Transcript of Opinion 8/2014 on the Recent Developments on the Internet of … · 2016. 8. 31. · 1 聲明...
(ARTICLE 29 DATA
PROTECTION WORKING PARTY) Opinion 8/2014 on the Recent
Developments on the Internet of Things
“”
ht tp://ec.europa.eu/justice/data -protection/index_en.htm
2
(quantified self) (domotics) (connected devices)
specific)
(further data recipients) (standardization bodies)
“”(things)
“”
[ (data
platforms)] (data aggregators) (data broker)
(1)(2)
(smart cities)”“ (smart transportations)” M2M
Android Wear 3
[raw data] [aggregated data] [extracted
information] [displayable data]
3 http://developer.android.com/wear/index.html
(function
2.3
(secondary uses)
8
2.4
MAC addresses
(movement patterns)
9
3.
3.1
8/20108
”
8
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2010/wp179_en.pdf
“” 4 1 c 95/46/EC
4 1 a
“”
“”
(terminal devices)
4/200710
protection/article-29/documentation/opinionrecommendation/files/2014/wp216_en.pdf
11
14
(WP9) 15
12 2010 2 16 01/2010 (WP 169)
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2010/wp169_en.pdf
13
14
http://www.advisory.com/DailyBriefing/2013/01/04/With-tracking-devices-
employers-may-track-workers-health 15 2009 6 12 5/2009 (WP
163)
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2009/wp163_en.pdf
12
(opt-in)
(hosted in walled environments)
”(Household Exemption) 17
14
(storage
(aggregated raw data)
02/2013 (WP208) cookies
:
18 5 3 “” 95/46/EC 4 1 c “” 19 02/2013 (WP202)
http://ec.europa.eu/justice/data-protection/article-
29/documentation/opinion-recommendation/files/2013/wp202_en.pdf 20
2002/58/EC 25
4.3
7
/21 95/46/EC 7
2002/58/EC 5 3
23
“”
1 1
ASNEF FECEMDC-468/10 C-469/10 Google
Spain 24
21 5 3 7 a 2013 2 27 02/2013
(WP202) 14
<http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-
recommendation/files/2013/wp202_en.pdf> 95/46/EC 7 06/2014
(WP217) 263246 22 WP202 14 23 2011 7 3 15/2011
(WP187)http://ec.europa.eu/justice/data-protection/article-
29/documentation/opinionrecommendation/files/2011/wp187_en.pdf 24
2014 5 13 C-1 31/12 74 25 WP217
26
(user profile)
(inactive)
8
(well being)
(health data)
(application engine) (ECG)
7 a
6 a 10 11
(principles of
(proxy attacks)
Machine/
Design)
(observed
standard)
20
1
21
outs) / (granular consent) [ 2/2013
]
Assessments)PIA 2011 1 12
(RFID Applications) 32
(Privacy by Default)
(Empowerment)
(principle of self-determination of data) “”
6.2
31 02/2013 (WP202) http://ec.europa.eu/justice/data-
protection/article29/documentation/opinion-recommendation/files/2013/wp202_en.pdf
32
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp180_annex_en.pdf
“”
(random identifiers) MAC
address wifi
(cryptography primitive)