Privacy protection in IoT devices according to LGPD

A comprehensive study

Authors

Keywords:

Internet of Things, General Data Protection Law, Data Privacy, Data Protection

Abstract

The Internet of Things (IoT) has profoundly transformed human interaction with the environment by connecting physical devices and automating tasks that were once complex. However, this technological revolution also raises concerns about security and privacy, particularly in the handling of personal and sensitive data. The continuous growth in the adoption of IoT devices and systems underscores the need to reconcile this technology with specific regulations, such as the General Data Protection Law (LGPD). The challenge lies in the absence of explicit guidelines regarding the handling of data in IoT systems within existing legislations. This study aims to comprehend the coexistence of IoT with the LGPD, exploring solutions to ensure the security and privacy of data in a rapidly evolving technological landscape. The effectiveness of checklists in compliance verification, the proposal of the Personal Data Storage (PDS) in conjunction with IoT, and the application of Goal-Oriented Requirements Engineering techniques have been addressed. Furthermore, the practical implementation of PDS in the context of the Unified Health System (SUS) and the identification of functional and non-functional requirements for LGPD compliance in health IoT systems were discussed. The study highlights the importance of implementing LGPD principles in IoT, filling regulatory gaps, and promoting the security and privacy of data. The efficient coexistence of these elements not only meets legal requirements but also builds trust, empowering users with greater control over their data. Continuous innovations and practical research are essential to guide organizations, researchers, and policymakers in the pursuit of solutions that preserve data integrity in a connected environment.

Downloads

Download data is not yet available.

References

ALBERTIN, A. L.; ALBERTIN, R. M. DE M. A internet das coisas irá muito além das coisas. GV EXECUTIVO, v. 16, n. 2, p. 13, 19 Maio 2017.

ANDRÉ CERQUEIRA, Diego; MAIANI DE MELLO, Rafael; HORTA TRAVASSOS, Guilherme. Experimental Evaluation of a Checklist-Based Inspection Technique to Verify the Compliance of Software Systems with the Brazilian General Data Protection Law. [S. l.: s. n.], 2023. Disponível em: https://doi.org/10.48550/arxiv.2308.14874. Acessado em: 24 nov. 2023.

BRASIL. Lei Geral de Proteção de Dados Pessoais (LGPD). Lei no 13.709. Brasília, Brasil, 14 ago. 2019.

CAMARA, Maria Amália Arruda; LINS, Gabriel Henrique Albuquerque; OLIVEIRA, Fábio Henrique Cavalcanti de; CAMELO, Evellyn Millene Alves; MEDEIROS, Nataly Regina Fonseca Carvalho de. Internet das Coisas e blockchain no Sistema Único de Saúde: a proteção dos dados sensíveis diante da Lei Geral de Proteção de Dados. Cadernos Ibero-Americanos de Direito Sanitário, vol. 10, no 1, p. 93–112, 18 mar. 2021. DOI 10.17566/ciads.v10i1.657. Disponível em: https://doi.org/10.17566/ciads.v9i3.657. Acessado em: 24 nov. 2023.

CAMARGO PINHO DE ALENCAR, Larissa. LEI GERAL DE PROTEÇÃO DE DADOS – LGPD E SEGURANÇA NA INTERNET. Revista Judicial Brasileira, vol. 3, p. 429–447, 27 Nov. 2023. DOI 10.54795/rejubesp.dirdig.232. Available at: https://doi.org/10.54795/rejubesp.dirdig.232. Accessed on: 17 Jan. 2024.

CHEN, S. et al. A vision of IoT: Applications, challenges, and opportunities with China Perspective. IEEE Internet of Things Journal. Institute of Electrical and Electronics Engineers Inc., 1 ago. 2014.

DE LIMA, Ana Paula Moraes Canto; DE ALMEIDA, Dionice; MAROSO, Eduardo Pereira. LGPD-Lei Geral de Proteção de Dados: sua empresa está preparada?. Literare Books, 2020.

FALLATAH, Khalid U.; BARHAMGI, Mahmoud; PERERA, Charith. Personal Data Stores (PDS): A Review. Sensors, vol. 23, no 3, 1 fev. 2023. https://doi.org/10.3390/s23031477.

GIL, A. C. A Pesquisa no Brasil: Promovendo a excelência. 4. ed. São Paulo: Atlas, 2002.

KOHLS, Cleize; DUTRA, Luiz Henrique; WELTER, Sandro. LGPD: da teoria a implementação nas empresas. SP: Rideel, 2021.

MARCONI, M. DE A.; LAKATOS, E. M. Fundamentos de Metodologia Científica. 5 ed. São Paulo: Atlas, 2003.

PEREIRA, Ivonildo; MENDES, João; VIANA, Davi; RIVERO, Luis; FERREIRA, Waldemar; SOARES, Sergio. Extending an LGPD Compliance Inspection Checklist to Assess IoT Solutions: An Initial Proposal. Anais Estendidos do XIII Congresso Brasileiro de Software: Teoria e Prática (CBSoft Estendido 2022), , p. 28–31, 2022. Disponível em: https://doi.org/10.5753/cbsoft_estendido.2022.226679. Acessado em: 24 nov. 2023.

RIBEIRO PEDRO, João; GARCÉS, Lina. Especificação de requisitos de design de software para sistemas de IoT conforme a LGPD: Resultados de aplicação em um sistema de assistência para pacientes com Diabetes Mellitus. Anais Estendidos do XXIII Simpósio Brasileiro de Computação Aplicada à Saúde (SBCAS 2023), , p. 37–42, 2023. Disponível em: https://doi.org/10.5753/sbcas_estendido.2023.229693. Acessado em: 24 nov. 2023.

WACHOWICZ, Marcos. Proteção de Dados Pessoais em Perspectiva–LGPD e RGPD na Ótica do Direito Comparado. Curitiba, PR: Gedai, 2020.

ZEADALLY, Sherali; BADRA, Mohamad (Ed.). Privacy in a Digital, Networked World: Technologies, Implications and Solutions. Springer, 2015.

Published

2024-06-04

How to Cite

BIANCHINI, B. M.; SILVA, E. F.; … DIAS, J. C.; Privacy protection in IoT devices according to LGPD: A comprehensive study. Revista Processando o Saber, São Paulo, Brasil, v. 16, n. 01, 91-103, 4 jun. 2024. Available at: https://fatecpg.edu.br/revista/index.php/ps/article/view/346. Accessed: 21 nov. 2024.

Issue

Section

Tecnologia em Análise e Desenvolvimento de Sistemas