Smart-home study weighs the privacy risks involved

Martin Kraemer and William Seymour at the University of Oxford report on an ICO-funded research project investigating how ‘smart’ doesn’t have to mean invasive.

Studies and media reports about smart home technologies and smartphone apps show that consumers have little awareness of the information they expose to companies, advertisers, and other cohabitants when they use these services. These thought processes of how devices (and the information economy more generally) work can leave users feeling exploited and powerless. At the same time, a lack of awareness about the data protection rights afforded to individuals – such as those under the GDPR –
helps perpetuate the status quo.

The GDPR also introduces the concept of “data protection by design and by default” (DPbD) as a legal obligation for data controllers. In practice an extension of the existing privacy-bydesign paradigm, this new requirement is supported by a growing body of DPbD guidelines and methodologies such as those provided by the ICO. As with any change to the regulatory landscape, this presents complex challenges from a product design and development perspective that companies will need time to adapt to.

UK Report subscribers please login to access the full article.

If you wish to subscribe please see our subscription information.