Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Designing privacy-aware IoT for unregulated domains

Alhirabi, Nada, Beaumont, Stephanie, Rana, Omer ORCID: and Perera, Charith ORCID: 2023. Designing privacy-aware IoT for unregulated domains. [Technical Report]. Unpublished.

[thumbnail of Designing Privacy-Aware IoT for Unregulated Domains_authorversion.pdf]
PDF - Submitted Pre-Print Version
Download (13MB) | Preview


Internet of things (IoT) applications (apps) are challenging to design because of their heterogeneous deployment systems. In the context of privacy and IoT, there is sensitive data is being collected, with some being collected for highly regulated domains such as health, and others being collected in less regulated domains. IoT apps may collect and analyse personal data, often classified as sensitive, which is protected by data privacy laws. Privacy-by-design (PbD) schemes already exist in various forms, which enable developers to consider data privacy during application design. Developers, however, are not widely adopting these approaches due to difficulties in understanding and interpreting them. In this context, there are currently a limited number of tools available to developers. We believe that a successful privacy design tool should be able to (i) assist developers in designing for privacy even in less regulated domains, as well as (ii) help them learn about privacy as they use the tool. In this paper, we present the findings of two controlled lab studies with 42 developers and discuss how such a PbD tool can help novice IoT developers comply with privacy laws (such as GDPR) and follow privacy guidelines (such as privacy patterns). Based on our findings, such tools might raise awareness of data privacy requirements in design. This increases the likelihood that subsequent designs will be more aware of data privacy requirements. Furthermore, the study illustrates the educational potential of such a tool for educating university novice developers about privacy.

Item Type: Monograph (Technical Report)
Date Type: Completion
Status: Submitted
Schools: Computer Science & Informatics
Subjects: Q Science > QA Mathematics > QA76 Computer software
Publisher: Unpublished
ISSN: 2691-1914
Date of First Compliant Deposit: 27 July 2023
Last Modified: 07 Nov 2023 16:42

Actions (repository staff only)

Edit Item Edit Item


Downloads per month over past year

View more statistics