The ubiquity and interactions involved in IoT will provide
many conveniences and useful services for individuals, but also
create many opportunities to violate privacy. To solve the
privacy problem created by IoT applications of the future, the
privacy policies for each (system) domain must be specified.
Once specified, either the individual IoT application or the IoT
infrastructure (e.g., the utility capability) must enforce privacy.
Consequently, the IoT paradigm must be able to express users’
requests for data access and the policies, such that the requests
can be evaluated against the policies in order to decide if they
should be granted or denied. A new language is required to
express privacy policies because the following requirements not
easily expressed in current privacy languages