Increasingly, we are seeing Internet of Things (IoT) devices aimed at consumers. Network capabilities are being embedded in a host of household items, including televisions, cameras, speakers, kitchen appliances, toys and doorbells. These devices often passively collect data, including user behaviour, interactions with a device or through sensors producing information on the world around them.
However, there is often little visibility over the nature of the data being captured by these devices. Organisations aren’t clear on where that data goes or how it is used. This has privacy and data protection implications, particularly as IoT devices become increasingly part of everyday life.
The Compliant & Accountable Systems Group, at Department of Computer Science and Technology, University of Cambridge, in collaboration with the Dyson School of Design Engineering, Imperial College London ran a grants programme-funded project to analyse the data flows of these IoT devices. Their project looked at IoT devices and their compliance with data protection law, particularly around rights of access and data portability.
You can read the final project report on the team’s website: Transparency in the consumer Internet of Things.
If you'd like more information, please contact the ICO's grants programme.