It is critical to limit the collection, storage, and sharing of both personally identifiable information (PII) as well as sensitive personal information (SPI). Leaked information such as Social Security Numbers can lead to customers being compromised which could have legal repercussions for manufacturers. If information of this nature must be gathered, it is important to follow the concepts of Privacy-by-Design.

Considerations (Disclaimer: The List below is non-exhaustive):

• Determine which PII/SPI is critical for device operation and if storage of the information required for business and/or operational purpose.

• Limit the duration of storage time to the shortest amount of time needed for device operation.

• Ensure the information is stored securely - i.e. in Secure Environment, or protected using strong cryptography.

• Provide transparency for customers by including details about what information is being collected, stored, and distributed via privacy policies.

• Provide a mechanism to allow the device owner to perform a factory reset to remove their personal data before transfer to another user or destruction.

• Consider GDPR for devices that store data in the EU.

  • "It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address."​

Additional References

• ​Privacy-by-design​

• ​https://ico.org.uk/for-organisations/guide-to-data-protection/privacy-by-design/​

• ​https://blog.varonis.com/privacy-design-cheat-sheet/​

• ​https://www.ftc.gov/system/files/documents/plain-language/pdf0205-startwithsecurity.pdf​