Analysis of critical success factors to mitigate privacy risks in IoT Devices

Abstract

This research aims to ascertain how to effectively mitigate privacy risks in IoT devices. A user-centric approach is employed to increase user control and flexibility. After a detailed analysis of the extant literature, critical success factors that are lauded to alleviate risks in IoT devices were synthesised and collated. These include anonymity, transparency, simplicity, explicit consent and GDPR. An instrument was developed based on these factors to ascertain which of these aspects are considered to be the most effective. Data were collected and analysed from 341 IoT device users, data protection/IT professionals, and IoT device manufacturers in the industry. Findings from this analysis reveal that transparency is the most important critical success factor, followed byGDPR, anonymity, explicit consent, and simplicity, respectively. Based on these findings, a self-assessment scorecard was developed to enable analysts and decision-makers to assess their current performance against best practices and to effectively mitigate privacy risks in IoT devices.