Viewpoint | Personal Data and the Internet of Things: It is time to care about digital provenance

The Internet of Things promises a connected environment reacting to and addressing our every need, but based on the assumption that all of our movements and words can be recorded and analysed to achieve this end. Ubiquitous surveillance is also a precondition for most dystopian societies, both real and fictional. How our personal data is processed and consumed in an ever more connected world must imperatively be made transparent, and more effective technical solutions than those currently on offer, to manage personal data must urgently be investigated.Comment: 3 pages, 0 figures, preprint for Communication of the AC

Emerging privacy challenges and approaches in CAV systems

The growth of Internet-connected devices, Internet-enabled services and Internet of Things systems continues at a rapid pace, and their application to transport systems is heralded as game-changing. Numerous developing CAV (Connected and Autonomous Vehicle) functions, such as traffic planning, optimisation, management, safety-critical and cooperative autonomous driving applications, rely on data from various sources. The efficacy of these functions is highly dependent on the dimensionality, amount and accuracy of the data being shared. It holds, in general, that the greater the amount of data available, the greater the efficacy of the function. However, much of this data is privacy-sensitive, including personal, commercial and research data. Location data and its correlation with identity and temporal data can help infer other personal information, such as home/work locations, age, job, behavioural features, habits, social relationships. This work categorises the emerging privacy challenges and solutions for CAV systems and identifies the knowledge gap for future research, which will minimise and mitigate privacy concerns without hampering the efficacy of the functions

Semi-autonomous, context-aware, agent using behaviour modelling and reputation systems to authorize data operation in the Internet of Things

In this paper we address the issue of gathering the "informed consent" of an end user in the Internet of Things. We start by evaluating the legal importance and some of the problems linked with this notion of informed consent in the specific context of the Internet of Things. From this assessment we propose an approach based on a semi-autonomous, rule based agent that centralize all authorization decisions on the personal data of a user and that is able to take decision on his behalf. We complete this initial agent by integrating context-awareness, behavior modeling and community based reputation system in the algorithm of the agent. The resulting system is a "smart" application, the "privacy butler" that can handle data operations on behalf of the end-user while keeping the user in control. We finally discuss some of the potential problems and improvements of the system.Comment: This work is currently supported by the BUTLER Project co-financed under the 7th framework program of the European Commission. published in Internet of Things (WF-IoT), 2014 IEEE World Forum, 6-8 March 2014, Seoul, P411-416, DOI: 10.1109/WF-IoT.2014.6803201, INSPEC: 1425565

The value of our personal data in the Big Data and the Internet of all Things Era

The fourth industrial revolution, in which we transit, is preceded by a digital economy based fundamentally on information. And although estimates have been made on whether the data moving in the digital economy flow are from sensors or machines or come from each of us, one thing is certain, all information has a monetary value. Within this flow of information are our personal data. Every moment that we use an electronic device we leave behind vestiges of our life, which are collected by the machines to generate value to the companies. In this way our information is subject to market rules, supply and demand. We have become intangible beings, mercantilized, giving our bodies of data to the science, innovation and technological development. With the use of technologies such as Big Data and IoT, more information less is better. The speed with which our information is collected and treated as well as commercialized is undermining confidence in the digital market. Concern about the misuse of our personal data, or about the information we know about us, raises fundamental questions about privacy, ownership of information and human rights. The question of who should benefit from products and services based on digital data (generated by users) are the main uncertainties that shape the digital market opportunities. But, how can we measure trust in companies if we are not aware of the value our personal information has in the digital economy? What is the value that, as headlines, we give to our personal data? Perhaps therein lies the problem of allowing others to have power over our information. To promote the digital market and trust in it, we need to know the value of our information. Becoming aware of the fact and consequences of collecting our data, as well as its monetary value and importance in the digital economy, is the first beneficial step towards the empowerment of our informatio

A Study of the Advances in IoT Security

The Internet-of-things (IoT) holds a lot of benefits to our lives by removing menial tasks and improving efficiency of everyday objects. You are trusting your personal data and device control to the manufactures and you may not be aware of how much risk your putting your privacy at by sending your data over the internet. The internet-of-things may not be as secure as you think when the devices used are constrained by a lot of variables which attackers can exploit to gain access to your data / device and anything they connected to and as the internet-of-things is all about connecting devices together one weak point can be all it takes to gain full access. In this paper we have a look at the current advances in IoT security and the most efficient methods to protect IoT devices

Data Privacy-AES Using Secure Hashing

Securing personal data in the public spaces is something to worry about, in particular, the privacy and the confidentiality. The Internet of Things (IoT) will be widespread all over the network to connect devices and the people through the Internet. However, maintaining privacy in public places has become a difficult task in the day-to-day life. This work is mainly concerned about the privacy and the confidentiality of the personal data in the public places

The Internet of Everything

In the era before IoT, the world wide web, internet, web 2.0 and social media made people’s lives comfortable by providing web services and enabling access personal data irrespective of their location. Further, to save time and improve efficiency, there is a need for machine to machine communication, automation, smart computing and ubiquitous access to personal devices. This need gave birth to the phenomenon of Internet of Things (IoT) and further to the concept of Internet of Everything (IoE)

Tell the Smart House to Mind its Own Business!: Maintaining Privacy and Security in the Era of Smart Devices

Consumers want convenience. That convenience often comes in the form of everyday smart devices that connect to the internet and assist with daily tasks. With the advancement of technology and the “Internet of Things” in recent years, convenience is at our fingertips more than ever before. Not only do consumers want convenience, they want to trust that their product is performing the task that they purchased it for and not exposing them to danger or risk. However, due to the increasing capabilities and capacities of smart devices, consumers are less likely to realize the implications of what they are agreeing to when they purchase and begin using these products. This Note will focus on the risks associated with smart devices, using smart home devices as an illustration. These devices have the ability to collect intimate details about the layout of the home and about those who live within it. The mere collection of this personal data opens consumers up to the risk of having their private information shared with unintended recipients whether the information is being sold to a third party or accessible to a hacker. Thus, to adequately protect consumers, it is imperative that they can fully consent to their data being collected, retained, and potentially distributed. This Note examines the law that is currently in place to protect consumers who use smart devices and argues that a void ultimately leaves consumers vulnerable. Current data privacy protection in the United States centers on the self-regulatory regime of “notice and choice.” This Note highlights how the self-regulatory notice-and-choice model fails to ensure sufficient protection for consumers who use smart devices and discusses the need for greater privacy protection in the era of the emerging Internet of Things. Ultimately, this Note proposes a state-level resolution and calls upon an exemplar state to experiment with privacy protection laws to determine the best way to regulate the Internet of Things