According to a report conducted by Ofcom, UK’s communications regulator, the Internet of Things will aggravate the existing difficulties of companies in data privacy laws compliance. This is supported by the telecommunications regulator WIK-consult, which reviewed the effectiveness of informing consumers about using their data and securing their consent and engagement. The review showed an unpleasant disconnection between the need to obtain informed consent and the fact that consumers do not read privacy policies. WIK-consult believes that there is no solution to address the disconnection, and that the problem will only get worse as more data flows freely and more devices gets connected.
On the other hand, the telecommunications regulator also said that the increase in connected devices multiplies the analyzable and accessible data, which makes online tracking of the data become seamless. WIK-consult also believes that data gathering, analysis and aggregation will become more subtle. With consumers having less opportunity to learn about data-gathering devices, some may not be aware that their devices are actually connected to the Internet. Consequently, the evolution towards the Internet of Things will aggravate the issues in connectivity. How? As more complex contractual relationships increase in number, privacy policies will become longer to read and harder to understand.
How can we address this issue? According to WIK-consult, companies should make their privacy policies more transparent by pointing out exactly who interacts with the data, how and when. But in the Internet of Things concept, this can be challenging and detrimental to the understanding of consumers. So companies might also need to rethink how they will explain to consumers the way personal data could be used, especially when connected devices feature very small screens to no screens at all. Although unlikely to work, consumers can also be prompted to consider the benefits and implications of enabling the processing of their personal data.
Thankfully, Ofcom promises to use its findings to help companies identify solutions for data privacy issues in the Internet of Things. It pledges involvement in developing a set of principles in sharing data within the IoT. As what European Data Protection Supervisor Giovanni Buttarelli said, “In order to protect our fundamental rights in a world of big data, we need to defend our data protection principles.”