Data Privacy Playbook For Wearables And IoT

Wearables and the Internet of Things raise significant consumer privacy issues that you need to prepare for now. We outline the key concerns with a primer on how to get your organization ready.

Scott Amyx, Founder & CEO, Amyx+McKinsey

June 8, 2015

4 Min Read
<p align="left">(Image: <a href="" target="_blank">Mike</a> via Flickr)</p>

Different Data Requires Different Treatment

According to Forrester report "Personal Identity Management Success Starts With Customer Understanding," consumers view various types of data differently. They are most concerned about their personal identity data, such as their social security number, birthdate, and address. They are far less concerned about behavioral data from the Internet, wearables, and smartphones.

Consumers compartmentalize different data. Financial data is housed and managed by their financial services providers. Health data is entrusted to their hospital and medical professionals. Shopping information is shared with a particular retail entity at the time of the transaction. This shows that privacy opt-in/out should not take an all-or-nothing approach, but should be thoughtfully crafted based on the type of data collected and shared.

Data Vaults And Private Clouds

There is mounting pressure from the FTC to have Congress pass a law giving consumers the right to have some access to the records data brokers compile about them. Regulators may soon require data resellers to periodically provide consumers with free data reports.

Personal data service and identity management system providers such as and have created data vault products to enable users to see or share sensitive data and all the files they store in their data vault. securely creates a private network, allowing registered users to share access to data and files through an exchange of encrypted keys without the risk of transmitting the data or files through non-secure, direct means. It also allows users to immediately update data across their own network and revoke access to it when they choose. collects data about consumers' marketing preferences and gives them the option to share information on a limited basis with certain companies in exchange for coupons and status upgrades.

The industry is pushing for data vaults to be made available to consumers voluntarily by data brokers and third parties to give consumers granular preference management for the type of data, how it's stored, and how it's used instead of making these types of options an all-or-nothing proposition. Bao suggests, "Data collection and usage should fuel the business model, as well as protect consumers. A product should strive to find that sweet spot of giving consumers meaningful notice and choice(s) over their data without limiting the core functionality of the product."

Kaiser Permanente voluntarily provides a data vault to its members to manage information about their healthcare, prescriptions, and insurance, as well as allowing them the ability to control access to their data vault to help manage their care.

Local Data Storage And Home Automation Hubs

The fear of data compromise is driving the phenomenon of local data storage in wearables and connected homes. These new storage solutions promise all the benefits of the public cloud without sending your data to the cloud through an Internet connection. Users of local data storage can securely access, stream, auto-backup, and auto-sync their files across all their wearables and smart-home devices at the speed of a local network, using WiFi and Bluetooth Low Energy (BLE). The ReVault smartwatch, for instance, promises wireless, wearable local storage on your wrist.

At the heart of this momentum is the home automation hub. Ninja Sphere is a home controller hub that enables homeowners to monitor the home's temperature, lighting, and energy usage, as well as a pet's presence or anything else connected to the sphere. It boasts capabilities to handle processing offline for faster performance and offers added privacy and security. The collected home data from devices, the environment, and location reside locally on the hub to give users full control over their data. The home automation hub category is driving new competition from SmartThings, Icontrol Networks, Revolv (a Nest Company), and Lutron. EMC, Western Digital, SanDisk, and Cisco will target the home as the new personal data center for those who choose to have complete control of their data.


When it comes to wearables and IoT, the nature of users' concerns is critical. Since most users are somewhat unaware of potential privacy implications, companies should alert them to possible concerns. Innovators will enable their customers to control the type and frequency of data collection, the accessibility of that data, and how the data are shared.

In short, lead with privacy ... or be dragged down by crushing fines and fleeing customers.

About the Author(s)

Scott Amyx

Founder & CEO, Amyx+McKinsey

Scott Amyx is the founder and CEO of Amyx+McKinsey, a wearables strategy agency specializing in smart wearables strategy and development. He writes for InformationWeek,, IEEE Consumer Electronics Magazine, and
IEEE Technology and Society Magazine, and he speaks at global conferences on wearables and the Internet of Things.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights