Focus on... Camille Dubedout and smart territories

Camille Dubedout (CESICE/ANSSI) realizes her PhD about smart territories. Her thesis is co-funded by the Grenoble Alpes Data Institute in the framework of the work package 5 “Data Governance, Data Protection and Privacy”.

After a first year of master in international and European law (UQAM, Canada), Camille Dubedout specialized in cyber security through the master 2 International Security and Defense (UGA). During her internship at the National Agency for Information Systems Security (Anssi), she focused on the use of data in smart cities. She has also developed a mapping of regional and national data protection actors.

The Grenoble Alpes Data Institute and the Anssi offered her the opportunity to continue her research by co-financing her PhD at the Center for studies on international security and European cooperation (Cesice). She is the first doctoral student in law recruited by the Anssi. Her doctoral research is led by Theodore Christakis (co-director of the Grenoble Alpes Data Institute) and co-supervised by members of the regulatory framework of Digital Security.=

Entitled "Circulation, security and data governance in smart territories", her thesis proposes a new cross-disciplinary and comparative approach. It articulates the security of information systems, law and economics while comparing the cases of Lyon, Dijon, Barcelona and Copenhagen.

In France, the metropolises initiate data opening by following the example of foreign cities. These local authorities use the marketing notion of smart city to designate the aggregation of individual data in order to optimize public services like transportation or energy. However, the connection of all citizens implies a collective vulnerability and individual risks. Data security is a fundamental issue for smart territories.

From an economic point of view, the data represent multi-billion euro markets. Camille Dubedout questions how private actors appropriate data to develop new merchant uses. The notion of smart city raises the issue of data governance between citizens, public authorities and companies.

Legislators are trying to respond to these technological and socio-economic developments. The thesis identifies and analyzes regulatory texts relating to data protection: GDPR (General Data Protection Regulation), RGS (General Security Reference System), LRN (Law for a Digital Republic), NIS (Network and Information Systems) Directive. This work will allow to develop new rules ensuring the security of sensitive data transiting through and to connected objects.