# Data Protection by Design for Cybersecurity Systems in a Smart Home   Environment

**Authors:** Olga Gkotsopoulou, Elisavet Charalambous, Konstantinos Limniotis, Paul, Quinn, Dimitris Kavallieros, Gohar Sargsyan, Stavros Shiaeles, Nicholas, Kolokotronis

arXiv: 1903.10778 · 2019-03-27

## TL;DR

This paper explores how Data Protection by Design principles are integrated into cybersecurity systems for smart homes, combining legal requirements with technical solutions within an IoT cybersecurity platform.

## Contribution

It provides a framework for implementing Data Protection by Design in smart home cybersecurity systems, bridging legal and technical perspectives in an interdisciplinary approach.

## Key findings

- Legal and technical requirements are aligned for DPbD implementation.
- Technical solutions are developed based on legal principles.
- Trade-offs between security, privacy, and technical limitations are discussed.

## Abstract

The present paper deals with the elucidation and implementation of the Data Protection by Design (DPbD) principle as recently introduced in the European Union data protection law, specifically with regards to cybersecurity systems in a Smart Home environment, both from a legal and a technical perspective. Starting point constitutes the research conducted in the Cyber-Trust project, which endeavours the development of an innovative and customisable cybersecurity platform for cyber-threat intelligence gathering, detection and mitigation within the Internet of Things ecosystem. During the course of the paper, the requirements of DPbD with regards to the conceptualisation, design and actual development of the system are presented as prescribed in law. These requirements are then translated into technical solutions, as envisaged in the Cyber-Trust system. For trade-offs are not foreign to the DPbD context, technical limitations and legal challenges are also discussed in this interdisciplinary dialogue.

---
Source: https://tomesphere.com/paper/1903.10778