Enhancing User Privacy in IoT: Integration of GDPR and Blockchain

Abstract

The development of Internet of Things (IoT) industries has raised significant questions in terms of accountability of smart devices and user privacy. The advent of European General Data Protection Regulation (GDPR) in such industries enabled users to control their collected data and be informed about the collecting devices. This paper by using blockchain technology provides the audit trail of IoT devices under GDPR rules. It translates a set of such rules into smart contracts to protect personal data in a transparent and automatic way. By proposing an abstract model and designing some business processes, the paper shows how the integration of GDPR and blockchain can appear in the design patterns of IoT devices to achieve a greater transparency of privacy.