The Internet of Things (IoT) can produce massive amounts of data. This data has to be transmitted, processed in some way, and then potentially stored somewhere, hopefully securely. (Pollmann, 2017) Much of this data is personal data, and some can be quite sensitive. This brings data privacy questions to the forefront. How secure is the data that is generated by IoT devices? How is it used? What happens to that data once the process is complete? IoT data privacy is key.
When considering data privacy regulations around the world, particularly those required by the EU’s General Data Protection Regulations (GDPR) that go into effect in May of 2018, the amount of data generated by the growing IoT is a pressing concern. Both developers and consumers of IoT devices will be held responsible for their use of personal data.
Questions to Consider for IoT Data Privacy
Some of the questions that IoT developers and consumers need to consider:
- What personal data does my IoT device collect about others?
- Where is that data sent?
- How is the data used?
- Is all of the data collected used, or is there information the device should not collect?
- Does anyone else have access to the data?
- Where is the data ultimately stored?
- How long is the data kept?
- Do we need to build in an expiration time frame for data storage?
- How secure is that data during transfer and storage?
- How will consumers be notified if there is a data breach?
The fines for non-compliance with personal data regulations can be millions of dollars/euros, so it is essential that IoT device manufacturers, as well as those that use them, take the time to understand these regulations, and then consult with attorneys on an approach to personal data use, transfer, and storage. IoT data privacy needs to be built into these devices from the ground up, so that personal information remains secure.
Is your organization developing IoT devices? How do you take IoT data privacy into account? Please share your thoughts and experiences in the comments.
And to learn more about the Internet of Things, check out IEEE Guide to the Internet of Things. This course program will provides the foundation that you need to understand the Internet of Things and some of its industry applications.
References
Pollmann, M. (2017, September 25) IoT data is growing fast, and security remains the biggest hurdle. IoT Agenda.
[…] secure in order to protect consumers, governments, and organizations alike, while complying with international data privacy regulations. Whether that is done through government regulation or industry self-regulation remains to be seen. […]
[…] with little to no regard for security, yet they process and transmit a significant amount of personal data, making them a big target for hackers. As hackers become more sophisticated and hacks become more […]
[…] is data storage. Without artificial intelligence, we could be incurring the costs of storing and securing massive amounts of data that is essentially meaningless. It is much more efficient to use […]
[…] information can leave you feeling a bit unsettled. Especially in the wake of Facebook’s recent privacy […]
[…] such as demographic information, set on field devices. In this use case, edge computing can help protect user privacy by anonymizing, analyzing, and keeping the data at the source rather than sending identifiable […]
[…] data provided by IoT devices is certainly valuable to companies, it’s crucial to understand how the data is stored over time— and what consequences could come from a security […]