| Abstract |
Today, smart cities leverage the power of Internet of Things (IoT) technology in which IoT devices play an integral part. An immense amount of data is generated and collected to address challenges and opportunities in real-time, returning numerous economic, social, and environmental benefits in smart cities. However, as an end user of smart application, citizen does not fully aware that their data is under surveillance from hidden computing power of IoT devices; every data transmission process is vulnerable as an entry point for malicious attacks. This raises public concerns regarding the privacy of user data, especially for the sensitive data if suffers from privacy violation may lead to human values loss. Therefore, detecting privacy violation risk and measuring privacy trade-off, which is before the privacy violation issue actually happened by adversaries, is crucial to mitigate damages by data breach or make decision of trading cost for IoT device benefits. In this paper, we conduct an in-depth study on the privacy violation risk of IoT devices from the public point of view. We develop a practical and reality-based approach to Privacy Trade-Off Assessment framework for detecting privacy violation risk and measuring trade-off values. To support citizens in implementing the framework, we design a Privacy Violation Risk (PVR) detector to detect and utilize the privacy risk levels associating with the data practices of an IoT manufacturer. We implement PVR detector on a dataset of 214 IoT providers in Canada market, and discuss our result. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2025. |
