Mechanisms of public management in the personal data protection in smart cities

Dmytro Khlaponin

Abstract


More than ten years ago in the world has emerged the concept “smart city” and till today smart cities have developed in many countries of the world.

A smart city is a place where traditional networks and services are made more efficient with the use of digital and telecommunication technologies for the benefit of its inhabitants and business [1].

Any smart city, in turn, consists of a huge amount of cyber physical systems (CPSs).

Cyber physical systems are smart systems that include engineered interacting networks of physical and computational components [2].

The essential requirements to functioning of these systems are safety, security, reliability, resilience, confidentiality. Automated decision-making, including profiling in the personal data processing constitutes a significant part of cyber physical systems as components of smart cities.

As the personal data is processed automatically, computations are performed in the “cloud” in the network of distant servers, there is a risk of various cyber threats and real cyber attacks on certain cyber physical system (as part of a smart city) which may cause a damage or losses to the personal data subject as a result of unlawful destruction, use, alteration or disclosure of the personal data.

The Ukrainian legislation does not contain the concept “smart city”. The unsolved problem in the Ukrainian legislation is the recognition of the personal data subject as a central element of any cyber physical system (as part of a smart city) and the necessity of ensuring balance between the fundamental rights and freedoms of the personal data subject and the rights of the data possessors, data processors, data protection officials, the authority of the Commissioner of the Verkhovna Rada of Ukraine on human rights who gain access to the personal data by means of personal data subject consent.

The comparative analysis of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Regulation) [5] with the Ukrainian Law [4] which refers to various elements of the processing of personal data in different processing systems, to the rights and obligations of the data controller, the data processor, the supervisory authority with regard to ensuring lawful, secure, confidential processing of personal data is made.


Keywords


Cyber physical system; smart city; personal data protection; encryption; pseudonymisation

References


https://ec.europa.eu/info/eu-regional-and-urban-development/topics/cities-and-urban-development/city-initiatives/smart-cities_en.

Framework for Cyber-Physical Systems Release 1.0 May 2016 CPS Public Working Group. Retrieved from www.nist.gov.

Gharaibeh A.; Salahuddin M.A., Hussini S.J., Khreishah A., Khalil I., Guizani M., Al-Fuqaha A., 2017. Smart Cities: A Sur-ey on Data Management, Security, and Enabling Technologies. IEEE Communications Sur-veys & Tutorials. 19(4), 2456–2501. doi:10.1109/COMST.2017.2736886.

On the personal data protection: Law of Ukraine 1st June 2010. № 2297-VI Retrieved from http://zakon3.rada.gov.ua/laws/show/

-17.

The Regulation (EU) 2016/679 of the Euro-pean Parliament and of the Council of 27 April 2016 on the protection of natural per-sons with regard to the processing of person-al data and on the free movement of such data, and repealing Directive 95/46/EC. Of-ficial Journal of the European Union. Re-trieved from https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=

celex%3A32016R0679.


Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.