Contents I. Introduction
In general, smart homes, which are in fact IoT applications [1], are considered to be “a dwelling incorporating a communication network that connects the key electrical appliances and services, and allows them to be remotely controlled, monitored or accessed” [2]. This actively demonstrates, for the components of smart homes (appliances and devices), that they can interfere with the members of the household smartly [1]. However, it should be mentioned that the definition may be subject to considerable variation due to the technologies which are included [3]. Considering the applications of smart homes concerning the field of the provided services, a basic classification includes home care services, comfort/entertainment sector, energy sector, and security applications [4]. Nevertheless, this classification cannot be considered as restrictive nor strict, as the potentials of smart homes are an evolving field. Smart home devices have been expanding rapidly in household members as consumers and thus data subjects [5]. The initiatives of smart homes, smart cities, and in general the innovations of the field of communications, have emerged alongside risks and restrictions as well [6], [7]. According to [8] study the highest number of risks, related to smart homes, under experts’ opinions, was attributed to privacy and security risks. Inside the smart home environment, the data subjects consist of adults and minors, and therefore of people with different levels of vulnerability concerning privacy risks. Smart home applications would contribute to the improvement of many aspects of minors’ education, therapy [9], and entertainment. Children require specialized data protection according to GDPR , as they may not be aware of the privacy issues [10] [11], that come with the usage of a smart device. The EU level of data protection has an international reflection for entities, as it applies to data subjects located in the EU and data subjects located outside the EU, when the processing refers to the operations of a controller or a processor inside EU [10]. This suggests that entities located outside the EU (for example USA) as well should take into consideration the presented GDPR requirements, where required. This paper therefore presents a specialized framework for preserving minors’ data protection in the environment of smart homes, with emphasis on privacy by design approach.
General Data Protection Regulation [10].
