Next Article in Journal
AI-Driven Phishing Detection: Enhancing Cybersecurity with Reinforcement Learning
Previous Article in Journal
Safety and Security Considerations for Online Laboratory Management Systems
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
JCP
Volume 5
Issue 2
10.3390/jcp5020025
jcp-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Review

Data Privacy in the Internet of Things: A Perspective of Personal Data Store-Based Approaches

by
George P. Pinto
1,2,* and
Cássio Prazeres
1
1
Institute of Computing, Federal University of Bahia, Canela, Salvador 40170-110, Brazil
2
Federal Institute of Bahia, Canela, Salvador 40110-150, Brazil
*
Author to whom correspondence should be addressed.
J. Cybersecur. Priv. 2025, 5(2), 25; https://doi.org/10.3390/jcp5020025
Submission received: 6 February 2025 / Revised: 29 April 2025 / Accepted: 8 May 2025 / Published: 13 May 2025
(This article belongs to the Section Privacy)
Browse Figure
Versions Notes

Abstract

:
Data generated by Internet of Things devices enable the design of new business models and services, improving user experience and satisfaction. This data also serve as an essential information source for many fields, including disaster management, bio-surveillance, smart cities, and smart health. However, personal data are also collected in this context, introducing new challenges concerning data privacy protection, such as profiling, localization and tracking, linkage, and identification. This dilemma is further complicated by the “privacy paradox”, where users compromise privacy for service convenience. Hence, this paper reviews the literature on data privacy in the IoT, particularly emphasizing Personal Data Store (PDS)-based approaches as a promising class of user-centric solutions. PDS represents a user-centric approach to decentralizing data management, enhancing privacy by granting individuals control over their data. Addressing privacy solutions involves a triad of user privacy awareness, technology support, and ways to regulate data processing. Our discussion aims to advance the understanding of IoT privacy issues while emphasizing the potential of PDS to balance privacy protection and service delivery.

1. Introduction

We have observed increasing generation and collection of large amounts of data on the Web. This trend has enabled the growth of Big Web companies that exploit data while offering users free services in return. For example, 61.4% of the world’s population uses social media, and 69.4% have a mobile phone, generating a considerable volume of data daily [1]. A small number of companies concentrate most of these data and services. This movement toward an unplanned centralized Web enables collecting, storing, processing, sharing, and often negotiating personal data without the owners’ knowledge and/or consent. Their magnitude, accuracy, and usage details are unknown by citizens and governments [2].
Sharing data with social networks, devices, and websites may lead users to lose control over their data storage and dissemination, making it difficult to manage or modify the information they have shared [3]. Moreover, personal data are vulnerable to privacy issues in this centralized structure. For instance, the exploitation of individuals’ data without their consent has become news with scandals such as Cambridge Analytica, which used personal data for political purposes; Polar’s fitness app that revealed the location of US military and security personnel; and Google Plus, which exposed the names, email addresses, occupations, and ages of 52.5 million users [4].
Likewise, IoT technologies have enriched our daily lives by enabling interconnected devices to generate and collect data. We now live in a world with more devices than people. The number of devices is greater than 16 billion [5], equivalent to more than twice the worldwide population, which is approximately 8 billion [6]. This scenario represents a substantial leap compared with the early days of the Internet of Things (IoT), which initially saw only 0.8 billion connected devices [7]. It is halfway to the projected 30 billion by 2030 [8]. IoT has fueled a rapid digitalization of daily life, both public and private, leading to an increase in the generation and collection of large amounts of data, encompassing personal and non-personal information. Moreover, it represents a stimulus for transforming various sectors such as the economy, health, agriculture, and education, constituting a burgeoning market valued at approximately USD 1 trillion [9].
For instance, smart thermostats automatically adjust home temperature, wearables track health data in real time, and voice assistants respond to commands and gather behavioral data. IoT devices monitor the elderly remotely, detecting falls, irregular heart rates, or medication adherence [10]. In smart cities, IoT systems control traffic lights, monitor air quality, and manage energy consumption [11]. Even in agriculture, sensors regulate irrigation and monitor soil conditions [12]. These exemplify how the IoT has become critical to our lives. Its ubiquity and data collection potentially amplify privacy issues, highlighting a trade-off between the services’ convenience and user privacy concerns. This dilemma, known as the “privacy paradox”, reflects individuals’ hesitation to oppose data collection despite expressing concerns driven by the desire to utilize technology services [13].
It is crucial to balance privacy protection and service quality, as restrictions on information access can affect service usefulness. We cannot understand privacy protection as a barrier to innovation. Instead, we need to promote privacy by fomenting user data control. This way, control is more than a desire; it is a necessary pathway toward ensuring personal data privacy. Balancing privacy protection with service quality is a requirement for maintaining the usefulness of services, as excessive restrictions on information access can affect them. Privacy should not be viewed as a barrier to innovation. Instead, we must foster privacy by empowering users with control over their data. In this context, user control is not just a preference; it is a necessary pathway toward ensuring personal data privacy. However, existing privacy-preserving approaches, such as encryption, anonymization, and access control, often suffer from limited user control, lack of transparency, and vulnerability to inference attacks. Moreover, most privacy frameworks are not designed to deal with the constraints and heterogeneity of IoT environments. These challenges emphasize the need for user-centric architectures that empower individuals with control over their data across the entire lifecycle.
Figure 1 summarizes the structure and logical flow of this study, starting from the identification of privacy threats in the IoT context, moving through privacy protection via the ART approach (Awareness, Regulation, and Technology) and culminating in the exploration of PDSs as a user-centric privacy solution. Hence, in this paper, we discuss the main characteristics of data privacy challenges in the IoT context and explore the role of PDS-based solutions in enhancing user privacy. This way, it makes significant contributions in the following ways:
  • Identifies and examines the critical privacy challenges in the context of the IoT, which arise from the increasing collection and sharing of large volumes of personal data;
  • Discusses the triad of privacy solutions: privacy awareness, privacy regulation, and privacy-enhancing technologies;
  • Introduces and explains the PDS concept and explores it as a promising solution to mitigate privacy threats by presenting relevant works in this way;
  • Discusses the challenges of PDS implementation in relation to GDPR complaints.
The remainder of this paper is organized as follows: Section 2 presents the related work relevant to our study. Section 3 explores the main concepts related to the IoT and examines its key privacy challenges, including common threats and methods for protecting user data. Section 4 discusses the concept of Personal Data Stores and their role as a potential solution to IoT privacy issues; finally, Section 5 concludes the paper by summarizing the key contributions.

2. Related Works

Attention to and concerns about privacy threats have been growing. Consequently, interest in researching possible solutions to protect users has also increased. In this section, we analyze studies that aim to understand privacy risks in the IoT context. Table 1 offers a summary of these research papers, with the following attributes for summarization: `Year’ indicates the publication year of the study; `Domain’ specifies the solution domain studied in the paper; and `Cycle’ denotes in which part of the data lifecycle the researched solutions are applicable, comprising Data Generation (DG), Data Storage (DS), Data Processing (DP), and Data Sharing (DSR). `User-Centric’ shows whether the approach prioritizes the user, such as allowing consent or personal control over data. `Decentralized’ assesses whether data control is distributed rather than centralized. `GDPR’ reflects whether the work aligns with the General Data Protection Regulation. Lastly, `Data Control’ evaluates the granularity of user control over their data. Below, we offer a concise summary of the chosen studies.
Rodriguez et al. [14] performed a literature review of machine learning (ML) techniques for privacy protection in the IoT context. They classified the privacy threats in IoT environments into direct threats, where third parties have direct access to personal data (e.g., data leakage), and indirect threats, where third parties have access to sensible information by inference (e.g., membership inference and re-identification attacks). Their findings encompass ML-based solutions classified into centralized, distributed, and federated architectures that use encryption and differential privacy as privacy protection methods.
Ogonji et al. [15] analyzed the literature to understand IoT security and privacy issues, focusing on vulnerabilities, challenges, threats, and countermeasures. Based on the findings, they proposed a threat taxonomy categorizing the vulnerabilities into low, medium, and high levels and provided corresponding mitigation strategies.
In their state-of-the-art literature review, Kounoudes and Kapitsaki [16] explore privacy protection methods and point out the challenges to protecting personal data in an IoT environment. They aim to understand how the GDPR principles can safeguard user privacy, focusing on approaches that give users more control and address such challenges: (i) profiling, inference, and discrimination, (ii) control and context-sensitive sharing, (iii) consent and uncertainty, and (iv) honesty, trust, and transparency.
Table 1. Comparison of existing privacy-preserving approaches in IoT.
Table 1. Comparison of existing privacy-preserving approaches in IoT.
AuthorsYearDomainCycleUser-CentricDecentralizedGDPRData Control
Briggs et al. [17]2020Federated LearningDPPartialLow
Kounoudes and Kapitsaki [16]2020Privacy LawDS, DP, DSR, ProcessingMedium
Ogonji et al. [15]2020TaxonomyDS, DP, DSRLow
Rodriguez et al. [14]2023Machine LearningDPPartialLow
Kolevski and Michael [18]2024GeneralDG, DS, DP, DSRMedium
Abbas et al. [19]2024Federated LearningDPPartialLow
Tudoran [20]2025GeneralDG, DS, DP, DSRMedium
This study2025Personal Data StoreDS, DP, DSRHigh
In [17], the authors reviewed the role of federated learning to perform data processing while protecting user data privacy. Their review focused on research addressing privacy concerns, bandwidth limitations, and power/computing limitations. As a result, they observed that FL represents a solution to data processing, keeping the data protected.
Kolevski and Michael [18] examine privacy in the IoT through a multifaceted perspective that encompasses the definition of privacy, the inherent risks of devices and edge computing architecture, potential threats, control and protection mechanisms, the handling of sensitive data, implications for users, and the evolving regulatory landscape.
Abbas et al. [19] present a comprehensive systematic review of advancements in federated learning in the smart healthcare context. It explores key aspects, including privacy and security, through methods such as encryption, multi-party computation, and differential privacy.
Tudoran [20] presents a systematic review exploring consumer privacy in the IoT context, focusing on privacy aspects that are important to consumers. The study reveals how individual and technological factors influence consumer information disclosure behavior. These factors and relationships were synthesized into eighth propositions and provided an interactive map of the influence of each. Finally, she presents privacy protection strategies founded in the literature, summarizing their strengths and weaknesses.
Table 1 compares prior works based on key privacy-related dimensions. The Lifecycle Phase indicates at which stage of the data lifecycle (e.g., generation, storage, sharing, or processing) the proposed solution operates. The User-Centric criterion reflects whether the approach prioritizes user agency, such as data ownership and consent mechanisms. Decentralized refers to whether data control and processing are distributed across multiple entities rather than centralized in service providers. GDPR Compliant evaluates whether the solution explicitly addresses or aligns with core requirements of the General Data Protection Regulation. Finally, Control Granularity assesses the level of precision and flexibility users have over what data are shared, how, and with whom—ranging from limited control to fine-grained policies. While prior studies have explored different approaches to IoT data privacy, including federated learning, privacy-preserving machine learning, legal frameworks, and threat taxonomies, these works present limitations when offering an approach focusing on user-centric and decentralized data management mechanism solutions. In contrast, this study distinguishes itself by focusing on understanding potential privacy protection mechanisms through the perspectives of using Personal Data Stores.

3. Data Privacy in the Internet of Things

The growth of the Internet of Things (IoT) brings increased connectivity but also raises serious data privacy concerns. Privacy risks multiply as IoT devices collect and share large amounts of personal data, often without users’ awareness. This section examines key privacy challenges in the IoT, including common threats and methods to protect user data through regulation and privacy-enhancing technologies.

3.1. IoT Data

The IoT generates massive volumes of real-time, heterogeneous data from various connected devices and sensors. These data have high volume, velocity, and variety, including structured sensor readings, semi-structured logs, and unstructured multimedia content. Also, they are often time- and location-dependent, leading to additional temporal and spatial analysis complexity [21]. Furthermore, IoT data are frequently noisy, incomplete, or redundant due to sensor limitations and environmental variability, requiring preprocessing to ensure accuracy and reliability [22].
From a privacy perspective, the pervasive and continuous IoT data collection, often occurring without user awareness, raises significant concerns. These include difficulties enforcing access control, susceptibility to inference attacks, and lack of transparency in data flows. The seamless integration of physical and digital environments further amplifies privacy risks. Additionally, the lack of universal data standards complicates interoperability, and issues surrounding data governance, ownership, and regulatory compliance (e.g., GDPR) must be addressed. Together, these factors highlight the urgent need for decentralized privacy-preserving mechanisms that provide individuals with control over their data.

3.2. IoT Data Privacy

The concept of privacy presents widely differing definitions and perspectives [23]. Each definition depends on context, culture, and environment. Alan Westin presented his privacy theory, which defined how people could protect themselves and restrict access to themselves by others. He described privacy as “the desire of people to choose freely under what circumstances and to what extent they will expose themselves, their attitude, and their behavior to others” [24]. Westin argued that users should exercise complete control over their data, including the extent of personal information disclosure, to whom, and how it is managed and distributed. His work laid the foundation for contemporary interpretations of online privacy regulations [25].
Privacy asserts limits on societal intrusion into personal lives and encompasses four key facets [26]:
  • Information privacy necessitates the establishment of unequivocal rules governing the acquisition and management of personal data. Diverse data types, including data banks, medical, or governmental records, fall within this case;
  • Bodily privacy entails safeguarding physical tests from intrusion, including blood samples, DNA, and genetic tests;
  • Privacy of communications relates to the security of any forms of communication regardless of the technologies, such as mail, email, and telephone;
  • Territorial privacy establishes boundaries against intrusion into domestic, work, and public spaces.
Information privacy has been gaining popularity alongside the increasing use of electronic processing. Westin [24] defined information privacy as “the right to select what personal information about me is known to what people”, underscoring the individual’s claim that their personal data remain inaccessible to third parties (whether individuals or organizations). Furthermore, when another party possesses such data, the individual should maintain control over them and their utilization [27].
In the realm of IoT, their broader and pervasive nature enables the generation, transmission, and storage of large amounts of personal data, including, for instance, locations, shopping records, financial transactions, pictures, conversations, health records, and others. This data collection occurs discreetly, making it difficult for the user to realize that they are being tracked [28]. These features underscore data privacy protection as one of the most critical challenges within the IoT [29,30].
Ziegeldorf et al. [31] expanded Westin’s privacy definition and formulated their own within the IoT domain, characterized by the triple guarantee to the user for:
  • Awareness of privacy risks imposed by smart things and services surrounding the data subject;
  • Individual control over the collection and processing of personal information by surrounding smart things;
  • Awareness and control of subsequent use and dissemination of personal information by those entities to any entity outside the subject’s personal control sphere.
In this context, we can identify different privacy threats in the literature [32], and following this identification, we provide a brief description of the common ones.
Identification: The IoT encompasses various devices that collect a wide range of data about users and their environment. Service providers typically process these data beyond the users’ sphere of control, creating a risk of identification. This risk involves linking user personal data with an identifier, such as a name or address. Technologies and the interconnection of various techniques amplify this identification threat in the IoT domain.
Localization and tracking refers to determining and recording an individual’s location within a spatial and temporal context using various technological methods, such as cell phone tracking or GPS data. The availability of such data has increased interest in using geographic information and spatial analysis for various applications. In the IoT domain, some inherent characteristics, such as location-aware applications, the omnipresence of data collection technologies, and the high interaction between devices, amplify the availability of this type of data.
Profiling methods involve collecting and analyzing data about an individual’s activities and behaviors over time and then using this information to group or categorize them based on specific patterns. Frequently, this information is collected without user consent and combined with other personal data to create more refined profiles. It is an important and common method used to personalize the user experience in, for instance, e-commerce.
Privacy-violating interaction and presentation refer to sharing personal information in a public environment, which can result in its exposure to an undesirable audience. Numerous IoT applications (e.g., healthcare, infrastructure) require extensive user connectivity, making information available to users through smart things in their environment. However, many interaction and presentation mechanisms are inherently public, raising privacy concerns when exchanging personal information.
Lifecycle transitions relate to the disclosure of private information when the ownership of a consumer product changes throughout its lifecycle. This issue is not common with consumer products like smartphones and laptops, which typically remain with the same owner for their entire lifecycle. However, this privacy risk becomes more prominent in the IoT domain, where more everyday objects are connected and can store private data.
Inventory attacks involve the unauthorized collection of information about the existence and characteristics of personal things, such as communication speed and response time. Fulfilling the full potential of the IoT, all smart devices will be connected to the Internet, allowing unauthorized parties to exploit this connectivity and compile a list of items linked to a specific target. Such an attack can be helpful as a source of information for profiling users.
Linkage relates to unintended exposure of personal information by merging previously separated data sources. By combining different pieces of data, new insights can emerge that the user may not have anticipated. This situation represents a privacy violation, and in an IoT context, the linkage threat is amplified due to its heterogeneous and distributed characteristics.
Information leakage. IoT applications can be interconnected through wireless communication, making them susceptible to interception by attackers who may acquire transmitted information. For instance, with the widespread use of smartphones, people are often required to share their identity and location to access apps and services. Consequently, the exposure of this type of information poses a privacy risk.

3.3. Information Privacy Protection

Information privacy protection is an essential user right [33] and a complex challenge that has gained significant attention, eliciting concerns among individuals, enterprises, and governments over the years [23,34,35]. Addressing this challenge and moving towards a protected privacy environment requires multifaceted solutions, encompassing raising awareness of privacy risks, employing technologies, and implementing regulatory laws. Renaud et al. [23] proposed the ART approach encompassing these three complementary factors to face privacy concerns:
Raising awareness. The basic idea is to provide means for users to be aware of privacy violations and the privacy risks involved in each operation performed by them. Awareness has the potential to change the user’s perception of privacy risks. Therefore, the more awareness, the lower the level of trust, increasing the demand for control over data disclosure. Consequently, appropriate data control can empower people to protect their data and match their risk perception;
Regulation aims to empower users with more control over their data and safeguard them against violation by regulating data processing. The regulation laws determine what data can be accessed, stored, transmitted, and manipulated and under what conditions. Unfortunately, they have limitations because they define the boundaries of data processing, but the penalties for noncompliance are applied after the privacy violation occurs. Besides that, the penalties for each violation depend on the judge’s interpretation;
Technology allows users to deal with privacy risks. As users increase their perception and become more aware of privacy risks, technologies help to protect them. For instance, anti-virus software, anti-spyware, firewalls, and spam comprise conventional technologies that give some protection. Similarly, privacy-enhancing technologies (PETs) give users control over their information. PETs enhance user power by giving them a choice about what information they will release and may consent or not to the acquisition of personal information [36].
An integrated approach is essential to effectively address privacy issues. Raising awareness alone addresses only part of the problem, imparting understanding about threats to individuals. However, it is imperative to equip individuals with tools to mitigate threats and enact regulations to safeguard them against violations. Combining diverse perspectives is indispensable in confronting these concerns. The ART approach emphasizes raising awareness among individuals and motivating them to familiarize themselves with regulatory laws and pertinent technologies for privacy protection.

3.3.1. Privacy Awareness

In the literature, we find studies indicating that individuals are unaware of issues related to their privacy and carelessly disclose their personal data without noting the potential risks. They do not perceive that third parties can collect and share data with others for unauthorized and unknown purposes [37]. Pötzsch’s [38] vision of privacy awareness relates to enabling individuals to make informed decisions. It involves an awareness of who can access their data and how they might be processed and shared. He understands it to improve users’ awareness and balance the privacy paradox [13] by helping people evaluate the benefits of sharing their personal data.
Users’ privacy awareness has been the focus of proposed improvements for years. Based on a literature review, Soumelidou and Tsohou [37] proposed a Profile for Privacy-Aware Users encompassing a set of attributes that define a user who is effectively aware of and responsive to privacy concerns. They suggest that this profile could guide the development of technological initiatives to increase privacy awareness. For this, they developed their profile outlining five primary attributes: (i) awareness of privacy risks and consequences, (ii) knowledge of privacy policies and laws, (iii) empowerment to protect privacy (including privacy control and practical skills), (iv) informed decision-making, and (v) situational awareness of privacy.
Mugariri et al. [39] conducted online surveys and found moderate user awareness levels. They noted that younger individuals recognize the need for formal education on information privacy. Thus, they proposed a teaching tool to improve participants’ knowledge of privacy protection methods, such as end-to-end encryption and two-factor authentication (2FA).
Other researchers have proposed tools and frameworks to increase users’ privacy awareness, such as the YourPrivacyProtector [40] tool, which uses machine learning to categorize users based on their privacy awareness level and provides personalized privacy protection recommendations. The AppAware [41] allows users to visualize the permissions of installed mobile applications, making potential privacy risks more understandable. Fatima et al. [42] proposed a framework to address privacy concerns through an educational game to increase user privacy awareness related to excessive data sharing and encourage more cautious online behavior.

3.3.2. Privacy Regulation

Keeping personal data private and safe has become a priority for consumers, companies, and governments. Thus, governments have been enacting legislation to protect their citizens [35]. Hence, the number of privacy regulation laws has been increasing throughout the years, reflecting the need to protect individual privacy against data misuse. The GDPR, the PIPEDA, the CCPA, the APP, New Zealand’s Privacy Act 1993, and the Brazilian GDPL are some examples of privacy protection legislation.
Privacy legislation aims to discipline how personal data are collected, processed, stored, and disclosed. It establishes boundaries for data-driven business models and defines mandatory practices and processes to guarantee privacy protection. The first privacy protection initiative was launched by the Fair Information Practices (FIPs) in the 1974 US Privacy Act, comprising the principles of notice, consent, individual access and control, data minimization, purposeful use, adequate security, and accountability [31]. Currently, 71% of countries worldwide have enacted legislation to ensure data privacy protection [43].
The most prominent regulation law is the GDPR [33], adopted in May 2018, which emphasizes personal data processing in an appropriate privacy and security manner, including measures and technologies to safeguard personal data against unauthorized access, processing, and disclosure. To ensure these objectives, the GDPR encompasses rules for all companies operating within EU countries. Consequently, it forces worldwide organizations and governments to develop policies and regulations to protect individual privacy if they want to do business with any EU country or face financial sanctions [35,44].
According to [35], the GDPR aims to protect individual (data subjects) personal data and grant them control over them. It does not protect the personal data of individuals: (i) living outside the EU, (ii) who use services from people outside the EU, (iii) who are non-human, (iv) who are anonymous, and (v) who are deceased.
Besides data subjects, we find in the GDPR two other essential entities: data controllers and data processors. As Art. 4 states, controller “means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data”, and processor “means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller” [33].
Art. 5 of the GDPR presents the seven key principles relating to personal data processing [33]:
  • Lawfulness, fairness, and transparency implies that any personal data processing by a controller must have a legal basis, be fair towards the individual, and be transparent to individuals and regulators. Users must be informed in a concise, easily accessible, and easy-to-understand manner;
  • Purpose limitation implies that personal data must be collected for specific, explicit, and legitimate purposes, and it should not be processed in ways that are incompatible with those purposes;
  • Data minimization implies that personal data must be adequate, relevant, and limited to what is necessary for the purposes;
  • Accuracy implies that controllers should ensure personal data are accurate and, where necessary, kept up to date;
  • Storage limitation implies that controllers must hold personal data in a way that allows the identification of individuals for no longer than necessary for the specified purposes;
  • Integrity and confidentiality implies that personal data must be processed securely, ensuring protection against unauthorized or unlawful use and accidental loss, destruction, or damage;
  • Accountability implies that the controller shall be responsible for and able to demonstrate compliance with the principles mentioned above.
Besides that, the GDPR defines the following eight data subjects’ rights:
  • Right to be informed about the data collection and its purposes (Art. 13).
  • Right of access from the controller confirmation as to whether or not personal data concerning him or her are being processed (Art. 15).
  • Right to rectification of inaccurate personal data concerning him or her or to complete the data if they are incomplete (Art. 16).
  • Right to erasure (to be forgotten) of personal data about him or her maintained by the controller and to withdraw consent (Art. 17).
  • Right to restrict processing, placing limitations on the way that organizations use data (Art. 18).
  • Right to portability of data about him or her. Data subjects have the right to have data transferred to themselves or a third party in a structured, commonly used, and machine-readable format (Art. 20).
  • Right to object to personal data processing at any time and under specific circumstances (Art. 21).
  • Right not to be subject to automated decision-making and profiling (Art. 22)

3.3.3. Privacy-Enhancing Technologies

PETs empower individuals to safeguard their privacy, assert control over their data, consent to personal data acquisition, and choose what information they wish to release [36]. They encompass technologies, frameworks, and other components designed to protect personal data and minimize its collection and use. Moreover, PETs facilitate compliance with data protection regulations while reducing the breach’s occurrence or assisting in their detection [45,46].
Safa et al. [30] have organized PETs into data-oriented and process-oriented approaches. The first focuses on data, while the last focuses on the process that protects the privacy of individuals. The data-oriented approach encompasses PETs such as data anonymization, minimization, encryption, differential privacy, zero-knowledge proofs, secret sharing, private information retrieval, and others. The process-oriented approach comprises, for instance, Privacy by Design; Privacy Requirement Engineering; Testing and Verification; Transparency, Consent, and Control; and others.
Safa et al. [30] categorize PETs into data-oriented and process-oriented approaches. The former emphasizes data, while the latter emphasizes processes safeguarding individuals’ privacy. The data-oriented approach includes PETs like data anonymization, minimization, encryption, differential privacy, zero-knowledge proofs, secret sharing, and private information retrieval. On the other hand, the process-oriented approach encompasses strategies such as Privacy by Design, Privacy Requirement Engineering, Testing and Verification, and Transparency, Consent, and Control.
Cha et al. [45] provide a classification of PETs in the IoT domain and separate them into six groups. For each group, they outline objectives and privacy threats (as described in [31]) that their respective technologies can address, as observed in Table 2.
Control over data comprises technologies that grant individuals more control over their data, including what, where, and how data can be collected, stored, and processed. Hence, PETs in this group help mitigate IoT threats such as privacy-violating interactions and presentations, as well as lifecycle transitions.
Enforcement comprises technologies able to enforce privacy policies and restrict access to personal data. Thus, individuals keep control over the data processing and limit unauthorized access. PETs in this group help mitigate IoT threats such as profiling, inventory attacks, linkage, and privacy-violating interactions and presentations.
Anonymization or pseudonymization technologies aim to protect individual privacy by eliminating identifiable data. The difference between the two techniques is that anonymization refers to the process of permanently removing identifiable data so they cannot be linked back to the individual. In contrast, pseudonymization replaces identifiable data with a reversible value. PETs, in this context, can mitigate IoT threats related to identification, localization and tracking, profiling, and linkage.
Personal data protection includes technologies that aim to empower individuals with data management and access control, allowing them to establish privacy policies that define authorized access conditions and purposes. PETs from this group help confront IoT threats, such as profiling, lifecycle transitions, inventory attacks, privacy-violating interactions and presentations, and linkage.
Anonymous authorization comprises technologies that allow individuals to sign on to a service as legitimate users and obtain access authorization but do not reveal any information about them. These PETs are valuable for confronting IoT threats such as identification, localization and tracking, profiling, privacy-violating interaction and presentation, and linkage.
Partial data disclosure technologies seek to expose personal data to third parties partially through special data processing methods. In this category, PETs can be helpful in IoT threats such as identification, localization and tracking, profiling, privacy-violating interaction and presentation, and linkage.

4. PDS-Based Solution for IoT Privacy

IoT has accelerated data collection and made personal information even more vulnerable to access by unauthorized third parties worldwide. Some threats, such as identification, profiling, linkage, and localization and tracking, are intrinsically related to the misuse of personal data. This way, user data control over the data lifecycle is essential and the necessary pathway for innovation [47]. Cisco [48] indicates that we also have faced a lack of transparency and awareness alongside a lack of control. Consequently, promoting transparency and raising awareness regarding data privacy protection is essential for users, ensuring their understanding and perception of the associated risks [39,49]. These characteristics have the potential to improve the users’ trust in services.
Personal data are an essential requirement for digital services; some even compare them to a new `oil’—a novel asset class that fosters new opportunities in social and economic spheres. The types and quantities of these data are vast and innumerable. While various disciplines and communities offer different definitions, the central and straightforward idea is that they comprise data created by and about people [50]. In a legal scope, the GDPR characterizes them as “any information relating to an identified or identifiable natural person (`data subject’)” [33]. Meanwhile, Kleek and OHara [51] consider personal data “as the information over which a person has some interest or control, in order to negotiate their environment or order their lives”.
We have distinct types of personal data that can be classified in various ways. Jones [52] categorized them into six groups: (i) controlled by (owned by) me, which comprise data that a person keeps, directly or indirectly; (ii) about me, referring to data about a person but available to and under the control of others; (iii) directed toward me, which relates to data that have the power to distract the person from a task, consume its attention or induce him/her to spend money and/or time; (iv) sent (posted, provided) by me, relating to data that we send in an email or post in a social media; (v) experienced by me, referring to data that have already been consumed but may be revisited or re-experienced; and finally, (vi) relevant (useful) to me, comprising all data that are useful for us. Finally, unlike other categories of data, personal data stand out due to specific characteristics: a high degree of dispersion, as they are scattered across a wide range of IT environments; a high degree of heterogeneity, encompassing diverse morphologies, data types, granularities, and semantics; a high degree of correlation, with close relationships between different parts of personal data, even when stored in isolation from each other; and a high degree of privacy, necessitating strict and limited sharing [53].

4.1. System Model

This data control can be achieved by promoting a separation between data storage and services and by enabling users to determine where and how their data are stored when accessing the required services. Therefore, it is necessary to provide new methods to engage and empower users to make appropriate choices about the use of data. For [54], there are better solutions to these challenges than a centralized approach. This model introduces the risks of a single point of failure and produces a hyper-centralization of data and people. He advocates for control in the hands of every person. The idea is to move from a service provider-centric to a user-centric model. In this context, users have full control and have the right to collect, self-manage, and exchange their data. Thus, a PDS approach can achieve a user-centric model because it allows users to regain control and aggregate scattered personal data from different sources. Moreover, it promises to empower users to extract value by providing tools to monetize their data [55].

4.1.1. Personal Data Store Definition

Users’ perceptions of the value of their data has been changing over the years, driving a movement toward more control. Despite the `privacy paradox’, users are increasingly concerned about exchanging personal data for services. It has become more apparent to them that “if the service you receive is free, then you must be the product” [51]. Furthermore, the services provided may not be sufficient to tolerate the risks associated with indiscriminate collection, storage, and personal data processing. This awareness has been pushing users’ desire to regain control over their data for protection and explore opportunities to monetize them through trading and selling [56].
These desires led to the emergence of a user-centric paradigm for exploring the value of personal data. The idea encompasses the principles of “transparency regarding what data is captured, control over how it is shared, trust in how others use it and value attributable because of it” [50]. This approach acknowledges the crucial role of users in generating and exchanging value. They act as owners and need to have control over their data.
In this context, the Personal Data Store (PDS) is a user-centric approach serving as a private data repository, addressing user data control and privacy concerns through decentralized data processing. The PDS denotes a paradigm change in the relationship between individuals and service providers, placing them at the forefront. It refers to a secure and private repository dedicated to managing user’s data, enabling individuals to store, manage, and share personal data and digital assets while controlling who can access and utilize them. In essence, third parties cannot have permission to access, extract, or perform any computation on the data without the user’s consent. Furthermore, the user’s PDS can process data in line with their agreement and, for example, over specific pieces of data. In this way, service providers receive results that have the potential to be less personal, less sensitive, less invasive, and potentially more valuable [54,57].
The primary goal of the PDS is to enable users to maintain sovereignty over their personal information, promoting data privacy, security, portability [3,58], and even granting individuals the right to create economic and social value [59]. This decentralization underscores the importance of user choice, empowering individuals to determine the destiny of their data [54].
A PDS platform can be a cloud-based storage solution, with APIs as an intermediate layer and an access point to web-based technologies. Alternatively, it can be a local-based storage solution requiring users to have a physical device to maintain their data and enable access through APIs [55].

4.1.2. PDS Benefits and Drawbacks

In the literature [55,57,60,61], we find expected benefits related to adopting PDSs from both the user and service provider perspectives.
From the users’ perspective, this approach offers multiple advantages concerning data privacy protection and sovereignty. The most significant benefit is user empowerment, which allows users to regain ownership and control over their data. From this basic benefit, others are derived, such as:
  • The ability to collect, analyze, manage, and share data with others;
  • Complete and granular control over data processing; i.e., users need to give their consent and be informed about it;
  • Users’ consent based on better-informed decisions because they will have more information about the processing (e.g., potential risks, real-time logs, audits, monitoring, and visualization);
  • A more effective architecture (including controlled collection, processing on PDSs) against inappropriate access by third parties;
  • More security and privacy levels once they can decide which information to share, with whom, and for what purposes;
  • Incentive to service providers to adopt more privacy-friendly approaches;
  • Power to choose between different platforms or services without losing control or ownership over data, fostering competition and innovation among service providers;
  • Ways and opportunities for users to monetize their personal data;
  • Means to execute individual analysis and gain insights about themselves.
On the other hand, from the service providers’ perspective, adopting PDSs also presents benefits. First, it increases users’ trust and confidence, reduces resistance to data sharing, and motivates them to engage more in online transactions. This results in a valuable solution to access a wide range of data that would otherwise be unavailable due to the difficulty or illegality of collecting it through traditional means. Second, the nature of the PDS predicts an environment where a wide range of data can be stored and accessed. Thus, it can supply service providers with more data types than independent collection efforts would yield. Third, the PDS’s decentralized nature enables service providers to combine data and perform a broader range of computations, analytics, and inferences on a diverse set of personal data from different silos. Providers seek and desire these kinds of data because they are potentially cleaner, more prosperous, more actualized, and safer than in a traditional organization-centric model. Finally, organizations involved in the process could reduce the burdens of collecting, maintaining, and managing users’ data. Additionally, they could reduce the costs of ensuring data protection and avoiding punishments for non-compliance with privacy laws, such as in cases of data leakage.
However, despite the benefits outlined, the introduction of the PDS brings some drawbacks. The main disadvantage is that setting up and maintaining a PDS may require technical expertise, which can be challenging and increase the responsibility for non-tech-savvy users. This scenario involves managing access to and obtaining consent for their data, which may lead to privacy risks and unintended consequences. Data availability and accessibility are essential concerns to address, as users need and want to access their data at any time and securely. Another factor to consider is the storage system’s security and the service provider’s trustworthiness. Finally, the widespread adoption of PDSs requires a shift in user behavior and awareness of their benefits, which can take time to achieve. At the same time, more services will not be available as long as few users are interested. Furthermore, there are no established technical standards for building platforms.

4.2. PDS Technical Overview

Fallatah et al. [55] reviewed many existing PDS platforms, including Solid [62], Mydex [63], Digi.me [64], HAT [65], and OpenPDS [66]. They provide valuable insights into their architectural designs, functionalities, and maturity levels. These implementations help contextualize the PDS’s practical feasibility and real-world applicability compared to traditional centralized models.
Table 3 presents these examples, which differ in architecture (centralized, decentralized, hybrid), processing and storage model (local vs. cloud), technical maturity, GDPR compliance, and user empowerment features (control and monetization). For instance, IoT Databox processes data locally, reducing latency and increasing privacy. Mydex and Digi.me are centralized infrastructures focusing on secure data sharing and GDPR compliance. OpenPDS minimizes raw data exposure by supporting privacy-preserving queries via SafeAnswers. Solid is a decentralized, standards-based approach enabling users to store their data in personal online data stores (Pods) with fine-grained access control. HAT has a hybrid architecture, combining cloud micro-servers and local control, allowing individuals to manage, analyze, and even monetize their data.
This diversity among PDS platforms reflects the growing maturity and specialization of the ecosystem. It demonstrates the potential of PDS solutions across various real-world scenarios—from privacy-preserving computation (e.g., OpenPDS) to local data control and IoT integration (e.g., Databox) to commercial-grade deployment and GDPR-compliant data ecosystems (e.g., Mydex, Digi.me, HAT) and decentralized identity and interoperability frameworks (e.g., Solid). However, such heterogeneity underscores persistent challenges, particularly regarding standardization, interoperability, and usability compared to centralized cloud architectures.
To better understand the practical trade-offs between traditional centralized architectures and Personal Data Store (PDS)-based approaches, Table 4 offers a comparative analysis across key criteria. The table highlights the enhanced control and privacy benefits of PDS platforms while recognizing performance and usability challenges that need to be addressed for widespread adoption.

4.3. PDS-Based Solution for Privacy Threats

We propose the FoT-PDS [67] as an extension of the FoT paradigm, specifically addressing data privacy concerns. We extend the FoT paradigm by introducing a novel data management strategy to deal with data privacy challenges within the IoT landscape. We advocate adopting PDSs as the storage mechanism and leveraging its associated benefits. We argue that the PDS serves as a solution to mitigate privacy issues in the IoT. We based our proposal on the use of PDSs distributed across multiple layers. Accordingly, we incorporate storage mechanisms in FoT-PDS-Servers and Cloud-PDS-Server layers. Each has a PDS instance, empowering users to control and manage how, what, who, and when their data can be accessed, processed, and disclosed.
The literature includes studies exploring Personal Data Stores (PDSs) as a promising solution to address privacy concerns related to personal data from different perspectives. Moiso et al. [56] introduced the PDS concept to promote user autonomy, allowing people to store their data in private locations and decide when and with whom to share it. Later, Vescovi et al. [68] expanded the idea with My Data Store, providing a framework for managing heterogeneous data collected by various applications and sensors within a trusted application ecosystem. These approaches prioritize privacy by giving users direct control over their data.
Janssen et al. [57] analyze the impact of PDSs on personal data protection, highlighting how these systems can promote privacy by aligning with individual rights and legal bases for data processing. They examine how PDSs can help reduce online surveillance practices and address information asymmetries between individuals and large organizations. However, the authors also identify limitations, noting that many digital privacy challenges remain even with PDSs, such as ensuring complete protection against monitoring and misuse of personal data.
Esteves [69] explores how decentralized technologies and Semantic Web standards can enhance communication between data subjects and controllers, enabling individuals to understand their rights and make decisions about their data. She proposes a digital interface to facilitate privacy term negotiation and access governance, helping individuals exercise their GDPR-based rights. This approach ensures that privacy information is accessible and understandable, making the exercise of user rights more effective and transparent.
Sun et al. [70] developed TIDAL, a Solid-based application that allows citizens and researchers to collaborate on health research projects ethically and transparently. TIDAL stores data in individual Solid pods, where each user controls what is shared with researchers, maintaining a high level of privacy.
Specifically in the IoT context, Komeiha et al. [71] propose an IoT device recommendation approach that relies on semantic annotations from Linked Open Data resources to recommend devices based on similarity calculations. This approach requires access to user data, raising privacy concerns. To address this, the authors implement the Solid framework, which allows users to retain control over their data throughout the recommendation process. Similarly, Boi et al. [72] present an architecture incorporating IoT devices as nodes within the Solid ecosystem, promoting a user-centric and decentralized IoT model. Their solution includes Self-Sovereign Identity as an authentication mechanism within Solid, supporting user autonomy and data security.

4.4. GDPR Compliance

The PDS promotes benefits for personal data privacy. However, it also poses challenges concerning GDPR compliance, especially regarding assigning responsibilities and determining the legal bases for data processing. Janssen et al. [57] reviewed some available PDS platforms and determined the roles of users, platforms, and app developers.
In Section 3.3.2, we reviewed the GDPR concepts controllers and processors. In a centralized context, their definitions are straightforward, but in a PDS environment, the boundaries between these roles are unclear, making it more challenging to assign them. For instance, in this context, users have great control over their data, deciding who can access it. Consequently, they can be considered controllers of their data. However, to fully assume this responsibility, users need to understand and manage all aspects of privacy and security and know the GDPR implications, which is unlikely. Thus, PDS platforms and app developers should probably share the controller role and be co-responsible with data users.
Another technical challenge for PDS is related to the legal basis for data processing. The PDS relies primarily on explicit user consent for its data processing. GDPR, however, recognizes additional legal bases for processing, such as legitimate interest, legal obligations, and contractual obligations.
Janssen et al. [57] understand that the advancement of PDSs depends not only on technological development but also on regulatory progress adapted to this decentralized reality, clarifying the definitions of the roles of stakeholders as well as their responsibilities and obligations in data processing.

5. Conclusions

The IoT has been promoting evolution in different areas for years, from agriculture and health to homes and cities. However, its interconnection and data collection introduce new data privacy challenges. This paper reviews these challenges and highlights the necessity of balancing the services provided by IoT and users’ privacy. We categorize the IoT privacy threats and discuss the necessity of adopting multifaceted approaches to address data privacy, encompassing users’ privacy awareness, data processing regulations, and privacy-enhancing technologies.
As a central point, we discuss the role of Personal Data Stores as a promising solution to the IoT’s privacy challenges. PDSs are moving toward a decentralized approach to mitigating risks associated with data centralization. They promote a user-centric model, enabling users to regain control over data and consequently allowing them to manage their data and decide who has access to them and under what conditions. We present some studies that propose the adoption of PDSs as a privacy-based solution.
PDSs could be essential in addressing privacy issues, mainly due to their user-centric characteristics. The successful implementation of PDSs within IoT ecosystems will continue to require collaboration between policymakers, technology developers, and users. In addition, we will also need to develop suitable technologies for IoT contexts so that PDSs can be exploited appropriately and privacy protection can be maintained sustainably. Thus, combining privacy awareness and data processing regulation with technology can help deliver a safer user-centric approach that protects privacy without renouncing functionality. In this way, it is also necessary to research methods to raise user awareness and studies on technological adaptations to comply with legal bases or even the development of legal regulations designed explicitly for decentralized environments like PDS.
In this manner, further efforts should guide future works in some directions: (i) the definition of the roles and responsibilities of users, platform providers, and application developers, particularly regarding the designation of data controllers and processors; (ii) the development of mechanisms to ensure compliance with lawful bases for data processing; (iii) the development of tools that promote user data control, transparency, and truly informed consent; (iv) the design of interfaces and educational strategies, such as gamification, that improve users’ comprehension of how their data are processed, the implications of their consent, and the risk associated with data sharing; and (v) the development of ontologies and data schemas to facilitate semantic data sharing across heterogeneous IoT domains.

Author Contributions

Conceptualization, G.P.P. and C.P.; methodology, G.P.P. and C.P.; investigation, G.P.P. and C.P.; writing—original draft preparation, G.P.P. and C.P.; writing—review and editing, G.P.P. and C.P. All authors have read and agreed to the published version of the manuscript.

Funding

This study was partly supported by FAPESB INCITE PIE0002/2022 grant. The authors also thank the CNPq, CAPES, and FAPESB organizations for supporting the Graduate Program in Computer Science at the Federal University of Bahia. Additionally, the authors acknowledge the financial support provided by the Pró-Reitoria de Pesquisa e Pós-Graduação (PRPPG) of the Federal University of Bahia through the “Programa de Apoio à Publicações Científicas—Edital 02/2025”, which covered the article processing charges for this publication.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Kemp, S. Digital 2023: Global Statshot Report. DataReportal—Global Digital Insights. 2023. Available online: https://datareportal.com/reports/digital-2023-global-overview-report (accessed on 13 January 2025).
  2. Laoutaris, N. Data Transparency: Concerns and Prospects. Proc. IEEE 2018, 106, 1867–1871. [Google Scholar] [CrossRef]
  3. Alessi, M.; Camillò, A.; Giangreco, E.; Matera, M.; Pino, S.; Storelli, D. A Decentralized Personal Data Store based on Ethereum: Towards GDPR Compliance. J. Commun. Softw. Syst. 2019, 15, 79–88. [Google Scholar] [CrossRef]
  4. Grothaus, M. The Biggest Data Scandals and Breaches of 2018. 2018. Available online: https://www.businessinsider.com/data-hacks-breaches-biggest-of-2018-2018-12 (accessed on 13 January 2025).
  5. Sinha, S. Number of Connected IoT Devices Growing 16% to 16.7 Billion Globally. 2023. Available online: https://iot-analytics.com/number-connected-iot-devices/ (accessed on 11 January 2025).
  6. ONU. População Mundial Atinge 8 Bilhões de Pessoas|ONU News. 2022. Available online: https://shorturl.at/fWwkd (accessed on 10 January 2025).
  7. Lueth, K.L. State of the IoT 2020: 12 Billion IoT Connections. 2020. Available online: https://iot-analytics.com/state-of-the-iot-2020-12-billion-iot-connections-surpassing-non-iot-for-the-first-time/ (accessed on 16 January 2025).
  8. Duarte, F. Number of IoT Devices (2023–2030). 2023. Available online: https://explodingtopics.com/blog/number-of-iot-devices (accessed on 10 January 2025).
  9. Joshi, S. 70 IoT Statistics to Unveil the Past, Present, and Future of IoT. 2023. Available online: https://learn.g2.com/iot-statistics#top-stats (accessed on 10 January 2025).
  10. Majumder, S.; Aghayi, E.; Noferesti, M.; Memarzadeh-Tehran, H.; Mondal, T.; Pang, Z.; Deen, M.J. Smart Homes for Elderly Healthcare—Recent Advances and Research Challenges. Sensors 2017, 17, 2496. [Google Scholar] [CrossRef]
  11. Ashraf, S. A proactive role of IoT devices in building smart cities. Internet Things Cyber-Phys. Syst. 2021, 1, 8–13. [Google Scholar] [CrossRef]
  12. Garg, D.; Alam, M. Smart agriculture: A literature review. J. Manag. Anal. 2023, 10, 359–415. [Google Scholar] [CrossRef]
  13. Kokolakis, S. Privacy attitudes and privacy behaviour: A review of current research on the privacy paradox phenomenon. Comput. Secur. 2017, 64, 122–134. [Google Scholar] [CrossRef]
  14. Rodríguez, E.; Otero, B.; Canal, R. A Survey of Machine and Deep Learning Methods for Privacy Protection in the Internet of Things. Sensors 2023, 23, 1252. [Google Scholar] [CrossRef]
  15. Ogonji, M.M.; Okeyo, G.; Wafula, J.M. A survey on privacy and security of Internet of Things. Comput. Sci. Rev. 2020, 38, 100312. [Google Scholar] [CrossRef]
  16. Kounoudes, A.D.; Kapitsaki, G.M. A mapping of IoT user-centric privacy preserving approaches to the GDPR. Internet Things 2020, 11, 100179. [Google Scholar] [CrossRef]
  17. Briggs, C.; Fan, Z.; Andras, P. A Review of Privacy Preserving Federated Learning for Private IoT Analytics. arXiv 2020. [Google Scholar] [CrossRef]
  18. Kolevski, D.; Michael, K. Edge Computing and IoT Data Breaches: Security, Privacy, Trust, and Regulation. IEEE Technol. Soc. Mag. 2024, 43, 22–32. [Google Scholar] [CrossRef]
  19. Abbas, S.R.; Abbas, Z.; Zahir, A.; Lee, S.W. Federated Learning in Smart Healthcare: A Comprehensive Review on Privacy, Security, and Predictive Analytics with IoT Integration. Healthcare 2024, 12, 2587. [Google Scholar] [CrossRef] [PubMed]
  20. Tudoran, A.A. Rethinking privacy in the Internet of Things: A comprehensive review of consumer studies and theories. Internet Res. 2025, 35, 514–545. [Google Scholar] [CrossRef]
  21. Perera, C.; Zaslavsky, A.; Christen, P.; Georgakopoulos, D. Context Aware Computing for The Internet of Things: A Survey. IEEE Commun. Surv. Tutor. 2014, 16, 414–454. [Google Scholar] [CrossRef]
  22. Ding, X.; Wang, H.; Li, G.; Li, H.; Li, Y.; Liu, Y. IoT data cleaning techniques: A survey. Intell. Converg. Netw. 2022, 3, 325–339. [Google Scholar] [CrossRef]
  23. Renaud, K.; Gálvez-Cruz, D. Privacy: Aspects, definitions and a multi-faceted privacy preservation approach. In Proceedings of the 2010 Information Security for South Africa, Johannesburg, South Africa, 2–4 August 2010; pp. 1–8. [Google Scholar] [CrossRef]
  24. Westin, A. Privacy and Freedom; Athenaeum: New York, NY, USA, 1968. [Google Scholar]
  25. Margulis, S.T. On the Status and Contribution of Westin’s and Altman’s Theories of Privacy. J. Soc. Issues 2003, 59, 411–429. [Google Scholar] [CrossRef]
  26. Banisar, D. Privacy and Human Rights—An International Survey of Privacy Laws and Practice. 2007. Available online: https://gilc.org/privacy/survey/intro.html (accessed on 16 January 2025).
  27. Clarke, R. Internet privacy concerns confirm the case for intervention. Commun. ACM 1999, 42, 60–67. [Google Scholar] [CrossRef]
  28. Atlam, H.F.; Wills, G.B. IoT Security, Privacy, Safety and Ethics. In Digital Twin Technologies and Smart Cities, Internet of Things; Springer: Cham, Switzerland, 2020; pp. 123–149. [Google Scholar] [CrossRef]
  29. Al-Sharekh, S.I.; Al-Shqeerat, K.H.A. An Overview of Privacy Issues in IoT Environments. In Proceedings of the 2019 International Conference on Advances in the Emerging Computing Technologies (AECT), Al Madinah Al Munawwarah, Saudi Arabia, 10 February 2020; pp. 1–6. [Google Scholar] [CrossRef]
  30. Safa, N.S.; Mitchell, F.; Maple, C.; Azad, M.A.; Dabbagh, M. Privacy Enhancing Technologies (PETs) for connected vehicles in smart cities. Trans. Emerg. Telecommun. Technol. 2022, 33, e4173. [Google Scholar] [CrossRef]
  31. Ziegeldorf, J.H.; Morchon, O.G.; Wehrle, K. Privacy in the Internet of Things: Threats and challenges. Secur. Commun. Netw. 2014, 7, 2728–2742. [Google Scholar] [CrossRef]
  32. Pinto, G.P.; Donta, P.K.; Dustdar, S.; Prazeres, C. A Systematic Review on Privacy-Aware IoT Personal Data Stores. Sensors 2024, 24, 2197. [Google Scholar] [CrossRef]
  33. UNION, E. General Data Protection Regulation (GDPR)—Official Legal Text. 2016. Available online: https://gdpr-info.eu/ (accessed on 31 October 2024).
  34. Oomen, I.; Leenes, R. Privacy Risk Perceptions and Privacy Protection Strategies. In Policies and Research in Identity Management; de Leeuw, E., Fischer-Hübner, S., Tseng, J., Borking, J., Eds.; Springer: Boston, MA, USA, 2008; pp. 121–138. [Google Scholar] [CrossRef]
  35. Conrad, S.S. Protecting Personal Information and Data Privacy: What Students Need to Know. J. Comput. Sci. Coll. 2019, 35, 77–86. [Google Scholar]
  36. Tavani, H.T.; Moor, J.H. Privacy protection, control of information, and privacy-enhancing technologies. ACM SIGCAS Comput. Soc. 2001, 31, 6–11. [Google Scholar] [CrossRef]
  37. Soumelidou, A.; Tsohou, A. Towards the creation of a profile of the information privacy aware user through a systematic literature review of information privacy awareness. Telemat. Inform. 2021, 61, 101592. [Google Scholar] [CrossRef]
  38. Pötzsch, S. Privacy Awareness: A Means to Solve the Privacy Paradox? In The Future of Identity in the Information Society; Matyáš, V., Fischer-Hübner, S., Cvrček, D., Švenda, P., Eds.; Springer: Berlin/Heidelberg, Germany, 2009; pp. 226–236. [Google Scholar]
  39. Mugariri, P.; Abdullah, H.; García-Torres, M.; Parameshchari, B.D.; Sattar, K.N.A. Promoting Information Privacy Protection Awareness for Internet of Things (IoT). Mob. Inf. Syst. 2022, 2022, 4247651. [Google Scholar] [CrossRef]
  40. Ghazinour, K.; Matwin, S.; Sokolova, M. YourPrivacyProtector: A Recommender System for Privacy Settings in Social Networks. Int. J. Secur. Priv. Trust Manag. 2013, 2, 11–25. [Google Scholar] [CrossRef]
  41. Paspatis, I.; Tsohou, A.; Kokolakis, S. AppAware: A policy visualization model for mobile applications. Inf. Comput. Secur. 2020, 28, 116–132. [Google Scholar] [CrossRef]
  42. Fatima, R.; Yasin, A.; Liu, L.; Wang, J.; Afzal, W.; Yasin, A. Sharing information online rationally: An observation of user privacy concerns and awareness using serious game. J. Inf. Secur. Appl. 2019, 48, 102351. [Google Scholar] [CrossRef]
  43. UNCTAD. Data Protection and Privacy Legislation Worldwide|UNCTAD. 2021. Available online: https://unctad.org/page/data-protection-and-privacy-legislation-worldwide (accessed on 31 October 2024).
  44. Aljeraisy, A.; Barati, M.; Rana, O.; Perera, C. Privacy Laws and Privacy by Design Schemes for the Internet of Things. ACM Comput. Surv. 2021, 54, 1–38. [Google Scholar] [CrossRef]
  45. Cha, S.C.; Hsu, T.Y.; Xiang, Y.; Yeh, K.H. Privacy enhancing technologies in the internet of things: Perspectives and challenges. IEEE Internet Things J. 2019, 6, 2159–2187. [Google Scholar] [CrossRef]
  46. Shen, Y.; Pearson, S. Privacy Enhancing Technologies: A Review. 2011. Available online: https://bit.ly/3cfpAKz (accessed on 31 October 2024).
  47. Alsheikh, M.A. Five Common Misconceptions About Privacy-Preserving Internet of Things. IEEE Commun. Mag. 2023, 61, 151–157. [Google Scholar] [CrossRef]
  48. CISCO. Consumer Privacy Survey: The Growing Imperative of Getting Data Privacy Right. 2019. Available online: https://www.cisco.com/c/dam/global/en_uk/products/collateral/security/cybersecurity-series-2019-cps.pdf (accessed on 16 January 2024).
  49. Zheng, S.; Apthorpe, N.; Chetty, M.; Feamster, N. User perceptions of smart home IoT privacy. Proc. ACM Hum.-Comput. Interact. 2018, 2, 200. [Google Scholar] [CrossRef]
  50. Schwab, K.; Marcus, A.; Oyola, J.R.; Hoffman, W.; Luzi, M. Personal Data: The Emergence of a New Asset Class; Technical report; World Economic Forum: Cologny, Switzerland, 2011. [Google Scholar]
  51. Van Kleek, M.; OHara, K. The Future of Social Is Personal: The Potential of the Personal Data Store. In Social Collective Intelligence: Combining the Powers of Humans and Machines to Build a Smarter Society; Springer International Publishing: Cham, Switzerland, 2014; Chapter 7; pp. 125–128. [Google Scholar] [CrossRef]
  52. Jones, W. Chapter Two—A personal space of information. In Keeping Found Things Found; Jones, W., Ed.; The Morgan Kaufmann Series in Multimedia Information and Systems; Morgan Kaufmann: San Francisco, CA, USA, 2008; pp. 22–53. [Google Scholar] [CrossRef]
  53. Wang, J.; Wang, Z. A Survey on Personal Data Cloud. Sci. World J. 2014, 2014, 969150. [Google Scholar] [CrossRef] [PubMed]
  54. Verborgh, R. Re-Decentralizing the Web, For Good This Time. In Linking the World’s Information: Essays on Tim Berners-Lee’s Invention of the World Wide Web; Seneviratne, O., Hendler, J., Eds.; ACM: New York, NY, USA, 2023; pp. 215–230. [Google Scholar] [CrossRef]
  55. Fallatah, K.U.; Barhamgi, M.; Perera, C. Personal Data Stores (PDS): A Review. Sensors 2023, 23, 1477. [Google Scholar] [CrossRef] [PubMed]
  56. Moiso, C.; Antonelli, F.; Vescovi, M. How Do I Manage My Personal Data?—A Telco Perspective. In Proceedings of the International Conference on Data Technologies and Applications—DATA, Rome, Italy, 25–27 July 2012; INSTICC; SciTePress: Setúbal, Portugal, 2012; pp. 123–128. [Google Scholar] [CrossRef]
  57. Janssen, H.; Cobbe, J.; Norval, C.; Singh, J. Decentralized data processing: Personal data stores and the GDPR. Int. Data Priv. Law 2020, 10, 356–384. [Google Scholar] [CrossRef]
  58. Bus, J.; Nguyen, C. Personal Data Management—A Structured Discussion. In Digital Enlightenment Yearbook 2013; Ios Press: London, UK, 2013; pp. 270–287. [Google Scholar] [CrossRef]
  59. Hummel, P.; Braun, M.; Dabrock, P. Own Data? Ethical Reflections on Data Ownership. Philos. Technol. 2021, 34, 545–572. [Google Scholar] [CrossRef]
  60. Shanmugarasa, Y.; Paik, H.Y.; Kanhere, S.S.; Zhu, L. Towards Automated Data Sharing in Personal Data Stores. In Proceedings of the 2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops), Kassel, Germany, 22–26 March 2021; pp. 328–331. [Google Scholar] [CrossRef]
  61. Verbrugge, S.; Vannieuwenborg, F.; Van der Wee, M.; Colle, D.; Taelman, R.; Verborgh, R. Towards a personal data vault society: An interplay between technological and business perspectives. In Proceedings of the 2021 60th FITCE Communication Days Congress for ICT Professionals: Industrial Data—Cloud, Low Latency and Privacy (FITCE), Vienna, Austria, 29–30 September 2021; pp. 1–6. [Google Scholar] [CrossRef]
  62. Solid Project. Solid Specification. 2025. Available online: https://solidproject.org/specification (accessed on 21 March 2025).
  63. Mydex CIC. Mydex Charter. Available online: https://mydex.org/about-us/mydex-charter/ (accessed on 21 March 2025).
  64. Digi.me. Digi.me—Your Personal Data, Your Rules. 2025. Available online: https://digi.me/ (accessed on 11 April 2025).
  65. Hub of All Things. What Is the HAT. 2024. Available online: https://www.hubofallthings.com/main/what-is-the-hat (accessed on 11 April 2025).
  66. de Montjoye, Y.A.; Shmueli, E.; Wang, S.S.; Pentland, A.S. openPDS: Protecting the Privacy of Metadata through SafeAnswers. PLoS ONE 2014, 9, e98790. [Google Scholar] [CrossRef]
  67. Pinto, G.P.; Prazeres, C. Towards data privacy in a fog of things. Internet Technol. Lett. 2024, 7, e512. [Google Scholar] [CrossRef]
  68. Vescovi, M.; Moiso, C.; Pasolli, M.; Cordin, L.; Antonelli, F. Building an eco-system of trusted services via user control and transparency on personal data. IFIP Adv. Inf. Commun. Technol. 2015, 454, 240–250. [Google Scholar] [CrossRef]
  69. Esteves, B. Challenges in the Digital Representation of Privacy Terms. In International Workshop on AI Approaches to the Complexity of Legal Systems; Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Springer: Cham, Switzerland, 2021; Volume 13048, pp. 313–327. [Google Scholar]
  70. Sun, C.; van Soest, J.; Dumontier, M. Analyze Decentralized Personal Health Data using Solid, Digital Consent, and Federated Learning. In Proceedings of the 14th International Conference on Semantic Web Applications and Tools for Health Care and Life Sciences, Basel, Switzerland, 13–16 February 2023; Volume 3415, pp. 169–170. [Google Scholar]
  71. Komeiha, F.; Cheniki, N.; Sam, Y.; Jaber, A.; Messai, N.; Devogele, T. Towards a Privacy Conserved and Linked Open Data Based Device Recommendation in IoT. In International Conference on Service-Oriented Computing; Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Springer International Publishing: Cham, Switzerland, 2021; Volume 12632, pp. 32–39. [Google Scholar] [CrossRef]
  72. Boi, B.; De Santis, M.; Esposito, C. A Decentralized Smart City Using Solid and Self-Sovereign Identity. In Proceedings of the Computational Science and Its Applications—ICCSA 2023 Workshops, Athens, Greece, 3–6 July 2023; Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Springer: Cham, Switzerland, 2023; Volume 4109, pp. 149–161. [Google Scholar] [CrossRef]
Jcp 05 00025 g001
Figure 1. Paper summary.
Figure 1. Paper summary.
Jcp 05 00025 g001
Table 2. Mapping between types of PETs and IoT privacy threats addressed.
Table 2. Mapping between types of PETs and IoT privacy threats addressed.
Type of PETPrivacy Threats Addressed
Control over dataLifecycle transitions, privacy-violating interaction and presentation
Anonymization/PseudonymizationIdentification, profiling, linkage
Anonymous authorizationIdentification, localization and tracking, profiling, privacy-violating interaction and presentation, linkage
Partial data disclosureIdentification, localization and tracking, profiling, privacy-violating interaction and presentation, linkage
Policy enforcementInventory attacks, linkage, profiling, privacy-violating interaction and presentation
Personal data protectionProfiling, lifecycle transitions, inventory attacks, privacy-violating interaction and presentation, linkage
Table 3. Comparison of personal data store platforms.
Table 3. Comparison of personal data store platforms.
PlatformArchitecture TypeProcessingGDPR ComplianceUser ControlData Monetization
SolidDecentralizedLocalYesHighPossible
MydexCentralizedCloudYesMediumNo
Digi.meCentralizedCloudYesMediumPossible
HATHybridLocal/CloudYesHighYes
OpenPDSHybridLocal/CloudPartialHighNo
Table 4. Comparison between traditional centralized systems and PDS-based approaches.
Table 4. Comparison between traditional centralized systems and PDS-based approaches.
CriterionCentralized SystemsPDS Solutions
User ControlLow—data are managed by third partiesHigh—users define access and usage policies
Privacy RiskHigh—single points of failure and uncontrolled data reuseLow—user-centric control and distributed access
Computational OverheadLow—cloud-based processing at scaleMedium to High—some rely on local or distributed processing
Monetization CapabilityAbsent—user data monetized by providersPossible—some PDS platforms support data sharing with compensation
TransparencyLimited—access and processing logs are not always availableModerate to High—PDS can provide dashboards, logs, and audit tools
ScalabilityHigh—mature and consolidated architecturesVariable—depends on platform design (local/cloud, centralized/decentralized)
User ExperienceHigh—refined and integrated interfacesMedium—usability remains a challenge for broader adoption
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Pinto, G.P.; Prazeres, C. Data Privacy in the Internet of Things: A Perspective of Personal Data Store-Based Approaches. J. Cybersecur. Priv. 2025, 5, 25. https://doi.org/10.3390/jcp5020025

AMA Style

Pinto GP, Prazeres C. Data Privacy in the Internet of Things: A Perspective of Personal Data Store-Based Approaches. Journal of Cybersecurity and Privacy. 2025; 5(2):25. https://doi.org/10.3390/jcp5020025

Chicago/Turabian Style

Pinto, George P., and Cássio Prazeres. 2025. "Data Privacy in the Internet of Things: A Perspective of Personal Data Store-Based Approaches" Journal of Cybersecurity and Privacy 5, no. 2: 25. https://doi.org/10.3390/jcp5020025

APA Style

Pinto, G. P., & Prazeres, C. (2025). Data Privacy in the Internet of Things: A Perspective of Personal Data Store-Based Approaches. Journal of Cybersecurity and Privacy, 5(2), 25. https://doi.org/10.3390/jcp5020025

Article Metrics

Back to TopTop