Italian officials have begun to lay out legal guidelines for the processing of biometric data in the Internet of Things, according to an article by Giulio Coraggio on his blog GamingTechLaw. The regulations seek to protect consumer rights while allowing the Internet of Things to develop and advance.
As laid out by the Garante, Italy’s Data Protection Authority, the legal guidelines appear to be laudably common-sense, seeking to ensure that users are adequately notified by technology providers when their biometric information is going to be collected, and establishing strict security requirements for such applications as well as a protocol for data breaches. On the other hand, a number of exceptions are laid out for situations where the collection of biometric data poses a low risk for users and the practice provides some important benefit to be weighed against such concerns, such as security clearance or in the use of potentially dangerous machinery.
The Internet of Things is a wide field of growing interest to technology developers, as evidenced by Samsung’s recent conference on the topic. Meanwhile, biometrics technology in general is becoming more and more commonplace in everyday life, and this of course is ramping up concerns about the security and privacy of users’ biometric data, leading many industry experts and privacy advocates to call for more coherent standards for the industry.