The Internet of Things (IoT) heralds a new era of computing whereby every imaginable object is equipped with, or connected to a smart device allowing data collection and communication through the Internet. The IoT challenges individual privacy in terms of the collection and use of individuals' personal data. This study assesses the extent to which the Australian Privacy Principles protect individual privacy associated with data collection through the IoT. A systematic literature review identified four key privacy themes that represent issues related to the collection of individuals' data through the IoT: unauthorised surveillance, uncontrolled data generation and use, inadequate authentication and information security risks. These four themes are used to critically analyse the Australian Privacy Principle's (APPs) protection of individual data. Findings indicate that (1) the APPs do not adequately protect individual privacy of data collected through the IoT, and (2) future privacy legislation must consider the implications of global reach of IoT services, and ubiquity and security of IoT data collection with respect to individual privacy.
Read full abstract