Internet of Things and Privacy
Weekly Newsletter

The term “Internet of Things” (IoT) refers to a relatively new concept that describes the technology of connecting physical things and gadgets to the Internet, gathering information about them autonomously, doing analyses, and offering services to consumers. The Internet of Things is considered by some experts to be the upcoming industrial revolution, during which a new class of gadgets will begin interacting with one another with little to no human interaction. 

In order to facilitate connection between physical items like appliances and other computing equipment like cloud servers, desktops, laptops, and smartphones, the Internet of Things will incorporate many sensors, small computer chips, and communications devices. 

As almost any physical or logical entity can be given a unique identifier and the ability to communicate autonomously over the Internet or another similar network, Internet of Things requires special considerations necessary to safeguard personal information from exposure in the IoT environment. 

Where the Concerns Arise ? 

Endpoints (things) in the IoT ecosystem operate together and interact with one another as they relay data independently. In order for the networked components of a house, for instance, to seamlessly interact with one another, interoperability of objects is crucial to the IoT’s operation. 

It’s possible that a certain endpoint’s data transmissions don’t raise any #privacy concerns on their own. However, even fragmented data from several endpoints might offer sensitive information when it is collected, compiled, and analysed. 

Smart objects, in contrast to conventional electronics, have the ability to gather and store data about your usage, routines, and preferences on local devices or via a network, often without your knowledge. A criminal may have access to these data as well as other important information like your bank accounts, social media accounts, and data on your smartphone or personal computer. 

Even though the gadgets are believed to be safe from privacy concerns, many hesitate to install them since they can collect private information without human oversight. 

What Should Manufacturers Do? 

Manufacturers should adhere to government regulations and standards for security and the protection of personal information, such as the General Data Protection Regulation (GDPR) and the ePrivacy Regulation. These laws require IoT manufacturers to give users thorough and in-depth information about their data collection and processing, in addition to transferring it. 

Along with the regulatory concerns, the system needs to be updated regularly since criminals may try to interfere with it using ever-more-advanced methods. 

Devices with numerous users should employ authentication methods including two-factor authentication, digital certificates, and biometrics. To safeguard user privacy and avoid interference, data encryption and API security measures should be made commonplace. 

What Should Consumers Do? 

Make sure your gadgets are password secured while they are available for the consumers. 

#Cybersecurity risks may be used to access and modify IoT devices, so safeguard your smartphone and personal computer, which you use to operate the IoT system. 

Use powerful security software, update your firmware and software frequently, and keep your gadgets up to date. 

If you want to know how safe a gadget is, what security risks can arise, and what type of information is being gathered about you, buy it from a reputable manufacturer and read the manual thoroughly. 


IoT and the security of personal data enhance both the quality of life for people and the success of businesses. However, because they have not yet been effectively handled, security and the protection of personal data are still problems. Nevertheless, solutions and advancements are being suggested and put into practise, so we may have faith that this technology has a promising future. 

If you’re a company processing data, check out our services at  

If you want to know more, reach out to us at

Major Privacy Updates of the Week


Meta to Settle Cambridge Analytica Case for $725-million

In order to resolve a protracted legal dispute in which it was alleged that Facebook had improperly shared user data with the research company Cambridge Analytica, Meta Platforms has agreed to pay $725 million. The agreement puts Meta one step closer to ending the 2018 lawsuit filed by Facebook users after it emerged that a UK research company linked to Donald Trump’s presidential campaign in 2016 had access to the data of up to 87 million users of the social media platform. 

Read more


MeitY Extends Deadline for Public Comments on Draft Digital Personal Data Protection Bill

The period for public comment on the draft Digital Personal Data Protection Bill (#DPDPB), 2022, has been extended by the Indian government’s Ministry of Electronics and Information Technology (@MeitY) to January 2, 2023. The draft bill has been in the spotlight for the entire year. After withdrawing the last draft on August 3, MeitY issued a new draft of the “Digital Personal Data Protection Bill, 2022” on November 18 along with an explanatory note and sought feedback from public by December 17. 

Read more


US Lawmaker Moves to Ban TikTok from Government Devices in Spending Bill

According to a federal spending bill that Congress revealed, TikTok would be prohibited on the majority of US government devices. This is the latest effort by US lawmakers to ban the Chinese-owned social media app. The Biden administration will be required to forbid the majority of uses of TikTok or any other software developed by its owner, ByteDance Ltd., under terms of the $1.7 trillion omnibus spending plan. 

Read more


Fortnite Maker Epic Games to Pay $520M over Child Privacy Violations

The developer of the well-known video game ‘Fortnite’, Epic Games has agreed to pay $520 million to resolve claims made to the US Federal Trade Commission for violating child privacy laws and duping minors and adults to make unintended purchases online. The video game company will pay $275 million for violating a federal children’s privacy law and will spend another $245 million in refunding customers for its alleged “unlawful billing practices”. 

Read more


Russian Killnet Hackers Claim to have Infiltrated FBI Agent Database

Over 10,000 US federal agents’ personal information is said to have been stolen by the Russian cyber organization KillNet from the FBI database. Like most of its attacks, the pro-Kremlin gang appeared to be driven by political motivations in this supposed strike as well. Although the validity of KillNet’s attack is yet unknown, the group asserts that bank information and social network passwords were among the stolen data. 

Read more

Curated by: Prajwala D Dinesh, Ritwik Tiwari, Ayush Sahay


Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro