The IoT Assistant application identifies smart health connected objects… and allows you to refuse data collection

[ad_1]

With more and more smart health connected objects, researchers from Carnegie-Mellon University (United States) announced on Wednesday February 19, 2020 that they have developed "IoT Assistant", a mobile application to locate them. Referenced by the user community, the devices appear on a map that makes it possible to locate themselves in relation to them. When an object seems to collect personal data without reason, it is enough to click on its file to know for what purpose these are used, the level of protection which are applied to them and the duration during which they will be kept.

COMPLY WITH THE GDPR

Available for free download on Android and iOS, the IoT Assistant application has been designed to be intuitive, so that the general public can use it. In case of doubt about an object, a link redirects the user to the latter's privacy policies to allow the user to refuse the collection of his personal data. This can be the case of webcams placed in public space, as has been observed The Digital Factory trying the device. Researchers also cite the example of Bluetooth beacons, which track customers in supermarkets, or doorbells and smart health connected speakers in a neighborhood.

 "Because of laws such as the General Data Protection Regulations (GDPR) and the California Consumer Privacy Act (CCPA), people need to know what data is collected about them and be able to choose from several options under these processsaid Norman Sadeh, a professor at the CMU Institute for Software Research. We have built a cloud infrastructure that allows owners of smart health connected objects to comply with it, as well as an application that uses it to empower people to control the data collected about them. "

empowering OWNERS OF smart health connected OBJECTS

The researchers believe that the precautions taken by the authorities to inform the population of the presence of a camera in public space, for example, "are not enough" as is. "Signs can be positioned to warn that ehealth surveillance is in place, but never specify what will be done with the recording. It is generally not known how long it will be kept, if it will use recognition facial or with whom it will be shared, underlined Norman Sadeh. However, beyond imposing on the authorities in charge of explicitly preventing the existence of these devices, the GDPR and the CCPA also obliges them to inform the persons concerned of the options they have to manage the data collected about them. "

It is therefore to reaffirm this principle that the researchers published IoT Assistant. If the initiative is commendable and innovative, the success of the application will inevitably depend on the goodwill of owners of smart health connected objects … who must declare them on an online platform. Norman Sadeh’s team plays the accountability card, calling on them to "to comply" with the law – and, primarily, businesses and public organizations, such as universities.

It should also be noted that this project was funded by Darpa, the agency of the United States Department of Defense in charge of R&D in new technologies. Funding that raises questions since the data of IoT Assistant users may, depending on the conditions of use, be used in the context of military research. Rather funny.

[ad_2]