Legal Considerations of IoT Applications in Fog and Cloud Environments

Radhika Garg, Sz Varadi, A. Kertesz

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The Internet of Things is the latest paradigm that encompasses the potential of connecting a physical object to the Internet, and then utilizes cloud services to collect, store and process data generated by these connected devices. In order to reduce the service latency of computations, processes, and storage at further situated Cloud nodes, the Fog paradigm was born, which brings data management closer to the end user or to the edge of the network of a provider. Fog nodes can not only be geographically distributed, but also more dynamic in nature than cloud nodes, therefore it is even more difficult to ensure data protection. The operation of such complex systems, thus, raises legal issues such as who owns or processes the data, who is liable in terms of a possible security breach. In this paper we aim to discuss the latest advances of corresponding legislation in the European Union and in the United States of America that affect these technology developments. First, we investigate IoT and Fog characteristics and identify different use cases of loT-Fog-Cloud environments that will be then used to discuss possible legal issues. We conclude the paper with role mappings for the identified cases, and by proposing recommendations on how to govern data management in these complex systems to ensure data protection as mandated by current legislations across these two regions. Our investigations imply that as we broaden the scope and complexity of the managed systems, the user control of the sensed private data weakens, and the responsibility of data protection are shifting towards fog, cloud and service providers.

Original languageEnglish (US)
Title of host publicationProceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages193-198
Number of pages6
ISBN (Electronic)9781728116440
DOIs
StatePublished - Mar 19 2019
Event27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019 - Pavia, Italy
Duration: Feb 13 2019Feb 15 2019

Publication series

NameProceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019

Conference

Conference27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019
CountryItaly
CityPavia
Period2/13/192/15/19

Fingerprint

Fog
Data privacy
Information management
Large scale systems
Internet of things
Internet

Keywords

  • Cloud Computing
  • Data Protection
  • Fog Computing
  • GDPR
  • Internet of Things
  • U.S. privacy Rules

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications

Cite this

Garg, R., Varadi, S., & Kertesz, A. (2019). Legal Considerations of IoT Applications in Fog and Cloud Environments. In Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019 (pp. 193-198). [8671620] (Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/EMPDP.2019.8671620

Legal Considerations of IoT Applications in Fog and Cloud Environments. / Garg, Radhika; Varadi, Sz; Kertesz, A.

Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 193-198 8671620 (Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Garg, R, Varadi, S & Kertesz, A 2019, Legal Considerations of IoT Applications in Fog and Cloud Environments. in Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019., 8671620, Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019, Institute of Electrical and Electronics Engineers Inc., pp. 193-198, 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019, Pavia, Italy, 2/13/19. https://doi.org/10.1109/EMPDP.2019.8671620
Garg R, Varadi S, Kertesz A. Legal Considerations of IoT Applications in Fog and Cloud Environments. In Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 193-198. 8671620. (Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019). https://doi.org/10.1109/EMPDP.2019.8671620
Garg, Radhika ; Varadi, Sz ; Kertesz, A. / Legal Considerations of IoT Applications in Fog and Cloud Environments. Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 193-198 (Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019).
@inproceedings{7457dd53108e4b51b2ac8023f92b2a2e,
title = "Legal Considerations of IoT Applications in Fog and Cloud Environments",
abstract = "The Internet of Things is the latest paradigm that encompasses the potential of connecting a physical object to the Internet, and then utilizes cloud services to collect, store and process data generated by these connected devices. In order to reduce the service latency of computations, processes, and storage at further situated Cloud nodes, the Fog paradigm was born, which brings data management closer to the end user or to the edge of the network of a provider. Fog nodes can not only be geographically distributed, but also more dynamic in nature than cloud nodes, therefore it is even more difficult to ensure data protection. The operation of such complex systems, thus, raises legal issues such as who owns or processes the data, who is liable in terms of a possible security breach. In this paper we aim to discuss the latest advances of corresponding legislation in the European Union and in the United States of America that affect these technology developments. First, we investigate IoT and Fog characteristics and identify different use cases of loT-Fog-Cloud environments that will be then used to discuss possible legal issues. We conclude the paper with role mappings for the identified cases, and by proposing recommendations on how to govern data management in these complex systems to ensure data protection as mandated by current legislations across these two regions. Our investigations imply that as we broaden the scope and complexity of the managed systems, the user control of the sensed private data weakens, and the responsibility of data protection are shifting towards fog, cloud and service providers.",
keywords = "Cloud Computing, Data Protection, Fog Computing, GDPR, Internet of Things, U.S. privacy Rules",
author = "Radhika Garg and Sz Varadi and A. Kertesz",
year = "2019",
month = "3",
day = "19",
doi = "10.1109/EMPDP.2019.8671620",
language = "English (US)",
series = "Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "193--198",
booktitle = "Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019",

}

TY - GEN

T1 - Legal Considerations of IoT Applications in Fog and Cloud Environments

AU - Garg, Radhika

AU - Varadi, Sz

AU - Kertesz, A.

PY - 2019/3/19

Y1 - 2019/3/19

N2 - The Internet of Things is the latest paradigm that encompasses the potential of connecting a physical object to the Internet, and then utilizes cloud services to collect, store and process data generated by these connected devices. In order to reduce the service latency of computations, processes, and storage at further situated Cloud nodes, the Fog paradigm was born, which brings data management closer to the end user or to the edge of the network of a provider. Fog nodes can not only be geographically distributed, but also more dynamic in nature than cloud nodes, therefore it is even more difficult to ensure data protection. The operation of such complex systems, thus, raises legal issues such as who owns or processes the data, who is liable in terms of a possible security breach. In this paper we aim to discuss the latest advances of corresponding legislation in the European Union and in the United States of America that affect these technology developments. First, we investigate IoT and Fog characteristics and identify different use cases of loT-Fog-Cloud environments that will be then used to discuss possible legal issues. We conclude the paper with role mappings for the identified cases, and by proposing recommendations on how to govern data management in these complex systems to ensure data protection as mandated by current legislations across these two regions. Our investigations imply that as we broaden the scope and complexity of the managed systems, the user control of the sensed private data weakens, and the responsibility of data protection are shifting towards fog, cloud and service providers.

AB - The Internet of Things is the latest paradigm that encompasses the potential of connecting a physical object to the Internet, and then utilizes cloud services to collect, store and process data generated by these connected devices. In order to reduce the service latency of computations, processes, and storage at further situated Cloud nodes, the Fog paradigm was born, which brings data management closer to the end user or to the edge of the network of a provider. Fog nodes can not only be geographically distributed, but also more dynamic in nature than cloud nodes, therefore it is even more difficult to ensure data protection. The operation of such complex systems, thus, raises legal issues such as who owns or processes the data, who is liable in terms of a possible security breach. In this paper we aim to discuss the latest advances of corresponding legislation in the European Union and in the United States of America that affect these technology developments. First, we investigate IoT and Fog characteristics and identify different use cases of loT-Fog-Cloud environments that will be then used to discuss possible legal issues. We conclude the paper with role mappings for the identified cases, and by proposing recommendations on how to govern data management in these complex systems to ensure data protection as mandated by current legislations across these two regions. Our investigations imply that as we broaden the scope and complexity of the managed systems, the user control of the sensed private data weakens, and the responsibility of data protection are shifting towards fog, cloud and service providers.

KW - Cloud Computing

KW - Data Protection

KW - Fog Computing

KW - GDPR

KW - Internet of Things

KW - U.S. privacy Rules

UR - http://www.scopus.com/inward/record.url?scp=85063874383&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85063874383&partnerID=8YFLogxK

U2 - 10.1109/EMPDP.2019.8671620

DO - 10.1109/EMPDP.2019.8671620

M3 - Conference contribution

AN - SCOPUS:85063874383

T3 - Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019

SP - 193

EP - 198

BT - Proceedings - 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2019

PB - Institute of Electrical and Electronics Engineers Inc.

ER -