• PDF / 316,253 Bytes
• 11 Pages / 439.37 x 666.142 pts Page_size
• 49 Downloads / 169 Views

DOWNLOAD

REPORT

Regulation of Internet-of-Things cybersecurity in Europe and Germany as exemplified by devices for children Stefan Hessel · Andreas Rebmann

Received: 13 February 2020 / Accepted: 13 March 2020 / Published online: 23 September 2020 © The Author(s) 2020

Abstract IoT devices are omnipresent in children‘s rooms. At the same time these devices and their infrastructure have become notorious for security flaws. The following paper analyses current and future legal reglementation and IT security measures to protect children as an especially vulnerable group. Keywords Connected toys · Cybersecurity Act · Toy Safety Directive · Radio Equipment Directive (RED) · General Data Protection Regulation (GDPR)

1 Introduction The digitalisation of our society is affecting our entire living environment at an increasing rate. Within the framework of this, more and more data on our environment, but also on ourselves, is being processed. This is no longer done exclusively by conventional computers but by Internet-of-Things (IoT) devices. However, these are not only used in a smart home or in applications for adults but have also found their way into the lives of children. This is reflected not only in very positive market forecasts [1] but also in Mattel’s ultimately failed attempt to market a Smart Home Hub for children [2]. However, children are considered a particularly vulnerable group which enjoys special protection under Article 24 of the EU Charter of Fundamental Rights and Article 6 of the German constitution. This gives rise to the question of how secure the devices are from a technical point of view and which S. Hessel () reuschlaw Legal Consultants, Stengelstraße 1, 66117 Saarbrücken, Germany E-Mail: [email protected] S. Hessel · A. Rebmann Universität des Saarlandes, Campus, 66123 Saarbrücken, Germany E-Mail: [email protected]

K

28

Int. Cybersecur. Law Rev. (2020) 1:27–37

legal requirements apply to the IT security of devices for children in particular but also to IoT devices in general.

2 Technical background The concept of ubiquitous computing describes the shift from computers being located in a few common spots such as desktops and workplaces to being part of everyday objects formerly not associated with technology-equipped products [3]. IoT devices are part of this phenomenon as more and more everyday objects become connected to networks and the internet [4]. This includes cars, so-called wearables and video surveillance but also products specifically designed for children, such as toys and learning devices. As the number of internet-connected devices grows rapidly, the number of devices vulnerable to attacks and used in a malicious way increases equally. IoT devices for children can largely be grouped into four categories: connected toys, kids’ smart watches, tablets for children and monitoring devices, serving multiple purposes [5]. In addition to the common IT security problems concerning all computer devices, those specifically targeting children must deal with additional issues, as chi

Recommend Documents

Privacy, Data Protection and Cybersecurity in Europe

192 49 2MB

Cybersecurity Research Analysis Report for Europe and Japan Cybe

165 2 2MB

Self- and Co-regulation in Cybercrime, Cybersecurity and National Security

146 35 2MB

Accelerating E-Mobility in Germany A Case for Regulation

146 73 2MB

Children and Adolescents in Times of Crises in Europe

159 62 2MB

Britain and Germany Imagining the Future of Europe National Identity

178 99 1MB

Contaminated Generativity: Holocaust Survivors and Their Children in Germany

145 69 101KB

Homeopathic Medicinal Products in Germany and Europe: Legal Requirements for Registration and Marketing Authorization

99 91 616KB

Disability-Adjusted Life Years in Children and Adolescents in Europe

149 17 57MB

Advertising and the Consumerism Movement in Europe: The Case of West Germany and Switzerland

131 67 2MB

Information Visualization as a Method for Cybersecurity Education

167 102 9MB

Failure mode analysis of post-seismic rockfall in shattered mountains exemplified by detailed investigation and numerica

176 6 33MB