The Proactive and Preventive Privacy (3P) Framework for IoT Privacy by Design

Chaudhuri, Atal; Cavoukian, Ann

doi:10.1080/07366981.2017.1343548

Cited by 16 publications

(17 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The Internet of Things (IoT) is vital today in order to ensure that we are not behind in safeguarding data privacy for the multifaceted applications of the emerging IoT [27]. However, this work is not effective in every application and requires additional analysis [28].…”

Section: Relevant Studiesmentioning

confidence: 99%

A Systematic Literature Review on Privacy by Design in the Healthcare Sector

et al. 2020

View full text Add to dashboard Cite

In this digital age, we are observing an exponential proliferation of sophisticated hardware- and software-based solutions that are able to interact with the users at almost every sensitive aspect of our lives, collecting and analysing a range of data about us. These data, or the derived information out of it, are often too personal to fall into unwanted hands, and thus users are almost always wary of the privacy of such private data that are being continuously collected through these digital mediums. To further complicate the issue, the infringement cases of such databanks are on a sharp rise. Several frameworks have been devised in various parts of the globe to safeguard the issue of data privacy; in parallel, constant research is also being conducted on closing the loopholes within these frameworks. This study aimed to analyse the contemporary privacy by design frameworks to identify the key limitations. Seven contemporary privacy by design frameworks were examined in-depth in this research that was based on a systematic literature review. The result, targeted at the healthcare sector, is expected to produce a high degree of fortification against data breaches in the personal information domain.

show abstract

Section: Relevant Studiesmentioning

confidence: 99%

A Systematic Literature Review on Privacy by Design in the Healthcare Sector

et al. 2020

View full text Add to dashboard Cite

show abstract

“…There are currently only two frameworks that address privacy concerns of IoT devices and smart services. The Proactive and Preventive (3P) [3] framework for IoT Privacy-By-Design provides a process to follow: 1) define IoT service design and operation blueprint; 2) develop the IoT data flows, application interfaces, infrastructure and network layouts based on stakeholder needs; 3) clarify, document and limit purposes for collecting and using personal data; 4) identify all security and privacy risks; 5) conduct privacy impact assessment of all IoT devices and data components; 6) build IoT privacy capabilities; 7) implement IoT security and privacy controls; and 8) continuously review the effectiveness of privacy controls and identify new privacy risks. Instead, CNIL [5] has applied its Privacy Impact Assessment (PIA) methodology to connected objects.…”

Section: Background and Related Workmentioning

confidence: 99%

“…These privacy threats can be classified as per Table 2 according to the Solove's taxonomy. 3 Specifically, the testbed analysis revealed multiple instances of data reuse, violations of the purpose limitation and data aggregation. Notably, we have anal-ysed the testbed adhering to devices' functionality without injecting any adversarial behaviour.…”

Section: Privacy Threat Identificationmentioning

confidence: 99%

“…Currently, two main initiatives have proposed a PbD approach targeted to IoT devices and services: the Privacy Impact Assessment framework from CNIL (the French Data Protection Authority) [5] and the 3P Framework for IoT Privacy-By-Design [3]. However, both initiatives propose a standard risk management process without fully contextualising it to IoT nor providing guidelines on how to integrate the process into the design of IoT devices and services.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Towards an integrated privacy protection framework for IoT: contextualising regulatory requirements with industry best practices

Thorburn

Margheri

Paci

2019

Living in the Internet of Things (IoT 2019)

View full text Add to dashboard Cite

One of the main obstacles to the widespread adoption of IoT devices and services is consumers' privacy concerns related to personal data collection, processing and sharing with third parties. Indeed, many IoT devices have been found collecting consumers' personal data without their knowledge or consent. While frameworks for identifying and mitigating security concerns of IoT devices and services are available, there is a lack of frameworks that address privacy issues for IoT applications. In this paper we lay the foundations for the future development of such a framework, based on both the experimental analysis of data flows on an IoT Smart Home testbed and a systematic analysis of other frameworks.

show abstract

“…Instead, they proposed incorporating a chaos-based cryptographic scheme and Message Authentication Codes (MAC) for data transmission. In a recent research, authors from IT service firm Tata Consultancy Services recommended that the IoT stakeholders can adopt Preventive Privacy (3P) Framework [31] in order to build trust and confidence among end users.…”

Section: Legal Aspects Of Privacy In Iot Eramentioning

confidence: 99%

Privacy of IoT-Enabled Smart Home Systems

Dasgupta¹,

Gill²,

Hussain³

2019

IoT and Smart Home Automation [Working Title]

View full text Add to dashboard Cite

Digital ecosystems are going through a period of change due to the advancement in technologies such as Internet of Things (IoT) as well as proliferation of less expensive hardware sensors. Through this chapter, we present current emerging trends in IoT in different industry sectors as well as discuss the key privacy challenges impeding the growth of IoT to reach its potential in the smart home context. The majority of the existing literature on IoT smart home platforms focuses on functionalities provided by smarter connected devices; however, it does not address the concerns from a consumer's viewpoint. Thus, the key questions are: What are the privacy concerns related to IoT, particularly from a "smart home device" consumer viewpoint? What are the existing remedial approaches for privacy management? This chapter proposes a framework to assist smart home user and IoT device manufacturer to make informed privacy management decisions. The findings of this research intend to help practitioners and researchers interested in the privacy of IoT-enabled smart systems.

show abstract

The Proactive and Preventive Privacy (3P) Framework for IoT Privacy by Design

Cited by 16 publications

References 6 publications

A Systematic Literature Review on Privacy by Design in the Healthcare Sector

A Systematic Literature Review on Privacy by Design in the Healthcare Sector

Towards an integrated privacy protection framework for IoT: contextualising regulatory requirements with industry best practices

Privacy of IoT-Enabled Smart Home Systems

Contact Info

Product

Resources

About