How is the Internet of Things affected by GDPR? (Data Protection)

HowToAV talks to IoT expert (Internet of Things) - David Mudd of the British Standards Institution about how GDPR affects IoT devices and the huge amount of data being gathered by connected devices.

What is the internet of things?

The IoT (internet of things) is built on the premise that a huge amount of data will be generated and can be used/analysed for the benefit of the user, consumer, product manufacturer and network provider. Everybody wants some of it. As a result of this 'eplosion in data' there has been a need to review data privacy which has resulted in an update on GDPR (General Data Protection Act) which has now been embodied into the UK law under Data Protection Act.

What is GDPR?

GDPR (General Data Protection Act) is a current regulation on data protection and privacy for all individuals. It is applicable through Europe and in any company that supplies services into Europe, it is also now applicable by law in the UK. 

How do I adhere to GDPR?

  • Be transparent about what data is being taken/used.
  • Be clear on the legal basis of why that data has been taken and the rights you have to the data subject.
  • Be accountable for the protection of that data throughout the time that it is in your posession or pass on that position to somebody else.

If you adhere to this and embrace GDPR standards you can use this as a marketing tool. You let your customers know you value their privacy and data and are going to the trouble of ensuring that it will be secure and you know what your rights are.

What happens if I don't adhere to GDPR?

If you don't meet the guidlines set by the new GDPR you will face heavy fines. This can differentiate for businesses depending on the level of infraction. On the high end, you may need to pay up to 4 percent of your global turnover, or 20 million Euro, whichever is highest. Companies could also be fined 2 percent for not taking appropriate actions towards keeping records in order. The fine ultimately depends on the nature of the infraction.

What sort of data falls under the GDPR?

  • Name
  • Photos
  • Email address
  • Social media posts
  • Personal medical information
  • IP addresses
  • Bank details free audio visual training channelGot a question for CIE's HowToAV team?.. provides a whole host of tips, tricks and technology know-how for the professional audio visual industry.
If you have a question for our AV experts, please contact us now.
Subscribe to our YouTube channel now at for all the latest video casts or send us your questions to [email protected]


< Back