33
ISSUES: Privacy
Chapter 3: The Internet of Things
Privacy regulators’ study finds ‘Internet of
Things’ shortfalls
S
ix in ten ‘Internet of Things’ devices don’t properly
tell customers how their personal information is
being used, an international study has found.
The study, by 25 data protection regulators around the
world, looked at devices like smart electricity meters,
Internet-connected thermostats and watches that monitor
health, considering how well companies communicate
privacy matters to their customers.
The report showed:
Ö
Ö
59 per cent of devices failed to adequately explain
to customers how their personal information was
collected, used and disclosed;
Ö
Ö
68 per cent failed to properly explain how information
was stored;
Ö
Ö
72 per cent failed to explain how customers could
delete their information off the device and
Ö
Ö
38 per cent failed to include easily identifiable contact
details if customers had privacy concerns.
Concerns were also raised around medical devices that sent
reports back to GPs via unencrypted email.
The data protection authorities looked at more than 300
devices. Authorities will now consider action against any
devices or services thought to have been breaking data
protection laws.
Theworkwas coordinatedby theGlobal Privacy Enforcement
Network, and follows previous reports on online services for
children, website privacy policies and mobile phone apps.
The action is being led by the Information Commissioner’s
Office (ICO) in the UK. Steve Eckersley, ICO Head of
Enforcement, said:
“This technology can improve our homes, our health and
our happiness. But that shouldn’t be at the cost of our
privacy. Companies making these devices need to be clear
how they’re protecting customers. We would encourage
companies to properly consider the privacy impact on
individuals before they go to market with their product and
services. If consumers are nervous that devices aren’t using
their data safely and sensibly, then they won’t use them.
“By looking at this internationally, we’ve been able to get
an excellent overview on this topic. We’ll now be building
on that, working with the industry and looking specifically
at companies who might not have done enough to comply
with the law.”
22 September 2016
Ö
Ö
The above information is reprinted with kind permission
from the Information Commissioner’s Office. Please visit
for further information.
© Information Commissioner’s Office 2017
