You are here
Citizen Centric Approach to Data- Privacy by Design
Click here to enlarge the image.
Institutionalisation of the concepts of privacy in organisations making up a Smart City value chain and integration of these concepts in the design of Smart Cities systems and subsystems.
In the wake of the Snowden revelations, there is now a unanimous recognition that something must be done to protect the citizen rights for privacy. Europe is currently finalizing a new regulation, the GDPR , that will call for sanctions that could amount to up to 2% of the worldwide turnover of an enterprise in case of breach. More specifically the regulation requires.
A number of workshops will be organised to customise existing work on privacy assessment to the case of Smart Cities in order to workout a practical set of recommendations.
Liaison will also take place with standardisation work.
A number of workshops will be organised with commitments using the requirements in order to get feedback.
The aim of the Initiative is to provide data protection guidelines for EIP-SCC applications with a focus on a citizen centric viewpoint. Issues at stake will be:
- Privacy by Design and by Default, i.e. data protection is designed into the development of business processes for products and services.
- Privacy settings to be set at a high level by default.
- Data Protection Impact Assessments to be conducted when specific risks occur to the rights and freedoms of data subjects.
- Interaction with existing network and community aiming at generating awareness, engagement and discussing innovation in personal data and trust. An example is UK Digital Catapult Trust Framework Initiative, and Personal Data and Trust Network.
Proposed deliverable: guidelines for data protection for EIP-SCC systems to comply with the GDPR and ensure appropriate citizen empowerment. The guidelines would cover:
- Advice on privacy-by-design and by-default for EIP-SCC with a citizen focus viewpoint.
- Advice for privacy setting with a citizen focus viewpoint.
- Data protection impact assessment template for EIP-SCC systems with a citizen focus viewpoint. The work would be similar to the one undertaken by the smart grid task force (See https://ec.europa.eu/energy/en/test-phase-data-protection-impact-assessm...).
Click on the picture to enlarge it.
Milestone 1 (September 2015): Validation of SCC Interest. To reach this milestone, it is proposed to carry out preliminary consultations with stakeholders of the EIP-SCC community as well as with important large scale projects in smart cities (1) to confirm interest and (2) to identify a number of initiatives that would be interested.
Milestone 2 (M12): Guidelines for assessing privacy. To reach this milestone, it is proposed to start from existing guidelines (from PRIPARE project, from data protection authorities documents), to carry out a number of workshops with interested parties in the SCC community in order to customize to smart cities development. It is suggested in particular to have at least one in-depth workshop with one large scale project.
Milestone 3 (M24): Feedback on the use of guidelines for assessing privacy and recommendations for standardisation. It is proposed to carry out a one year test phase where a number (ideally a large number) of SCC undertakings use the guidelines. Here again a number of workshops would be organized (ideally they would be organized by the commitments themselves as it is very likely that they would need to address privacy issues anyway) . The workshop could be an opportunity to exchange on a number of solutions and use cases such as the Trust API from KnowNow Info.
The core topic for the Citizen-Centric Approach to Data Initiative break-out session during the EIP-SCC 2016 General Assembly was the integration of the GDPR (General Data Protection Regulation) in the on-going initiatives.
Conclusions and next steps:
- Activities will be focused on consensus reaching and capacity building.
- Initiate bilateral discussions with participants to the break out session (e.g. at city and project level)
- Leverage on networks/projects that can support our activities and put energies (e.g. ERRIN, Tecnalia and ESPRESSO projects)
- Organize a workshop in collaboration with ERRIN to gather feedback
- Potential collaboration with the New Mobility Services Initiative and explored tracking applications and citizens’ behaviour, most probably in the TRACE project.
To know more...
Contact us at: firstname.lastname@example.org
AC Documents library
28.01.2017 | Comments: 0