Proliferation of data processing and data storage devices in the Internet of Things poses significant privacy risks. At the same time, faster and faster use-cycles and obsolescence of devices with electronic components causes environmental problems. Some of the solutions to the environmental challenges of e-waste include mandatory recycling schemes as well as informal second hand markets. However, the data security and privacy implications of these green policies are as yet badly understood. This paper argues that based on the experience with second hand markets in desktop computers, it is very likely that data that was legitimately collected under the household exception of the Data Protection Directive will “leak” into public spheres. Operators of large recycling schemes may find themselves inadvertently and unknowingly to be data controller for the purpose of Data Protection law, private resale of electronic devices can expose the prior owner to significant privacy risks.
- Data protection
- Environmental protection