Data Protection and Privacy: (In)visibilities and Infrastructures

Volume 36 of the series Law, Governance and Technology Series pp 163-202


A Privacy Engineering Framework for the Internet of Things

  • Antonio KungAffiliated withTrialog Email author 
  • , Frank KarglAffiliated withInstitute of Distributed Systems, Ulm University
  • , Santiago SuppanAffiliated withSiemens
  • , Jorge CuellarAffiliated withSiemens
  • , Henrich C. PöhlsAffiliated withUniversity of Passau
  • , Adam KapovitsAffiliated withEurescom
  • , Nicolás Notario McDonnellAffiliated withAtos Consulting Canarias
  • , Yod Samuel MartinAffiliated withUniversidad Politécnica de Madrid

* Final gross prices may vary according to local VAT.

Get Access


This paper describes a privacy engineering framework for the Internet of Things (IoT). It shows how existing work and research on IoT privacy and on privacy engineering can be integrated into a set of foundational concepts that will help practice privacy engineering in the IoT. These concepts include privacy engineering objectives, privacy protection properties, privacy engineering principles, elicitation of requirements for privacy and design of associated features. The resulting framework makes the key difference between privacy engineering for IoT systems targeting data controllers, data processors and associated integrators, and privacy engineering for IoT subsystems, targeting suppliers.


Privacy-by-design Internet of things IoT system IoT subsystem Integrator Supplier