the change that Big Data brings with it and are forging ahead with its use.</p>
<p style="text-align: justify; ">Answering the 'how do we regulate Big Data” question requires <strong>re-conceptualization of data ownership and realities</strong>. Governments need to first recognize the criticality of their data and the data of their citizens/residents, as well as the contribution to a country's economy and security that this data plays. With the technologies available now, and in the pipeline, data can be used or misused in ways that will have vast repercussions for individuals, society, and a nation. All data, but especially data directly or indirectly related to citizens and residents of a country, needs to be looked upon as owned by the citizens and the nation. In this way, data should be seen as a part of <strong>critical</strong> <strong>national infrastructure of a nation, </strong>and accorded the security, protections, and legal backing thereof to <strong>prevent the misuse of the resource by the private or public sectors, local or foreign governments</strong>. This could allow for local data warehousing and bring physical and access security of data warehouses on par with other critical national infrastructure. Recognizing data as a critical resource answers in part the concern that experts have raised – that Big Data practices make it impossible for data to be categorized as personal and thus afforded specified forms of protection due to the unpredictable nature of big data. Instead – all data is now recognized as critical.</p>
<p style="text-align: justify; ">In addition to being able to generate personal data from anonymized or non-identifiable data, big data also challenges traditional divisions of public vs. private data. Indeed Big Data analytics can take many public data points and derive a private conclusion. The use of Big Data analytics on public data also raises questions of consent. For example, though a license plate is public information – should a company be allowed to harvest license plate numbers, combine this with location, and sell this information to different interested actors? This is currently happening in the United States.[39] Lastly, Big Data raises questions of ownership. A solution to the uncertainty of public vs. private data and associated consent and ownership could be the creation a <strong>National Data Archive</strong> with such data. The archive could function with representation from the government, public and private companies, and civil society on the board. In such a framework, for example, companies like Airtel would provide mobile services, but the CDRs and customer data collected by the company would belong to the National Data Archive and be available to Airtel and all other companies within a certain scope for use. This 'open data' approach could enable innovation through the use of data but within the ambit of national security and concerns of citizens – a framework that could instill trust in consumers and citizens. Only when backed with strong security requirements, enforcement mechanisms and a proactive, responsive and responsible framework can governments begin to think about ways in which Big Data can be harnessed.</p>
<hr />
<p style="text-align: justify; ">[1] BCS - The Chartered Institute for IT. (2013). The Societal Impact of the Internet of Things. Retrieved May 17, 2015, from http://www.bcs.org/upload/pdf/societal-impact-report-feb13.pdf</p>
<p style="text-align: justify; "><i>[2] Sicular, S. (2013, March 27). Gartner’s Big Data Definition Consists of Three Parts, Not to Be Confused with Three “V”s. Retrieved May 20, 2015, from http://www.forbes.com/sites/gartnergroup/2013/03/27/gartners-big-data-definition-consists-of-three-parts-not-to-be-confused-with-three-vs/</i></p>
<p style="text-align: justify; ">[3] Executive Office of the President. “Big Data: Seizing Opportunities, Preserving Values”. May 2014. Available at: <a href="https://www.whitehouse.gov/sites/default/files/docs/big_data_privacy_report_5.1.14_final_print.pdf">https://www.whitehouse.gov/sites/default/files/docs/big_data_privacy_report_5.1.14_final_print.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[4] Moses, B., Lyria, & Chan, J. (2014). Using Big Data for Legal and Law Enforcement Decisions: Testing the New Tools (SSRN Scholarly Paper No. ID 2513564). Rochester, NY: Social Science Research Network. Retrieved from http://papers.ssrn.com/abstract=2513564</p>
<p style="text-align: justify; ">[5] Danah Boyd, Kate Crawford. <a href="http://www.tandfonline.com/doi/abs/10.1080/1369118X.2012.678878">CRITICAL QUESTIONS FOR BIG DATA</a>. In<a href="http://www.tandfonline.com/toc/rics20/15/5">formation, Communication & Society </a> Vol. 15, Iss. 5, 2012. Available at: <a href="http://www.tandfonline.com/doi/full/10.1080/1369118X.2012.678878">http://www.tandfonline.com/doi/full/10.1080/1369118X.2012.678878</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[6] The Chartered Institute for IT, Oxford Internet Institute, University of Oxford. “The Societal Impact of the Internet of Things” February 2013. Available at: <a href="http://www.bcs.org/upload/pdf/societal-impact-report-feb13.pdf">http://www.bcs.org/upload/pdf/societal-impact-report-feb13.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[7] ARTICLE 29 Data Protection Working Party. (2014). <i>Opinion 8/2014 on the on Recent Developments on the Internet of Things.</i> European Commission. Retrieved May 20, 2015, from http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</p>
<p style="text-align: justify; ">[8] Crawford, K., & Schultz, J. (2013). Big Data and Due Process: Toward a Framework to Redress Predictive Privacy Harms (SSRN Scholarly Paper No. ID 2325784). Rochester, NY: Social Science Research Network. Retrieved from http://papers.ssrn.com/abstract=2325784</p>
<p style="text-align: justify; ">[9] Barocas, S., & Selbst, A. D. (2015). Big Data’s Disparate Impact (SSRN Scholarly Paper No. ID 2477899). Rochester, NY: Social Science Research Network. Retrieved from http://papers.ssrn.com/abstract=2477899</p>
<p style="text-align: justify; ">[10] Barocas, S., & Selbst, A. D. (2015). Big Data’s Disparate Impact (SSRN Scholarly Paper No. ID 2477899). Rochester, NY: Social Science Research Network. Retrieved from http://papers.ssrn.com/abstract=2477899</p>
<p style="text-align: justify; ">[11] Article 29 Data Protection Working Party. “Opinion 8/2014 on the on Recent Developments on the Internet of Things”. September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">h</a><a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">ttp://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[12] Tene, O., & Polonetsky, J. (2013). Big Data for All: Privacy and User Control in the Age of Analytics. Northwestern Journal of Technology and Intellectual Property, 11(5), 239.</p>
<p style="text-align: justify; ">[13] Omer Tene and Jules Polonetsky, <i>Big Data for All: Privacy and User Control in the Age of Analytics</i>, 11 Nw. J. Tech. & Intell. Prop. 239 (2013).</p>
<p style="text-align: justify; ">[14] Article 29 Data Protection Working Party. “Opinion 8/2014 on the on Recent Developments on the Internet of Things”. September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">h</a><a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">ttp://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[15] Information Commissioner's Office. (2014). Big Data and Data Protection. Infomation Commissioner's Office. Retrieved May 20, 2015, from https://ico.org.uk/media/for-organisations/documents/1541/big-data-and-data-protection.pdf</p>
<p style="text-align: justify; ">[16] Article 29 Data Protection Working Party. “Opinion 8/2014 on the on Recent Developments on the Internet of Things”. September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">h</a><a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">ttp://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[17] The Chartered Institute for IT and Oxford Internet Institute, University of Oxford. “The Societal Impact of the Internet of Things”. February 14<sup>th</sup> 2013. Available at: <a href="http://www.bcs.org/upload/pdf/societal-impact-report-feb13.pdf">http://www.bcs.org/upload/pdf/societal-impact-report-feb13.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[18] Kate Crawford and Jason Shultz, “Big Data and Due Process: Towards a Framework to Redress Predictive Privacy Harms”. Boston College Law Review, Volume 55, Issue 1, Article 4. January 1st 2014. Available at: <a href="http://lawdigitalcommons.bc.edu/cgi/viewcontent.cgi?article=3351&context=bclr">http://lawdigitalcommons.bc.edu/cgi/viewcontent.cgi?article=3351&context=bclr</a>. Accessed: July 2nd 2015.</p>
<p style="text-align: justify; ">[19] Article 29 Data Protection Working Party “Opinion 8/2014 on the on Recent Developments on the Internet of Things” September 16th 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2nd 2015.</p>
<p style="text-align: justify; ">[20] Federal Trade Commission. (2015). <i>Internet of Things: Privacy & Security in a Connected World.</i> Federal Trade Commision. Retrieved May 20, 2015, from https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf</p>
<p style="text-align: justify; ">[21] Federal Trade Commission. (2015). <i>Internet of Things: Privacy & Security in a Connected World.</i> Federal Trade Commision. Retrieved May 20, 2015, from https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf</p>
<p style="text-align: justify; ">[22] Federal Trade Commission. (2015). <i>Internet of Things: Privacy & Security in a Connected World.</i> Federal Trade Commision. Retrieved May 20, 2015, from https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf</p>
<p style="text-align: justify; ">[23] Federal Trade Commission. (2015). <i>Internet of Things: Privacy & Security in a Connected World.</i> Federal Trade Commision. Retrieved May 20, 2015, from https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf</p>
<p style="text-align: justify; ">[24] Federal Trade Commission. (2015). <i>Internet of Things: Privacy & Security in a Connected World.</i> Federal Trade Commision. Retrieved May 20, 2015, from https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf</p>
<p style="text-align: justify; ">[25] Article 29 Data Protection Working Party “Opinion 8/2014 on the on Recent Developments on the Internet of Things” September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[26] Article 29 Data Protection Working Party “Opinion 8/2014 on the on Recent Developments on the Internet of Things” September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[27] Article 29 Data Protection Working Party “Opinion 8/2014 on the on Recent Developments on the Internet of Things” September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[28] Article 29 Data Protection Working Party “Opinion 8/2014 on the on Recent Developments on the Internet of Things” September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[29] Kate Crawford and Jason Shultz, “Big Data and Due Process: Towards a Framework to Redress Predictive Privacy Harms”. Boston College Law Review, Volume 55, Issue 1, Article 4. January 1st 2014. Available at: <a href="http://lawdigitalcommons.bc.edu/cgi/viewcontent.cgi?article=3351&context=bclr">http://lawdigitalcommons.bc.edu/cgi/viewcontent.cgi?article=3351&context=bclr</a>. Accessed: July 2nd 2015.</p>
<p style="text-align: justify; ">[30] Article 29 Data Protection Working Party “Opinion 8/2014 on the on Recent Developments on the Internet of Things” September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[31] Federal Trade Commission. (2015). <i>Internet of Things: Privacy & Security in a Connected World.</i> Federal Trade Commission. Retrieved May 20, 2015, from https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf</p>
<p style="text-align: justify; ">[32] Article 29 Data Protection Working Party “Opinion 8/2014 on the on Recent Developments on the Internet of Things” September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[33] Federal Trade Commission. (2015). <i>Internet of Things: Privacy & Security in a Connected World.</i> Federal Trade Commission. Retrieved May 20, 2015, from https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf</p>
<p style="text-align: justify; ">[34] Article 29 Data Protection Working Party “Opinion 8/2014 on the on Recent Developments on the Internet of Things” September 16<sup>th</sup> 2014. Available at: <a href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf">http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp223_en.pdf</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[35] Kate Crawford and Jason Shultz, “Big Data and Due Process: Towards a Framework to Redress Predictive Privacy Harms”. Boston College Law Review, Volume 55, Issue 1, Article 4. January 1<sup>st</sup> 2014. Available at: <a href="http://lawdigitalcommons.bc.edu/cgi/viewcontent.cgi?article=3351&context=bclr">http://lawdigitalcommons.bc.edu/cgi/viewcontent.cgi?article=3351&context=bclr</a>. Accessed: July 2<sup>nd</sup> 2015.</p>
<p style="text-align: justify; ">[36] European Data Protection Supervisor. Preliminary Opinion of the European Data Protection Supervisor, Privacy and competitiveness in the age of big data: the interplay between data protection, competition law and consumer protection in the Digital Economy. March 2014. Available at: https://secure.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2014/14-03-26_competitition_law_big_data_EN.pdf</p>
<p style="text-align: justify; ">[37] SC Magazine. Harmonised EU data protection and fines by the end of the year. June 25<sup>th</sup> 2015. Available at: <a href="http://www.scmagazineuk.com/harmonised-eu-data-protection-and-fines-by-the-end-of-the-year/article/422740/">http://www.scmagazineuk.com/harmonised-eu-data-protection-and-fines-by-the-end-of-the-year/article/422740/</a>. Accessed: August 8<sup>th</sup> 2015.</p>
<p style="text-align: justify; ">[38] Tom Jowitt, “Digital Platforms to be Included in EU Cybersecurity Law”. TechWeek Europe. August 7<sup>th</sup> 2015. Available at: http://www.techweekeurope.co.uk/e-regulation/digital-platforms-eu-cybersecuity-law-174415</p>
<p style="text-align: justify; ">[39] Adam Tanner. Data Brokers are now Selling Your Car's Location for $10 Online. July 10<sup>th</sup> 2013. Available at: http://www.forbes.com/sites/adamtanner/2013/07/10/data-broker-offers-new-service-showing-where-they-have-spotted-your-car/</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/review-of-policy-debate-around-big-data-and-internet-of-things'>http://editors.cis-india.org/internet-governance/blog/review-of-policy-debate-around-big-data-and-internet-of-things</a>
</p>
No publisherelonnaiInternet GovernanceBig Data2015-08-17T08:36:18ZBlog Entry#NAMAprivacy: Data standards for IoT and home automation systems
http://editors.cis-india.org/internet-governance/news/medianama-october-18-2017-namaprivacy-data-standards-for-iot
<b>On 5th October, MediaNama held a #NAMAprivacy conference in Bangalore focused on Privacy in the context of Artificial Intelligence, Internet of Things (IoT) and the issue of consent, supported by Google, Amazon, Mozilla, ISOC, E2E Networks and Info Edge, with community partners HasGeek and Takshashila Institution. Part 1 of the notes from the discussion on IoT:</b>
<p style="text-align: justify; ">Link to the original published by Medianama on October 18 <a class="external-link" href="https://www.medianama.com/2017/10/223-namaprivacy-data-standards-for-iot/">here</a></p>
<hr />
<p style="text-align: justify; ">The second session of the #NAMAprivacy in Bangalore dealt with the data privacy in the Internet of Things (IoT) framework. All three panelists for the session – <b>Kiran Jonnalagadda from HasGeek, Vinayak Hegde, a big data consultant working with ZoomCar and Rohini Lakshane a policy researcher from CIS</b> – said that they were scared about the spread of IoT at the moment. This led to a discussion on the standards which will apply to IoT, still nascent at this stage, and how it could include privacy as well.</p>
<div class="pBFsgLLI" style="text-align: justify; ">
<div align="center">
<div id="div-gpt-ad-1506358046991-0"></div>
</div>
</div>
<p style="text-align: justify; "><img class="size-full wp-image-176794 aligncenter" height="501" src="https://i2.wp.com/www.medianama.com/wp-content/uploads/IOT-panel-Namaprivacy-e1508321963437.jpg?resize=750%2C501&ssl=1" width="750" /></p>
<div class="gCmHYOrN" style="text-align: justify; "></div>
<p style="text-align: justify; ">Hedge, a volunteer with the Internet Engineering Task Force (IETF) which was instrumental in developing internet protocols and standards such as DNS, TCP/IP and HTTP, said that IETF took a political stand recently when it came to privacy. “One of the discussions in the IETF was whether security is really important? For a long time, the pendulum swung the other way and said that it’s important and that it’s not big enough a trade-off until the bomb dropped with the Snowden revelations. <b>The IETF has always avoided taking any political stance. But for the first time, they did take a political position and they published a request for comments which said: “Pervasive monitoring is an attack on the Internet” and that has become a guiding standard for developing the standards,</b>” he explained.</p>
<p style="text-align: justify; ">He added that this led the development of new standards which took privacy into consideration by default.</p>
<blockquote style="text-align: justify; ">
<p>“The repercussions has been pervasive across all the layers of the stack whether it is DNS and the development of DNS Sec. The next version of HTTP, does not actually mandate encryption but if you look at all the implementation on the browser side, all of them without exception have incorporated encryption,” he added.</p>
</blockquote>
<p style="text-align: justify; "><img class="size-full wp-image-176747 aligncenter" height="500" src="https://i2.wp.com/www.medianama.com/wp-content/uploads/NAMA-Data-Protection-Bangalore-93-e1508322824147.jpg?resize=750%2C500&ssl=1" width="750" /></p>
<p style="text-align: justify; ">Rohini added that discussion around the upcoming 5G standard, where large-scale IoT will be deployed, also included increased emphasis on privacy. “It is essentially a lot of devices connected to the Internet and talking to each other and the user. The standards for security and privacy for 5G are being built and some of them are in the process of discussion. Different standard-setting bodies have been working on them and there is a race of sorts for setting them up by stakeholders, technology companies, etc to get their tech into the standard,” she said.</p>
<p style="text-align: justify; ">“<b>The good thing about those is that they will have time to get security and privacy. Here, I would like to mention <a href="https://ict-rerum.eu/">RERUM</a> which is formed from a mix of letters which stands for Reliable, Resilient, and Secure IoT for smart cities being piloted in the EU. </b>It essentially believes that security should include reliability and privacy by design. This pilot project was thought to allow IoT applications to consider security and privacy mechanisms early in the design, so that they could balance reliability. Because once a standard is out or a mechanism is out, and you implement something as large as a smart city, it is very difficult to retrofit these considerations,” she explained.</p>
<p style="text-align: justify; "><img class="size-full wp-image-176796 aligncenter" height="499" src="https://i2.wp.com/www.medianama.com/wp-content/uploads/Rohini-Lakshane-CIS-Namaprivacy-e1508322694320.jpg?resize=750%2C499&ssl=1" width="750" /></p>
<h2 style="text-align: justify; ">Privacy issues in home automation and IoT</h2>
<p style="text-align: justify; ">Rohini pointed out a report which illustrates the staggering amount of data collection which will be generated by home automation. “I was looking for figures, and I found an FTC report published in 2015 where one IoT company revealed in a workshop that it <b>provides home automation to less than 10,000 households but all of them put together account for 150 million data points per day.</b> So that’s one data point for every six seconds per household. So this is IoT for home automation and there is IoT for health and fitness, medical devices, IoT for personal safety, public transport, environment, connected cars, etc.”</p>
<p style="text-align: justify; ">In this sort of situation, the data collected could be used for harms that users did not account for.</p>
<blockquote style="text-align: justify; ">
<p>“I received some data a couple of years back and the data was from a water flowmeter. It was fitted to a villa in Hoskote and the idea was simple where you could measure the water consumption in the villa and track the consumption. So when I received the data, I figured out by just looking at the water consumption, you can see how many people are in the house, when they get up at night, when they go out, when they are out of station. All of this data can be misused. Data is collected specifically for water consumption and find if there are any leakages in the house. But it could be used for other purposes,” <b>Arvind P from Devopedia</b> said.</p>
</blockquote>
<p style="text-align: justify; "><img class="size-full wp-image-176800 aligncenter" height="499" src="https://i1.wp.com/www.medianama.com/wp-content/uploads/Arvind-Devopedia-Namaprivcay-e1508323377344.jpg?resize=750%2C499&ssl=1" width="750" /></p>
<p style="text-align: justify; "><b>Pranesh Prakash, policy director at Centre for Internet and Society (CIS)</b>, also provided an example of a Twitter handle called “should I be robbed now” where it correlates a user’s vacation pictures says that they could be robbed. “What we need to remember is that a lot of correlation analysis is not just about the analysis but it is also about the use and misuse of it. A lot of that use and misuse is non-transparent. Not a single company tells you how they use your data, but do take rights on taking your data,” he added.</p>
<p style="text-align: justify; "><img class="size-full wp-image-176801 aligncenter" height="501" src="https://i1.wp.com/www.medianama.com/wp-content/uploads/Pranesh-Prakash-Namaprivacy-e1508324108535.jpg?resize=750%2C501&ssl=1" width="750" /></p>
<p style="text-align: justify; ">Vinayak Hedge also added that the governments are using similar methods of data tracking to catch bitcoin miners in China and Venezuela from smart meters.</p>
<p style="text-align: justify; ">“In China, there are all these bitcoin miners. I was reading this story in Venezuela, where bitcoin mining is outlawed. <b>The way they’re catching these bitcoin miners is by looking at their electricity consumption. Bitcoin mining uses a huge amount of power and computing capacity.</b> And people have come out with ingenious ways of getting around it. They will draw power from their neighbours or maybe from an industrial setting. This could be a good example for a privacy-infringing activity.”</p>
<h2 style="text-align: justify; "><b>Pseudonymization</b></h2>
<p style="text-align: justify; "><b>Srinivas P, head of security at Infosys</b>, pointed out that a possible solution to provide privacy in home automation systems could be the concept of pseudonymity. <b>Pseudonymization</b> is a procedure by which the most identifying fields within a data record are replaced by one or more artificial identifiers or pseudonyms.</p>
<p style="text-align: justify; ">“There are a number of home automation systems which are similar to NEST, which is extensively used in Silicon Valley homes, that connect to various systems. For example, when you are approaching home, it will know when to switch on your heating system or AC based on the weather. And it also has information on who stays in the house and what room and what time they sleep. And in a the car, it gives a full real-time profile about the situation at home. It can be a threat if it is hacked. This is a very common threat that is being talked about and how to introduce pseudo-anonymity. When we use these identifiers, and when the connectivity happens, how do we do so that the name and user are not there? Pseudonymity can be introduced so that it becomes difficult for the hacker to decipher who this guy is,” Srinivas added.</p>
<h2 style="text-align: justify; "><b>Ambient data collection</b></h2>
<p style="text-align: justify; ">With IoT, it has never been able to capture ambient data. <b>Ambient data</b> <b>is information that lies in areas not generally accessible to the user.</b> An example for this is how users get traffic data from Internet companies. Kiran Jonnalagadda explained how this works:</p>
<blockquote style="text-align: justify; ">
<p>“When you look at traffic data on a street map, where is that data coming from? <b>It’s not coming from the fact that there is an app on the phone constantly transmitting data from the phone. It’s coming from the fact that cell phone towers record who is coming to them and you know if the cell phone tower is facing the road, and it has so many connections on it, you know that traffic is at a certain level in that area</b>. Now as a user of the map, you are talking to a company which produces this map and it is not a telecom company. Someone who is using a phone is only dealing with a telecom company and how does this data transfer happen and how much user data is being passed on to the last mile user who is actually holding the phone.”</p>
</blockquote>
<p style="text-align: justify; "><img class="size-full wp-image-176802 aligncenter" height="501" src="https://i0.wp.com/www.medianama.com/wp-content/uploads/Kiran-Namaprivacy-e1508324684657.jpg?resize=750%2C501&ssl=1" width="750" /></p>
<p style="text-align: justify; ">Jonnalagadda stressed on the need for people to ask who is aggregating this ambient data.</p>
<p style="text-align: justify; ">“Now obviously, when you look at the map, you don’t get to see, who is around you. And that would be a clear privacy violation and you only get to see the fact that traffic is at a certain level of density around the street around you. But at what point is the aggregation of data happening from an individually identifiable phone to just a red line or a green line indicating the traffic in an area. We also need to ask who is doing this aggregation. Is it happening on the telecom level? Is it happening on the map person level and what kind of algorithms are required that a particular phone on a cell phone network represents a moving vehicle or a pedestrian? Can a cell phone company do that or does a map company do that? If you start digging and see at what point is your data being anonymized and who is responsible for anonmyzing it and you think that this is the entity that is supposed to be doing it, we start realizing that it is a lot more complicated and a lot more pervasive than we thought it would be,” he said.</p>
<p style="text-align: justify; "><b>#NAMAprivacy Bangalore:</b></p>
<ul style="text-align: justify; ">
<li>Will artificial Intelligence and Machine Learning kill privacy? [<a href="https://www.medianama.com/2017/10/223-namaprivacy-artificial-intelligence-privacy/">read</a>]</li>
<li>Regulating Artificial Intelligence algorithms [<a href="https://www.medianama.com/2017/10/223-namaprivacy-regulating-artificial-intelligence-algorithms/">read</a>]</li>
<li>Data standards for IoT and home automation systems [<a href="https://www.medianama.com/2017/10/223-namaprivacy-data-standards-for-iot/">read</a>]</li>
<li>The economics and business models of IoT and other issues [<a href="https://www.medianama.com/2017/10/223-namaprivacy-economics-and-business-models-of-iot/">read</a>]</li>
</ul>
<p style="text-align: justify; "><b>#NAMAprivacy Delhi:</b></p>
<ul style="text-align: justify; ">
<li>Blockchains and the role of differential privacy [<a href="https://www.medianama.com/2017/09/223-namaprivacy-blockchains-role-differential-privacy/">read</a>]</li>
<li>Setting up purpose limitation for data collected by companies [<a href="https://www.medianama.com/2017/09/223-namaprivacy-setting-purpose-limitation-data-collected-companies/">read</a>]</li>
<li>The role of app ecosystems and nature of permissions in data collection [<a href="https://www.medianama.com/2017/09/223-namaprivacy-role-app-ecosystems-nature-permissions-data-collection/">read</a>]</li>
<li>Rights-based approach vs rules-based approach to data collection [<a href="https://www.medianama.com/2017/09/223-namaprivacy-rights-based-approach-vs-rules-based-approach-data-collection/">read</a>]</li>
<li>Data colonisation and regulating cross border data flows [<a href="https://www.medianama.com/2017/09/223-namaprivacy-data-colonisation-and-regulating-cross-border-data-flows/">read</a>]</li>
<li>Challenges with consent; the Right to Privacy judgment [<a href="https://www.medianama.com/2017/09/223-consent-challenges-privacy-india-namaprivacy/">read</a>]</li>
<li>Consent and the need for a data protection regulator [<a href="https://www.medianama.com/2017/09/223-privacy-india-consent-data-protection-regulator-namaprivacy/">read</a>]</li>
<li>Making consent work in India [<a href="https://www.medianama.com/2017/09/223-privacy-india-consent-namaprivacy/">read</a>]</li>
</ul>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/medianama-october-18-2017-namaprivacy-data-standards-for-iot'>http://editors.cis-india.org/internet-governance/news/medianama-october-18-2017-namaprivacy-data-standards-for-iot</a>
</p>
No publisherAdminInternet GovernanceBig Data2017-11-08T02:15:52ZNews Item