The idea behind the Internet of Things (IoT) is that everyday objects can connect to each other and exchange data via the Internet. Even the smallest components, such as sensors for measuring temperature, angle of inclination or acceleration can send information or accept commands via the network. Current and future systems are based on the Internet protocol and will probably soon include ipv6 support. They transmit data in an open and well-known format. Depending on the application, data will most likely be transmitted via public networks. This means that data is in principle open to everyone who is connected to the network. Subject to the type of data the consequences range from unpleasant to catastrophic, which is why confidentiality must be protected and safeguarded. There are many ways of achieving this, especially through encryption.
In October 2015, the European Court of Justice (ECJ) declared the Safe Harbor Agreement for transferring data to the USA invalid. The decision was based on a lawsuit filed by the Austrian, Maximilian Schrems, who claimed that the data storage practices of Facebook in the USA did not conform to European data protection legislation. After the ECJ upheld the Schrems case, many international companies faced an upheaval to their existing data transfer practices. At the end of the interim period on February 1, they were no longer permitted to share personal data including names, addresses and credit card numbers with subsidiaries in the USA. In principle, this decision could affect all kinds of companies – not just social media platforms such as Facebook or Twitter, but entire sectors including ecommerce and cloud computing. Violations of data protection legislation can incur financial penalties of up to EUR 300,000.