The Internet of Things
Driven by the Internet, the real and virtual worlds continue to grow together to form an Internet of Things. ” (Federal Ministry of Education and Research) With all the opportunities of the 4-0 industry, the dangers must not be ignored: data protection must be adapted to the new challenges.
After the mechanization of steam and hydropower, the mass production by assembly line and electrical energy and the digitization through the use of electronics and IT, industry 4.0 represents the next milestone in the changing industry.
Brought to the public for the first time in 2011 as a high-tech strategy by the federal government, the vision of the future has continued since autumn 2013 as a “Industry 4.0” platform in the joint project of the German business associations BITKOM, VDMA and ZVEI.
Take new opportunities
The merger of information and automation technologies results in Company and industry huge opportunities. Thanks to information technologies, new service functions can be offered, production processes can be optimized more easily and faults can be remedied more quickly thanks to wireless remote maintenance. Optimal result: global competitiveness is increasing.
The networking of the entire value-added process of a company is the central aspect of a SmartFactory. For each access, for every information between machine and machine, machine and man, data are generated, made available, transmitted and stored by cable and radio technology. Basic prerequisite and necessary companion: data without end, keyword Big Data.
Uncertainties, dangers and challenges
In addition to comfort and efficiency, 4.0 also carries risks. Accompanying the networking of the plants is often underestimated. As a side of the SmartFactory, digital gateways for data gagging, industrial pioneering and cybercriminality are multiplying. Data protection must be adapted to the new challenges and the security gaps must be strictly closed.
Protection of company data
With SmartFactory, not only the volume of the data generated, but also their meaningfulness increases. Entire company networks are emerging as new value-added chains, because production and plant processes are not realized by individual companies. The processing of large amounts of data as well as the resulting new legal relationships often lead companies to contractual limits, such as are used in the risk assessment. Therefore the protection of company data should be placed in the focus.
As a logical consequence, new contractual models are necessary in order to ensure the controllability and sovereignty over the data permanently. Naturally neither flexibility nor competitiveness can be restricted.
Liability - legally and contractually relevant
The necessary exchange of sensitive data entails the risk that unauthorized third parties can gain access or that they are processed contrary to the agreement. This is the case as soon as the collected data are used for the production process, but are subsequently re-used purposefully.
Data protection requirements also arise, above all, for customer-oriented products such as those found in the Smart Home and Smart Car segments. The more complex the installed systems, the higher the likelihood of the misuse of individual areas. In these areas, it is increasingly important to take into account the self-determination and responsibility of the persons affected, ie the consumer.
Necessary reform of data protection
Wanted or unintended - Privacy is often undermined. The technical and organizational measures of data protection are often no longer realizable in practice and can no longer be represented in a process.
Access, access, access, input, availability, data separation, order and pass-through control lose their applicability and thus effect. Data protection is undermined, rising to the toothless tiger. Does Industry 4.0 lead to unwanted monitoring 4.0?
The road to industry 4.0 is lined with many challenges. The secure exchange of information and data is a central feature of all topics. The targeted networking of all relevant business, production and automation processes undoubtedly has great potential. Providers and manufacturers gain access to all data through the intelligent networking of system landscapes.
The principle of data parsimony (§ 3a BDSG), according to which only relevant and really necessary data are used, is too often not applicable. At this point, more than in all other areas of industrial society, data protection is needed.
Audits and certifications can contribute to compliance with IT, data protection and security regulations, and ensure the necessary transparency, especially in the case of order data processing.
Self-regulation and legal bases
Legislators are required, as the prevailing legal uncertainty will continue to grow, particularly in the international arena. Legal, technical, organizational and political elements must work together to resolve this problem.
The current data protection law is technically and practically overhauled. No surprise, the Bundesdatenschutzgesetz (BDSG) was intended as a temporary provisional to meet the requirements of the European Union in Brussels. Since the year 2001, a revision of the BDSG by 1995 (a report prepared by data protection experts, approx. 300-side expert opinion) is valid.
The EU Basic Data Protection Directive also does not provide a solution. Leading away from the developments and possibilities of industry 4.0, it can not withstand the demands of the modern, digital world.
Data protection through technology and not against technology
A completely new data protection law, which is based not only on the state of the art, should be worked out. As a central starting point, data protection should be determined by technology rather than by technology.
A revision of the two legal pillars of data protection must be carried out as soon as possible, in order to counteract 4.0 industry on an equal footing and to provide the best possible support to companies in the sense of data protection.
Data protection as a companion
So that it does not come to misunderstandings: privacy advocates do not want to stop the process industry 4.0 or even prevent. However, the topic and the developments should be treated with caution. Because: Imprudent, hasty procedures often bring with it difficult to correct developments.
The observance of unavoidable rules of play is a prerequisite for an adequate and sustainably effective development, whereby the current state of the art is too little suited as a gauge for appropriate laws and guidelines.
The fast-moving, digital age must be taken into account with flexibility. A plus of flexibility, speed, agility and compromise is a demanded lack of immobility and stiffness. Only in this way can the data protection be smart enough to meet the challenges of the future around industry 4.0 not toothless.
Text as PDF, book or eCourse on the topic or personal advice
Offline download: Download this text as PDF - Read usage rights, Because we do not automatically submit the title of this text for privacy reasons: When buying in "interests" the title register if support is needed. After buying text exclusively Download at this URL (please save). Or for a little more directly an entire book or eCourse with this text buy, read on.
Your eCourse on Demand: Choose your personal eCourse on this or another desired topic, As a PDF download. Up to 30 lessons with each 4 learning task + final lesson. Please enter the title under "interests". Alternatively, we are happy to put together your course for you or offer you a personal regular eMailCourse including supervision and certificate - all further information!
Consultant packages: You want to increase your reach or address applicants as an employer? For these and other topics we offer special Consultant packages (overview) - For example, a personal phone call (price is per hour).