Digital ecosystems are going through a period of change due to the advancement in technologies such as Internet of Things (IoT) as well as proliferation of less expensive hardware sensors. Through this chapter, we present current emerging trends in IoT in different industry sectors as well as discuss the key privacy challenges impeding the growth of IoT to reach its potential in the smart home context. The majority of the existing literature on IoT smart home platforms focuses on functionalities provided by smarter connected devices; however, it does not address the concerns from a consumer’s viewpoint. Thus, the key questions are: What are the privacy concerns related to IoT, particularly from a “smart home device” consumer viewpoint? What are the existing remedial approaches for privacy management? This chapter proposes a framework to assist smart home user and IoT device manufacturer to make informed privacy management decisions. The findings of this research intend to help practitioners and researchers interested in the privacy of IoT-enabled smart systems.
- smart sensors
- data governance
In last few years, we have observed a growing interest in IoT applications, which are being developed for the industries and ecosystems such as healthcare, smart home, manufacturing and agriculture ecosystems . Presently, it is anticipated that there are about 16 billion IoT units installed worldwide generating vast amount of data. According to forecast reports from Frost and Sullivan, the number of interconnected objects is expected to increase above 60 billion by 2024 . Aggregated data collected from different sensors are being used by organizations increasingly to gain data-driven business insights.
The growth of IoT has been possible due to the advancement of technologies like cheaper hardware sensors, ipv6, wireless coverage, smartphones and processing power of CPU . While the use of IoT worldwide has been high, the maturity level of the solutions using this technology is varied. In this chapter, we highlight the various components making up IoT, evolution of IoT and the concerns related to privacy. We particularly focus on the IoT uses in the smart home context.
IoT ecosystem stands on the building blocks of multiple underlying technologies such as sensing (sensors and actuators), connectivity (mobile), analytics and computing. A typical IoT ecosystem involves the following stages .
Things are fitted with electronics, software, actuators and sensors. They can be battery operated, electricity powered or use RFID transponders. Things collect raw data from the environments. Each thing has a unique identifiable address and of varying computational capability and complexity.
Data collected from things are processed by applications.
Using various connectivity technologies such as Wi-Fi, Zigbee, NFC, Bluetooth, cellular (2G/3G/4G/5G) and low-powered WAN, data are transmitted.
Applications collect data in real time from different things to store, process and analyze in computing platforms.
Insights are derived from the collated data using robust analytics enabling informed business decisions to be taken involving process and people.
The term “Internet of Things” was officially introduced in 1998–1999 by Kevin Ashton of automatic identification center (Auto-Id) at Massachusetts Institute of technology (MIT). Kevin suggested that Internet-connected RFID technologies can be used in supply chains to keep track of items without human involvement . The philosophy of IoT further gained momentum in 2005, thanks to the formal acceptance of IoT in a world summit on information society (WSIS) in Tunisia . However, the concept of IoT applications can be traced back to 1982 when one of the first attempts of an IoT application was developed at Carnegie Mellon University. The Internet-connected coke machine was able to report the drinks contained and whether the drinks were cold  (Table 1).
|1831||Faraday: Electromagnetic induction|
|1873||Maxwell: Theory of electromagnetism|
|1887||Hertz: Radio waves|
|1895||Marconi: Radio telegraph|
|1907||First public use of radio|
|1911||First mobile transmitter (Zeppelin)|
|1915||First wireless voice transmission|
|1927||First car radio|
|1928||First TV broadcast|
|1933||First mobile phone (Germany, in-car)|
|1950s||UNIVAC(UNIVersal Automatic Computer) Ia mainframe|
|1958||First hand-held mobile phone|
|1961||Cloud computing precursor (John McCarthy)|
|1969||Internet precursor (ARPANET)|
|1973||1G cellular mobile (NTT, Japan)|
|1981||First wireless IoT connection(Coke machine, GSM)|
|1988/89||World Wide Web|
|1990||2G cellular mobile (GSM)|
|1994||Wi-Fi (CSIRO, IEEE)|
|1997||3G cellular mobile (UMTS)|
|1998||4G cellular mobile (LTE)|
|1999||IoT term coined|
|2005||United Nations mention IoT|
|2008||5G cellular mobile|
|2008||Cloud computing term coined|
|2012||Cisco introduces fog computing|
|2020||Industry expects 20 billion IoT devices worldwide|
IoT has produced a number of sophisticated solutions that are growing in popularity among businesses. Many sectors have already graduated to this technology, and are putting IoT to use for digitizing their daily activities. The prominent adapters of IoT are Smart City, Retail, and Manufacturing. Some of the most notable applications rolled out in the marketplace are given in Table 2.
|Smart City||Smartbin offers Smart Waste Monitoring through Smart Sensors & Route Optimization Technologies .|
|Transport||Spanish train operator RENFE uses Siemens’ high-speed train and monitors train developing abnormal patterns and sends them back for inspection to prevent failure on the track .|
|Agriculture||Semios uses sensors and machine vision technology to track pest populations in orchards, vineyards, and other agricultural settings |
|Financial Sector||Progressive Insurance uses Snapshot to determine Insurance premium for car drivers .|
|Healthcare||Abilify MyCite (aripiprazole tablets with sensor) has an ingestible sensor embedded in the pill that records that the medication was taken .|
|Government||US municipality has implemented smart meter monitoring for the entire town’s residential and commercial water meters. The project involved placing water meter sensors on 66,000 devices that used to be manually read and recorded .|
|Utility||US oil and gas company is optimizing oilfield production with the Internet of Things. In this IoT example, the company is using sensors to measure oil extraction rates, temperatures, well pressure and more for 21,000 wells .|
|Environment||Autonomous sailboats and watercraft are already patrolling the oceans carrying sophisticated sensor instruments, collecting data on changes in Arctic ice .|
Although, there is a growing interest in IoT applications in different industry sectors, challenges in adoption exist. The key questions are: What are the privacy concerns related to IoT, particularly from a “smart home device” consumer viewpoint? What are the existing remedial approaches for privacy management? This chapter aims to address the above-mentioned questions. The remainder of this chapter is organized as follows. Section 2 presents various privacy concerns of IoT before proposing a novel framework to address IoT concerns from a consumer’s perspective in Section 3. This is followed by an initial validation of the framework in Section 4 before we draw conclusions in Section 5.
2. Review of privacy literature with specific IoT focus
Privacy is defined by Clarke as the attention that individuals have in sustaining a personal space, free from interference by other people and organizations . An intrinsic part of privacy issue is the exposure of sensitive data such as Personal Identifiable Information (PII) to non-intended recipients. Personal Identifiable Information (PII) comprises of details such as title, first name, last name, date of birth, address, and phone number, constituting some of the sensitive personal information (SPI). In addition, financial and health details and the geophysical location of an IoT user are also considered as sensitive information.
Internet of Things devices may collect data including sensitive data and store the data for further use for commercial purposes. It comprises of several stakeholders such as customer whose PII is collected; manufacturers who develop the sensors and other networking components and third parties who create IoT mobile apps or use the data for commercial advantage. According to McKinsey global report from 2015 , consumers are cautious about embracing IoT-based systems, particularly due to lack of privacy and the data at risk. OECD reported  that privacy incidents are growing in both number and sophistication. Similar concerns are expressed by several academic articles which suggest lack of privacy including unauthorized surveillance or eavesdropping  as a major concern for individuals.
Some researchers or practitioners confuse privacy with security. While security deals with the management of controlling who can access information, privacy is predominantly focused on granular control of what data can be collected, who can access what, when they can access specific data, and how long the data should be retained.
Protecting user’s privacy comprises of technical, human and legal aspects. Other relevant aspects can also be considered.
2.1 Potential scenarios of privacy violation in smart home
Smart home segment comprises of connected appliances like TV set, thermostat, refrigerator, oven, home security, self-guided vacuum cleaners, cleaning and maintenance devices. Additionally, cameras, motion sensors and light sensors also collect data. Most of these data contain private and/or sensitive information such as locations, addresses, pictures and network access information. The data can be accessible to device manufacturer, mobile application owner, third-party vendors or public depending on use cases. There are several scenarios involving data collection such as:
Movement of individuals (unauthorized surveillance) using motion sensors, camera and GPS tracker.
Monitoring of actions of customers.
Sharing of health data publicly from wearable devices or implantable devices such as Abilify MyCite, and Bluetooth-enabled oximeter .
Sharing of data (e.g., financial, health, PII, Payment Card Information and geophysical data) to third party without explicit consent .
Search query of user shows his preference traits (Figure 1).
There are very few contributions that address privacy in the context of smart home . While several studies conducted surveys and interviews with IoT end user consumers to investigate the factors affecting privacy including data processing and information risk , none proposed a feasible solution to fix them.
2.2 Legal aspects of privacy in IoT era
Government organizations are taking significant interest in IoT security, privacy and interoperability from legal aspects. This is in alignment with the studies which advocated further collaboration and dialogs between the regulators and manufacturers of IoT devices to develop appropriate methods to tackle the relevant problems . From regulatory perspective, some of the most important legislative requirements are HIPAA for healthcare, MA risk for supply chain management, California’s Senate Bill 327, IoT Cybersecurity Improvement Act of 2017 and General Data Protection Regulation (GDPR).
Data privacy requirements are complex and differ by jurisdictions in regard to the definition of data and the relevant laws/regulations. In Europe, GDPR was introduced on May 25, 2018. GDPR is a new regulation approved by EU parliament, Council and European Commission. It aims to safeguard the personal data rights of EU citizens and residents in this era of new technological advancements. As per GDPR, organizations are required to
Get explicit and affirmative consent before processing personal data. This includes financial, economic and health data and online information.
Notify within 72 hours to the regulator and individual about any data breaches.
Facilitate customers and employees’ right to the removal of data from their system.
Give the right of portability, and increased right of access and right to be forgotten by customer.
Maintain records of processing activities.
GDPR non-compliance instances may incur penalties up to 2–4% of global revenue or 20 million Euros  to organizations based on the infringement. GDPR applies to any company, irrespective of their geographic location, that offers goods and services to European citizens and handles their data including IoT ecosystem-generated data.
In USA, California Senate Bill 327  was introduced recently which allows the State of California ability to bring enforcement complaints against those companies that do not build adequate security safeguards into their Internet-connected IoT devices . It provides the state the right to hold IoT device makers more accountable for consumer’s data security. IoT Cybersecurity Improvement Act of 2017  requires: (i) that IoT devices are patchable, (ii) that devices do not contain known vulnerabilities, (iii) that devices rely on standard protocols, (iv) that devices do not contain hard-coded password and (v) technical aspects of privacy in IoT era.
At present, different privacy-enhancing technologies (PETs) exist to protect privacy. Prevention, by means of access restrictions, is an effective way to safeguard customer privacy. In , the authors put forward a concept of using access control list (ACL) and data classification model, to classify data according to its sensitivity and assign tag value to each category. In , the authors presented the idea of using Certification Authority (CA)-based encryption to confirm the authenticity of sensor. Some authors argue that it adds overheads and hence it cannot be used as a viable solution. Instead, they proposed incorporating a chaos-based cryptographic scheme and Message Authentication Codes (MAC) for data transmission. In a recent research, authors from IT service firm Tata Consultancy Services recommended that the IoT stakeholders can adopt Preventive Privacy (3P) Framework  in order to build trust and confidence among end users.
Privacy by Design (PbD) is defined as another popular approach that enables privacy to be “built in” to the design of the information systems and business processes, ensuring that privacy is considered before, and throughout, the development and implementation of all initiatives that involve personal information . Dr. Ann Cavoukian first proposed it in Canada in the 1990s. PbD is one of the highly recommended approaches to protect individual’s privacy [31, 33] concerns in IoT. Unfortunately, even though the USA Federal Trade commission (FTC) and the European Commission accepted PbD to be effective , not all manufacturers consider PbD when developing IoT devices and applications.
2.3 People aspects of privacy in IoT era
According to a survey conducted by Cisco in 2017, “human factors” such as organization, culture and leadership contributed to the success of IoT implementations 75% of the time—which was higher than technical aspects . A number of stakeholders are involved in IoT digital ecosystem such as the end users, product suppliers, Internet service providers, cloud storage functionalities and retailers. As mentioned earlier, a significant aspect of the value of IoT for consumers refers to: aggregating data collected from many source systems, generating new knowledge and making fact-based choices. The utilization of data to add value is best explained by the well-known DIKW hierarchy from Ackoff . DIKW is a four-layer hierarchy comprising of data, information, knowledge and wisdom where each layer adds certain characteristics over and above the previous one. Table 3 shows DIKW in an IoT context.
|Data||Most basic level of facts. Collected from things and used for storage and processing.|
|Information||Computing platform adds context to data (who, what, where, when) ingested.|
|Knowledge||This layer answers the question on how data are used. Analytics is applied in computing platform.|
|Wisdom||Evaluated understanding of when and why data are used|
3. Consumer-centric approach
While IoT organizations are aware of the need for adopting PET and incorporating PbD, there is little guidance available on how to do so. Though there are PbD-driven frameworks available , no concrete solutions to establish auditing mechanism or control method systems have been developed (Table 4).
|Awareness omni channels||Research + solution purchase||Use + feedback|
The lifecycle of an IoT service or product is shown in Figure 2.
Figure 3 summarizes: what can be done, at the minimal level, by consumer to safeguard his/her privacy. This provides the basis for the further development of an IoT privacy tool or framework, which can address the concerns of the consumer [31, 40, 41, 42, 43, 44, 45] compiled in Table 5.
|Consumer questions||Risk factors|
|Who has access to the data? Will third parties have access to the data? What information can be inferred from the data?||Unacceptable usage of data without consent such as spamming|
|Will my data be shared outside my country?||Data sovereignty constraints|
|How will I be informed in case my data are compromised?||Data detection and notification of breach|
|Are there any known breaches or vulnerabilities about this device?||Outdated Firmware|
|What happens when I stop using the product or service?||De-authorization|
|Can my location be tracked from data?||Unveiling of physical address|
|What can I do if my PII is compromised?||Password renewal|
|How can I rectify my data?||Outdated information|
|Can I get a copy of my data or access my data?||Portability|
|Can I ask you to remove my digital footprint captured by the IoT service?||Unaligned data erasure|
4. Proposed framework
As mentioned in earlier section, the existing frameworks are relevant primarily for thing manufacturer and do not involve end thing consumers. Through this chapter, we seek to provide answers to the questions mentioned in Table 5 by leveraging a four-phased data governance-driven 4I framework (Identify, Insulate, Inspect and Improve). The Identify phase of the 4I framework (Figure 4) comprises of seven key dimensions such as risk, compliance, policy, process, people, data asset and technology (Table 6).
Identify stage or phase refers to the key risks, requirements and context. Insulate stage refers to the precautionary measures taken to prevent lapses using technologies and non-technical risk remediation techniques. Inspect stage contains the essential toolkits such as maturity models, audit mechanisms, software agents required to continuously monitor, report and assess the IoT Data Governance Maturity from risk and value perspectives. The final stage focuses on continuous improvement.
4.1 The 4I framework applied to privacy context
For example, the smart refrigerator can track our food preferences, search and order food from online stores . Various traits of the fridge owners’ eating behaviors can be inferred based on the search queries. If these data are sent to third-party business, they can use the information for the purpose of undesirable targeted advertisements. This can lead to the potential breach of privacy violating regulatory laws if explicit consent was not obtained from the consumer (Figure 5).
Figure 7 shows a screen where smart fridge user can setup who can access the data.
With the above settings, smart fridge can send data to cloud if
Device has latest firmware updates. This can be verified from Firmware update version captured periodically from Vendor Website by the agent installed in the router
Intended address to push data in the packet states matches external host IP address
Consent is set to “Yes”
Reverse Proxy is enabled. This will ensure even if the ISP or business gets IP address, it will not be accurate.
Listing 1 shows the Pseudo code of the agent.
|Risk||Risk dimension comprises of the factors that influence both the IoT end user and thing manufacturer. It includes attributes such as lack of consent data breach, legal penalties, service level agreement violation, and lack of upgradability, interoperability and security [20, 41, 48, 49].|
|Compliance||Includes legal requirements (e.g., user consent), controls and baselines to be operationally compliant. There are a number of regulations such as SOX, GDPR, SPAM Act, Australian APP Privacy law, HIPPA and COPPA which are relevant for IoT .|
|Policy, standards and principles||This dimension spans the lifecycle from inception to deletion of data including items such as data sharing, acceptable use of data, data classification and storing rules. A well-defined and enforced governance providing the structure that works for the benefit of everyone concerned by ensuring that the IoT stakeholders adhere to accepted ethical standards [44, 51].|
|Data asset||Describes the benefit of the data and the salient features of the data [52, 53].|
|Process||Defines how various interfaces and functionalities are to deliver a functioning and solution .|
|People||The different stakeholders and their accountability in the IoT ecosystem such as consumer, ombudsman, policy maker, IoT thing manufacturer, IoT cloud provider, Internet service provider and the IoT service operators. People dimension also includes leadership and organization structures [55, 56].|
|Technology||This dimension includes hardware infrastructure, platforms and software agents that notify potential compliance violation through monitoring and workflows [34, 53].|
Di - > device_
Rij - > rule j for device Di
For each Di in domain D
For each rule Rij
If substring(Pi)- = Rij.
Send SMS/email to user
Stop polling Di
|Di is the set of all smart IoT devices in a “Smart Home” and Di ⊂ D|
Rij is the ruleset j applied to Device Di before it leaves home network
Pi is the packet send by Di to the router.
The Inspection phase comprises of performing audit reviews periodically to assure the compliance of the process, systems and data flow. The Inspect phase can comprise of automated data quality checks and data access log monitoring. In the Improve phase, continuous improvement is done to ensure the continuous adaptation in response to changing data privacy requirements and landscape. For example, improving the agent to ensure software is not only patched to current version, but also data are secured using tokenization techniques  can be an outcome of this final phase of the 4I framework.
IoT’s business growth potential is undeniable. Advancement in IoT has opened up new prospects for growth in the diversified areas such as health, energy, transport and smart home. In this chapter, we provided an overview of the IoT technology and real-life examples of usage of this technology. Next, we discussed the privacy problems in IoT from a consumer’s perspective. A review of the related work was presented along with research gaps. Next, we proposed and provided an overview of a data governance-driven 4I framework. Finally, we provided the pseudocode and demonstrated the applicability of the 4I framework to address the privacy concerns in a smart home refrigerator context. This involved the policies, rules and configurations using time-tested data governance principles. In future, we intend to further test and improve the 4I framework in the overall context of data governance in digital ecosystem.
This research is supported by an Australian Government Research Training Program Scholarship.
Conflict of interest
There is no conflict of interest.