Perera, C., Ranjan, R., Wang, L., Khan, S. U., & Zomaya, A. Y. (2015). Privacy of big data in the internet of things era. IEEE IT Special Issue Internet of Anything, 6.
The authors note an objective of IoT is to collect data, and whether that is stored locally or in the cloud, privacy
Notes definition of Big Data in terms of Volume, Variety and Velocity (3Vs), much of the data will be personal, and 60% of Internet users are aware of privacy issues and 85% want more control. But users are willing to give up privacy in exchange for value. Authors suggest that in the future, IoT consumers will be offered two models: (1) give up privacy in exchange for service, or (2) pay a fee to obtain service and retain privacy. Services need to obtain consent but regarding social media privacy policies “most of the users underestimate the authorization given to the third party applications” – in other words, people are giving up more privacy than they realize. Related issue: can users migrate their own data from one service provider to another? And, seldom are we anonymous on the Internet due to modern tracking capabilities. Notes issues with security and lack of updates/patches to IoT devices.
Paper recommends that manufacturers take privacy and security seriously, provide options to enable and disable data collection, limit the transmission of data to the cloud – and then there is the issue of 3rd party application developers and what they build on top of these platforms. While we think of IoT sensors in terms of consumers, in many cases, consumers may not have control, such as the use of IoT sensors in apartments and businesses.
Authors mention several sensors as a service models, including OpenIT, Lab of Things (LoT), Hub of All Things (HAT), Xively and Datacoup.