Skip to main content

Research Repository

Advanced Search

Privacy Engineering for Domestic IoT: Enabling Due Diligence

Lodge, Tom; Crabtree, Andy

Privacy Engineering for Domestic IoT: Enabling Due Diligence Thumbnail


Authors

Tom Lodge



Abstract

The EU’s General Data Protection Regulation (GDPR) has recently come into effect and insofar as IoT applications touch EU citizens or their data, developers are obliged to exercise due diligence and ensure they undertake Data Protection by Design and Default (DPbD). GDPR mandates the use of Data Protection Impact Assessments (DPIAs) as a key heuristic enabling DPbD. However, research has shown that developers generally lack the competence needed to deal effectively with legal aspects of privacy management and that the difficulties of complying with regulation are likely to grow considerably. Privacy engineering seeks to shift the focus from interpreting texts and guidelines or consulting legal experts to embedding data protection within the development process itself. There are, however, few examples in practice. We present a privacy-oriented, flow-based integrated development environment (IDE) for building domestic IoT applications. The IDE enables due diligence in a) helping developers reason about personal data during the actual in vivo construction of IoT applications; b) advises developers as to whether or not the design choices they are making occasion the need for a DPIA; and c) attaches and makes available to others (including data processors, data controllers, data protection officers, users and supervisory authorities) specific privacy-related information that has arisen during an application’s development.

Citation

Lodge, T., & Crabtree, A. (2019). Privacy Engineering for Domestic IoT: Enabling Due Diligence. Sensors, 19(20), Article 4380. https://doi.org/10.3390/s19204380

Journal Article Type Article
Acceptance Date Sep 28, 2019
Online Publication Date Oct 10, 2019
Publication Date Oct 10, 2019
Deposit Date Oct 3, 2019
Publicly Available Date Oct 10, 2019
Journal Sensors
Electronic ISSN 1424-8220
Publisher MDPI
Peer Reviewed Peer Reviewed
Volume 19
Issue 20
Article Number 4380
DOI https://doi.org/10.3390/s19204380
Keywords Electrical and Electronic Engineering; Analytical Chemistry; Atomic and Molecular Physics, and Optics; Biochemistry
Public URL https://nottingham-repository.worktribe.com/output/2742945
Publisher URL https://www.mdpi.com/1424-8220/19/20/4380
Contract Date Oct 3, 2019

Files





Downloadable Citations