The Internet of Everything (IoE) connects things, people, data, and business processes, leading to the widespread collection of personal physiological data, including facial data. While this data offers societal benefits in various applications, it also presents significant security and privacy risks. Recent high-profile data breaches highlight the vulnerability of personal physiological data, particularly facial data, which is unique due to its permanence, replicability, and relevance. Existing research lacks a systematic method for identifying these risks. This study addresses this gap by employing fault tree analysis (FTA) to systematically identify and analyze the risks associated with facial data breaches within the IoE context. The study aims to provide insights into the manageability and traceability of personal physiological data throughout its lifecycle, informing individuals and organizations on effective data management practices and policy development.

Previous research on personal data breach risks has primarily used empirical and positive approaches, identifying risks related to IoE devices, technologies, third parties, user behavior, malicious attackers, and operational irregularities. Empirical studies often focus on the consequences of breaches, while positive research utilizes questionnaires to identify hidden risks resulting from insufficient awareness and imperfect management systems. While some studies have investigated personal physiological data breach risks, specifically focusing on indirect and direct attacks, there is a lack of systematic, objective methods to analyze these risks and their interrelationships within the IoE context, particularly regarding data liquidity and the lifecycle of physiological data. This study aims to address these gaps.

This study employs fault tree analysis (FTA), a deductive procedure for safety and reliability analysis, to model and analyze the risks of facial data breaches. FTA allows for the identification of multiple risk factors and their causal relationships. The study considers the data lifecycle—collection, storage, transmission, usage, and destruction—as a framework for analyzing facial data breaches. Twenty-two facial data breach cases, selected based on their typicality, availability, and heterogeneity, were analyzed to extract relevant risks and causal events. The researchers identified a top event (facial data breach) and then decomposed this into intermediate events and basic events using a combination of direct causes mentioned in news reports and expert analyses. These events were then linked using AND and OR gates to construct a fault tree diagram. Minimal cut set (MCS) analysis was used to identify the minimal combinations of basic events leading to the top event, and structural importance analysis was performed to rank the basic events according to their contribution to the risk.

The fault tree analysis revealed 1224 minimal cut sets (MCSs), highlighting the high vulnerability of facial data systems. Three intermediate events were identified as major contributors to facial data breaches: risks caused by individuals (M1), risks during data management (M2), and the absence of supervision (M3). Structural importance analysis showed that "Lack of laws and regulations" (X43) and "Immaturity of face recognition technology" (X7) were the most significant basic events. Other significant events included those related to individual behavior and lack of awareness (X1-X6). The analysis also identified potential risk sources in the IoE terminals and cloud environments, such as vulnerable physical devices and insecure data transmission.

The findings highlight the multifaceted nature of facial data breaches, involving individual actions, data management practices, and regulatory frameworks. The high number of MCSs underscores the need for a comprehensive approach to risk management. The identification of "Lack of laws and regulations" and "Immaturity of face recognition technology" as the most critical factors emphasizes the crucial role of both legal and technological solutions in mitigating risks. Individual responsibility is also highlighted, as demonstrated by the significance of events related to individual behavior and awareness. The study also points to emerging risks associated with IoE terminals and cloud environments that warrant further attention.

This study presents a novel application of fault tree analysis to understand facial data breaches in the IoE. The findings reveal a complex interplay of factors contributing to breaches, emphasizing the need for a multi-pronged approach encompassing legal frameworks, technological improvements, and individual awareness. Future research could explore the development of more sophisticated risk assessment models incorporating quantitative data, and investigate potential mitigation strategies for the identified vulnerabilities, especially those related to the IoE terminals and cloud environments.

The study relies on a limited number of publicly reported cases, which may not fully capture the diversity of facial data breaches. The qualitative nature of the structural importance analysis limits the precision of the risk ranking. Further research employing quantitative methods and larger datasets is necessary to strengthen the findings.