Ethics of Data Collection in the Age of IoT Devices

The rise of the Internet of Things (IoT) has led to an explosion of connected devices that collect user data. From fitness trackers to smart home assistants, IoT devices gather immense amounts of personal information. This data collection raises important ethical questions around privacy, consent, and data use.

The Scale and Scope of IoT Data Collection

It’s estimated there will be over 30 billion IoT devices by 2025, up from around 10 billion in 2018 (Nordrum, 2016). These devices record data on users’ locations, voices, behaviors, and more. One survey found the average person has over 7 connected devices collecting data about them (Suby, 2020). The scope of IoT data collection is incredibly broad – everything from sleep patterns to driving routes can be monitored.

User Consent and Transparency

A core ethical issue is whether users fully understand and consent to the extent of data gathering by their IoT devices. One study found only 9% of smart speaker owners realized recordings were kept and analyzed (Kinsella, 2018). The default settings for many IoT devices allow extensive data sharing with third parties. Users often do not read long privacy policies explaining these practices. Greater transparency and clear opt-in consent is needed around data collection.

Data Security Concerns

The more data collected, the greater the risks if that data is hacked or misused. IoT devices have been shown to have security vulnerabilities that can allow hackers access to sensitive user information (Alaba et al., 2017). Steps must be taken to encrypt and protect the troves of data being gathered. Companies have ethical duties to minimize security risks and promptly address any breaches or exploits.

Data Ownership Questions

Who owns the data collected by IoT devices – the user or the manufacturer? This issue is legally ambiguous currently. Ethically, users should retain ownership and control of their personal data. However, companies often maintain rights over IoT device data under long user agreements. Users should be able to access, download, and delete their IoT data easily. The “right to be forgotten” should apply.

Potential Discrimination

The insights gleaned from IoT device data analytics can be used to discriminate against certain groups. For example, IoT-derived data could be used to profile users’ health or habits and determine their insurance premiums (Zhou et al., 2020). Strict regulations are needed to prevent misuse of data. Data collection should be limited to the minimum needed to provide services.

Surveillance Concerns

Some fear IoT devices enable expanded mass surveillance by governments and companies (Zeng et al., 2019). Microphones and cameras built into IoT devices could be used to monitor users without consent. Strict laws limiting surveillance capabilities of IoT devices may be necessary to protect privacy. Users should be able to disable recording functions easily.

Positive Applications

While risks exist, IoT data can also be used to benefit users and society. For example, health IoT devices can allow doctors to monitor patients closely and catch serious conditions early (Darshan & Anandakumar, 2015). Smart city sensors can help reduce traffic and pollution. With proper transparency and consent, IoT data collection can enable useful services.

Here are a few additional points we can elaborate on regarding the ethics of data collection in the age of IoT devices:

  • There are growing calls for IoT devices to have better built-in security features and encryption to protect user data. Manufacturers have an ethical obligation to ensure their devices are not easily hacked and have strong cybersecurity standards. Updates and patches need to be provided promptly as well.
  • Another ethical concern is the potential for IoT devices to increase the digital divide. These devices may be too expensive for lower-income households, limiting their access to potential health and other benefits. More affordability and equitable access is important.
  • Voice assistants and other recording IoT devices in the home raise privacy issues around accidental data collection from children and other household members who did not consent. There need to be appropriate safeguards for secondary data collection.
  • As IoT devices gather more intimate data about users, there are concerns around profiling, discrimination, and manipulation – for example, insurers potentially getting health data from smartwatches or marketers getting behavioral data from smart homes. Strict governance is required.
  • There are calls for more ability for users to be able to delete or amend their IoT data when inaccurate or no longer relevant. The “right to be forgotten” should be upheld with IoT information just like online data.
  • Overall, transparency, consent, privacy, security, and responsible use of data by manufacturers is key. Ethical principles of respect for user autonomy and preventing harm should underpin the design and deployment of all IoT devices that gather personal data. Ongoing oversight will be needed.


The widespread adoption of IoT devices raises pressing ethical questions around expansive data collection. Users must be clearly informed about what data is gathered and retained. Consent policies should be robust and surveillance potential limited. With careful regulation and responsible use, the benefits of IoT technology can be harnessed while protecting user privacy.


Alaba, F. A., Othman, M., Hashem, I. A. T., & Alotaibi, F. (2017). Internet of Things security: A survey. Journal of Network and Computer Applications, 88, 10-28.

Darshan, K. R., & Anandakumar, K. R. (2015). A comprehensive review on usage of Internet of Things (IoT) in healthcare system. In 2015 International Conference on Emerging Research in Electronics, Computer Science and Technology (ICERECT) (pp. 132-136). IEEE.

Kinsella, B. (2018). 9% of Smart Speaker Owners Are Aware Their Devices Are Listening and Recording Them.

Nordrum, A. (2016). Popular Internet of Things Forecast of 50 Billion Devices by 2020 Is Outdated. IEEE Spectrum.

Suby, M. (2020). The 2020 IoT Market Update. IoT For All.

Zeng, E., Mare, S., & Roesner, F. (2019). End User Security and Privacy Concerns with Smart Homes. In Symposium on Usable Privacy and Security.

Zhou, J., Cao, Z., Dong, X., & Lin, X. (2020). Security and privacy for cloud-based IoT: Challenges. IEEE Communications Magazine, 57(1), 26-33.

If you have any questions, please ask below!