Realising the right to data portability for the domestic Internet of things

Aarts E, Marzano S (2003) The new everyday: views on ambient intelligence. 010 Publishers, Rotterdam Acar G, Eubank C, Englehardt S, Juarez M, Narayanan A, Diaz C (2014) The Web never forgets: persistent tracking mechanisms in the wild. Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security - CCS ’14, ACM Press, 674–689 Acquisti A, Grossklags J (2004) Privacy attitudes and privacy behavior. Econ Inf Secur:165–178 Adams AA, Murata K, Fukuta Y, Orito Y, Palma AML (2016) The view from the gallery. ACM SIGCAS Comput Soc 45(3):376–383 Arkko J (2015) IETF RC 7452: architectural considerations in smart object networking. Fremont Article 29 Data Protection Working Party WP 223 (2014) Opinion 8 / 2014 on recent developments on the internet of things. Brussels: Eur Commission 23(September):1–24 Article 29 Working Party (2017) Guidelines on the right to data portability. Brussels Ashton K (2009) That ‘Internet of Things’ thing. RFID Journal. Retrieved from http://www.rfidjournal.com/articles/view?4986 Bell G, Dourish P (2006) Yesterday’s tomorrow’s: notes on ubiquitous computing’s dominant vision. Pers Ubiquit Comput 11(2):133–143 Birnhack M, Toch E, Hadar I (2014) Privacy mindset, technological mindset. Jurimetrics: J Law, Sci Technol 55:1–71 Brandimarte L, Acquisti A, Loewenstein G (2012) Misplaced confidences: privacy and the control paradox. Soc Psychol Personal Sci 4(3):340–347 Brown I (2015) GSR discussion paper regulation and the internet of things. Geneva Camp LJ, Osorio CA (2003) Privacy-enhancing technologies for internet commerce. In: Petrovic O, Ksela M, Fallenbock M, Kittl C (eds) Trust in the Network Economy. Springer Verlag, Berlin, pp 317–331 Cavoukian A (2009) Privacy by design—the 7 foundational principles—implementation and mapping of fair information practices. Information and Privacy Commissioner of Ontario, Canada Chirgwin R (2017) Two million recordings of families imperiled by cloud-connected toys’ crappy MongoDB. The Register. Retrieved 3 March 2017 from https://www.theregister.co.uk/2017/02/28/cloudpets_database_leak/ Cisco (2013) The internet of everything. San Jose Colesky M, Hoepman J, Hillen C (2016) Critical analysis of privacy design strategies. Int Workshop Privacy Eng – IWPE 16:33–40 Crabtree A, Mortier R (2015) Human data interaction: historical lessons from social studies and CSCW. Proceedings of the 2015 14th European Conference on Computer-Supported Cooperative Work, ECSCW’15, 3–21 Crabtree A, Rodden T (2004) Domestic routines and design for the home. Comput Supported Coop Work: CSCW: Int J 13(2):191–220 Crabtree A, Tolmie P, Rouncefield M (2012) Doing design ethnography. Springer Verlag, London Custers B, Calders T, Schermer B, Zarsky T (2014) Discrimination and privacy in the information society data mining and profiling in large databases. Springer, Berlin Danezis G, Domingo-Ferrer J, Hansen M et al. (2014) Privacy and data protection by design - from policy to engineering. Heraklion Deakin S (2015) The Internet of Things: shaping our future. Cambridge Denham E (2016) How the ICO will be supporting the implementation of the GDPR. ICO. Retrieved 3 March 2017 from https://iconewsblog.wordpress.com/2016/10/31/how-the-ico-will-be-supporting-the-implementation-of-the-gdpr/ Dennedy M, Fox J, Finneran T (2014) Privacy Engineer’s manifesto. Apress, New York Department for Business, Innovation and Skills (2013) Midata privacy impact assessment report. London Department for Exiting the EU (2017) Legislating for the United Kingdom’s withdrawal from the European Union. London Eclipse Wiki (2009) Higgins personal data service Edwards L. 2009. Consumer privacy law 1: online direct marketing. In Edwards, & C. Waelde (Eds.), Law and the Internet. 3rd ed. 489–510 Edwards L (2016) Brexit: ‘you don’t know what you’ve got till it’s gone’. SCRIPTed 13(2):112–117 Edwards WK, Grinter RE (2001) At home with ubiquitous computing: seven challenges. International conference on ubiquitous computing, 256–272 European Data Protection Supervisor (2016) Opinion on personal information management systems towards more user empowerment in managing and processing personal data. Brussels Federal Trade Commision (FTC) (2012) Protecting consumer in an era of rapid change: recommendations for businesses and policymakers. Federal Trade Commision March: 1–112 Fischer JE, Costanza E, Ramchurn SD, Colley J, Rodden T (2014) Energy advisors at work. Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing - UbiComp ‘14 Adjunct, ACM Press, 447–458 Friedman B, Kahn PH, Borning A (2008) Value sensitive design and information systems. In: Himma K, Tavani H (eds) The handbook of information and computer ethics. Wiley, New York Georghiou N, Evans A. 2016 Brexit: the impact on equalities and human rights. Edinburgh Haddadi H, Howard H, Chaudhry A, Crowcroft J, Madhavapeddy A, Mortier R (2015) Personal data: thinking inside the box. London/Cambridge Hansen M, Morris J, Cooper A et al (2013) Privacy considerations for Internet protocols "Privacy Considerations for Internet Protocols", RFC 6973, doi:10.17487/RFC6973, July 2013, http://www.rfc-editor.org/info/rfc6973 Harbinja E (2013) Does the EU data protection regime protect post-mortem privacy and what could be the potential alternatives? SCRIPTed 10(1):19–38 Iachello G, Hong J (2007) End user privacy in human computer interaction. Found Trends Hum Comput Interact 1(1):1–137 International Telecommunication Union (2012) Overview of the Internet of Things. Geneva IoT-UK (2017) Establishing the norm: introduction to IoT standards. London Joint Committee on Human Rights (2017) The human rights implications of Brexit fifth report of session 2016–17. London Kirkham T, Winfield S, Ravet S, Kellomaki S (2013) The personal data store approach to personal data security. IEEE Secur Priv 11(5):12–19 Koops B, Leenes R (2014) Privacy regulation cannot be hardcoded. A critical comment on the privacy by design provision in data-protection law. Int Rev Comput 28(2):159–171 Kosta E (2013) Peeking into the cookie jar: the European approach towards the regulation of cookies. Int J Law Inf Technol 21(4):380–406 Laudon KC, Kenneth C (1996) Markets and privacy. Commun ACM 39(9):92–104 Leppënen S, Jokinen M (2003) Daily routines and means of communication in a smart home. In: Harper R (ed) Inside the smart home. Springer Verlag, London, pp 207–225 Lessig L (2006) Code Version 2.0. Basic Books, New York Leygue C, Ferguson E, Skatova A, Spence A (2014) Energy sharing and energy feedback: affective and behavioral reactions to communal energy displays. Front Energy Res 2(July):1–12 Liu Y, Goncalves J, Ferreira D, Hosio S, Kostakos V (2014) Identity crisis of Ubicomp? Mapping 15 years of the field’s development and paradigm change. UbiComp 14:75–86 Locker Project (2012) Locker Project Luger E, Urquhart L, Rodden T, Golembewski M (2015) Playing the legal card: using ideation cards to raise data protection issues within the design process. Proceedings of the ACM CHI’15 Conference on Human Factors in Computing Systems, 457–466 McAuley D (2014) What is IoT? That is not the question’ Retrieved from http://iotuk.org.uk/what-is-iot-that-is-not-the-question/ McCullagh K (2017) Brexit: potential trade and data implications for digital and ‘fintech’ industries. Int Data Privacy Law 7(1):3–21 Mortier R, Haddadi H, Henderson T, McAuley D, Crowcroft J (2014) Human-data interaction: the human face of the data-driven society. SSRN Electron J Mydex (2017) Mydex charter Retrieved from https://pds.mydex.org/mydex-charter Norberg PA, Horne DR, Horne DA (2007) The privacy paradox: personal information disclosure intentions versus behaviors. J Consum Aff 41(1):100–126 Out-law ‘General and indiscriminate’ data retention laws prohibited, rules EU court. Out-law.com . Retrieved 3 March 2017 from https://www.out-law.com/en/articles/2016/december/general-and-indiscriminate-data-retention-laws-prohibited-rules-eu-court/ Out-Law (2016) New GDPR guidance: APIs can help businesses meet data portability obligations, says watchdog. Out-Law.com. Retrieved 3 March 2017 from https://www.out-law.com/en/articles/2016/december/new-gdpr-guidance-apis-can-help-businesses-meet-data-portability-obligations-says-watchdog/ OwnCloud (2017) ownCloud Website. Retrieved from https://owncloud.org Papadopoulou E, Stobart A, Taylor NK, Howard Williams M. 2015 Enabling data subjects to remain data owners. Smart Innovation, Systems and Technologies, 239–248 Prins C 2006 Property and privacy: European perspectives and the commodification of our identity 5, 223–257. Retrieved 3 March 2017 from https://www.recht.nl/doc/10.Prins.pdf Reidenberg J (1998) Lex Informatica: the formulation of policy rules through technology. Texas Law Review 76:553 Rodden T, Benford S (2003) The evolution of buildings and implications for the design of ubiquitous domestic environments. Proc of the SIGCHI Conf Humfactors Comput Syst 5(1):9–16 Rogers Y (2006) Moving on from Weiser’s vision of calm computing: engaging UbiComp experiences. Ubicomp 06:404–421 Rose K (2015) Internet of things: an overview. Internet Society, Geneva Rose J, Rehse O, Röber B (2012) The value of our digital identity. Liberty Global Policy Series Ryan T, Scott V (2014) Australia legislates for privacy by design. The Privacy Advisor (IAPP Website) Satyanarayanan M (2001) Pervasive computing: visions and challenges’ communications. IEEE Pers Commun 8(4):10–17 Scottish Human Rights Commission (2016) Submission: report to UN Committee on the rights of the child. Edinburgh Simson JC (2017) Legislating for Brexit: the great repeal bill. London Sloan M (2014) Government publishes its review into the midata scheme. Brodies.com. Retrieved 3 March 2017 from http://www.brodies.com/blog/government-published-review-midata-scheme/ Solove DJ (2008) Understanding privacy. Harvard University Press, Cambridge Spiekermann S, Cranor LF (2009) Engineering privacy. IEEE Trans Eng 35(1):67–82 Swire PP, Lagos Y (2013) Why the right to data portability likely reduces consumer welfare: antitrust and privacy critique. SSRN Electron J 72:335 Tolmie P, Pycock J, Diggins T, MacLean A, Karsenty A (2002) Unremarkable computing. Computer-Human Interaction (CHI) Conference 2002 1, 1: 399–406 Tolmie P, Crabtree A, Rodden T, Colley J (2016) ‘This has to be the cats’—personal data legibility in networked sensing systems. CSCW 16:491–502 UK Information Commissioner Office (2017) Consultation: GDPR Consent Guidance. Wilmslow UK Information Commissioner Office (2017) The right to data portability Retrieved 3 March 2017 from https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/the-right-to-data-portability/ Ur B, Jung J, Schechter S (2014) Intruders versus Intrusiveness : teens ’ and parents ’ perspectives on home-entryway surveillance. UbiComp, 129–139 Urquhart L (2017) Ethical dimensions of user centric regulation. Proceedings of CEPE/ETHICOMP 2017 Urquhart L (2017) Towards user centric regulation L Urquhart, T Rodden (2016) A legal turn in HCI: towards regulation by design for the Internet of Things. Social Science Research Network Urquhart L, Rodden T (2017) New directions in information technology law: learning from human–computer interaction. Int Rev Law Comput Technol 31(2):1–19 Van der Auwermeulen B (2017) How to attribute the right to data portability in Europe: a comparative analysis of legislations. Comput Law Secur Rev 33(1):57–72 Max Van Kleek, Daniel Smith, Nigel Shadbolt, and M.c. Schraefel. (2012) A decentralized architecture for consolidating personal information ecosystems: the WebBox. Proceedings of PIM 2012 Vanberg AD, Ünver MB (2017) The right to data portability in the GDPR and EU competition law: odd couple or dynamic duo? Eur J Law Technol 8(1):1–22 Wahyuningtyas SY (2015) Interoperability for data portability between social networking sites (SNS): the interplay between EC software copyright and competition law. Queen Mary J Intellect Prop 5(1):46–67 Walker C, Walker C (2015) Personal data Lake with data gravity pull personal data Lake with data gravity pull. August Walport M (2014) The internet of things: making the most of the second digital revolution. London Weiser M (1993) Some computer science issues in ubiquitous computing. Commun ACM 36(7):75–84 Weiser M, Brown JS (1996) The coming age of calm technology. Palo Alto Westin AF (1968) Privacy and freedom. Am Sociol Rev 33, 1: 173 Wilson C (2015) Smart homes and their users: analysis and key challenges. Pers Ubiquit Comput 19:463–476 Wong R, Savirimuthu J (2008) All or nothing: this is the question? The application of Art. 3(2) Data Protection Directive 95/46/EC to the Internet. J Marshall J Comput Info Law 25:–24 World Economic Forum and Boston Consulting Group (2012) Rethinking personal data: strengthening trust. May: 1–35 Zanfir G (2012) The right to data portability in the context of the EU data protection reform. Int Data Privacy Law 2(3):149–162