Reducing privacy concerns related to wearable IoT devices within the context of the General Data Protection Regulation (GDPR)

Abstract

This project will investigate the ways in which wearable technology is regulated under the GDPR and the need for a more specialised regulation in order to mitigate people’s privacy concerns. There are four main questions in this dissertation. Why are there privacy concerns around the use of wearable IoT devices? How can people's concerns about wearable privacy issues be reduced? Can the GDPR by itself be trusted to protect personal data collected through wearable devices? Is there a need for a new regulation that targets wearables? To come to a conclusion, this project has discussed the high potential risk of privacy issues of wearable IoT devices, conducted an empirical study in form of an online-based survey, and examined the way the GDPR regulate wearables technology. This study argues that users have placed their trust in GDPR to protect their personal data because wearable IoT devices provide a high potential risk to privacy, compounded with the reality that most people do not read privacy rules. However, because of the GDPR's broad scope, it falls short of meeting people's expectations for data privacy on wearables, and as a result, more specialised regulation aimed at wearables is required.