Conclusion
IoT provides companies many privacy policy-related challenges especially because IoT involves many sensors that can be connected to each other. Individuals using the company websites or any objects within the company could be subject to privacy violation when sensors miscommunicate or unknowingly with other sensors.
This research investigated six questions associated with privacy policies: who and what should be notified of monitoring activities by a company, when and where should there be an expectation of privacy, when and where should there be no expectation of privacy, why is user data collected, and how should monitoring problems be communicated. The investigation collected details of the privacy policies of 20 technology-related companies and the latest IoT-related research on privacy.
Results indicate that existing privacy policies have many features that can be used for IoT-related privacy policies. Privacy policies that incorporate IoT need to account for the increased amount of surveillance possible and the rationale for monitoring. Some recommendations for IoT monitoring policies include explaining when, where, why, and how individuals monitored by a variety of sensors that are potentially interconnected. The explanation should be readable due to the complicated technology and applications associated with IoT. Training individuals interacting with organizations on IoT technological details may have value to get a perspective of the amount of privacy they might encounter and control.
