Expert opinion april 2016
The collected data is generally stored in the cloud and sometimes on the smart device itself.
Data Privacy in IoT: Utopia or reality?
There is clearly a massive gulf between consumer awareness and current industry practices with regards to personal data. To be more concrete let’s give the definition of personal data: it is ”any information relating to an identified or identifiable natural person […]; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity”. Thus, this personal information stems from all connected devices. Typical examples include habits gathered from home security automation systems, locations saved from geo-location techniques linked to a telephone terminal or the company car and physical conditions amassed from medical devices.
Lack of measures to protect personal data will result in decreased user acceptance and therefore is one of the driven factors in the success of the IoT.
Data privacy issue can be alleviated by encrypting the data and thus protecting its integrity and confidentiality.The challenge in data encryption lies in enabling different devices to jointly store and run computations on data while keeping it completely private. This inter-device communication requires the solution to handle a multi-party key management system in order to allow the data encryption/decryption only for the authorized entity.
In other respects, blockchains guarantee transparency of transactions and generate an irrefutable record of activities, providing a reinforcement of strong authentication. Thus, it allow data base to store sensitive data without risking exposure to malicious parties, thereby enabling an autonomous control of personal data.
What if providing data privacy in IoT issue’s solution were hidden behind blockchain investigation? The response will be unveiled in the next few years…
Consumer Perceptions of Privacy in the Internet of Things, Altimeter Group, 2015Base: n=2062 respondents
EU. Directive 95/46/ec of the european parliament and of the council of 24 october 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities, (L. 281), November 1995. http://europa.eu.int/eur-lex/en/consleg/main/1995/ en_1995L0046_index.html