X-Frame-Options: DENY

privacy design best practices


IoT and M2M Privacy Components v2



IoT & M2M Privacy Design Guidelines

  • Have a dedicated, clear, concise, and easily identifiable privacy practices statement for all relevant devices and services sold or provided.
  • Implement your privacy statement in clear, layman terms that clearly identifies the PII and Personal Data that is relevant and not relevant.
  • Cover the six basic interrogatives (who, what, when, where, why, and how) for private and personal data collection and use in Privacy Terms.
  • Use multimodal communications methods to inform users of practices and rights.
  • Identify all PII and relevant personal data used in the system solution, and categorize by its impact level.
  • Provide complete users and hardware anonymity privacy in devices and services using opaque random identifiers.
  • Disclose the gathering, sales, and usage of user’s personal data.
  • Disclose lawful intercept technical collection capabilities and activities in use to extent allowed by law.
  • Disclose lawful intercept/use request and disclosure parameters to the extent allowed by law.
  • Disclose lawful intercept target-user rights and notifications to the extent allowed by law.
  • Inform the user of ID’s and data collected and transmitted from devices.
  • Collect only what is reasonable and expected for technical and business purposes; do not collect what is not necessary; do not store what is not immediately necessary.
  • Provide fill and complete electronic disconnect for wireless transmissions, or complete electronic decommissioning of device computing state.
  • Disclose openly and clearly and local and remote device data collection activities.
  • Disclose use of collected PII and personal data in service/partner data mining link-analytics.
  • Provide clear, straightforward, and easy to locate user opt-in and opt-out mechanisms for data collection and use participation.
  • Provide periodic "user opt-in" selection-state reminder and revalidation.
  • Implement adequate security measures to protect personal data confidentiality relative to determined impact levels for data elements.
  • Provide the user with clear, straightforward means of implementing a data wipe of device and service account personal data.
  • Provide clear user notification of device communications functionality and identity mechanisms being used.
  • Provide clear visual markers to identify when devices are actively collecting personal private/sensitive sensor or biometric data.
  • Provide notification of device/service/third-party user marking and tracking mechanisms and activities implemented, and when used.
  • Do not transmit or store personal data, or activity and location data, unencrypted from/on devices.
  • Encrypt all biometric and personal private data both at rest (storage) and in motion (transmission).
  • Provide secure, controlled access to stored personal data on devices and services.
  • Review helpful privacy resources from NIST, such as the SP800-122, and Australian Government Privacy - http://www.oaic.goc.au/privacy/privacy-news
  • Lastly - Be a responsible and authentic privacy and security advocate for users of your products and services.