19 Jun

Internet of Things, Artificial Intelligence, Profiling and Automated decision-making

Practical guidelines on how to identify specific data protection compliance aspects, risks and demonstrate accountability under the EU General Data Protection Regulation (GDPR) in the Internet of Things (IoT) and Automated decision-making/Artificial Intelligence domain.

Dominik Mahr, Associate Professor, School of Business and Economics, Maastricht University
Maja Brkan, Assistant Professor in EU law, Faculty of law, Maastricht University
Cosimo Monda, Director, European Centre on Privacy and Cybersecurity, Maastricht University

This module addresses data protection implications of new technologies, covering automated decision-making/AI and the Internet of Things. In times of rapid change and innovation, understanding these technological developments and their data protection and privacy implications is key for forward-looking organizations as well as for data protection professionals, who will certainly face questions on these matters rather sooner than later.

In this course data protection implications of IoT and Automated decision-making/Artificial Intelligence are specifically analysed, and practical insights on how address compliance and demonstrate accountability in such complex domain will be shared with the participants.

The following questions are addressed:

  • What is IoT and automated decision-making/AI and how does it work in practice?
  • Which are the main data protection issues and the main provisions of the GDPR?
  • How to select the most appropriate legitimate ground to process data (e.g., data subject’s consent, legitimate interest pursued by the controller or by a third party, execution of contractual obligations)?
  • How to ensure effective compliance with the purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality, accountability?
  • How to identify and effective regulate respective duties and obligations of the parties involved to assure compliance with the GDPR?
  • How to correctly comply with the duty to inform the data subjects?
  • To what extent can we speak about 'algorithmic transparency' and algorithmic accountability, given the complexity and opacity of the algorithms?
  • How to correctly identify the personal data flow/transfer outside the EU?
  • Does IoT and automated decision-making/AI triggers the obligation to conduct a DPIA?
  • How to determine the appropriate technical and organisational measures to ensure a level of security appropriate to the risk?
  • Cross-cutting reflection on how these technologies interplay with each other and other technological developments.

Also read

  • 18 Sep 31 Dec
    11:00 - 15:30

    Globalisation & Law Network Seminar Series 2024 - 2025

    The Globalisation & Law Network is composed of a group of researchers of Maastricht University, coming from different backgrounds, who study the role that law plays in a globalizing society from a holistic perspective. Invited experts will give a presentation on a specific topic followed by a Q&A...

  • 02 Oct
    11:00

    M-EPLI Talks

    M-EPLI Talks offer a forum to share academic work and ideas. These meetings take place twice a month during the academic year at the Faculty of Law of Maastricht University.

  • 09 Oct 31 Dec
    14:00 - 17:00

    ITEM/SVB Informationsessions

    The Institute for Transnational and Euregional cross border cooperation and Mobility (ITEM) and the Bureau for Belgian and German Affairs of the Social Insurance Bank (SVB) are organizing regularly information sessions.