10.1 Introduction

Internet of Things (IoT) systems represent a complex challenge for the protection and handling of personal data. Users may carry wearable fitness trackers with them or place smart speakers in their homes or business locations. Smart cities will rely on the data generated by a wide range of sensors. All IoT devices generate and transmit a wide variety of data types, which could potentially include personal information about users in multiple contexts.

Personal data – defined as “any information relating to an identified or identifiable natural person” [1] – is generated, analyzed, and shared by IoT systems, but users often have little control over it. The data can directly reveal information such as the location of the user, and can also in some cases be used to infer additional information. Fitness trackers could reveal whether a user was stressed at a particular time [2]. Smart meters could potentially reveal users' patterns of behavior [3].

In some cases, IoT devices generate sensitive data, such as in the case of eHealth devices. Sensitive data, a special category of personal data [1], includes data that reveals racial or ethnic origin, sexual orientation, religious or philosophical beliefs, trade union membership, political opinions, health and genetic and biometric data. ...