I am worried that some of the IOT hardware has the potential to be used to expose large amounts of private data - whereupon it will be used in unexpected ways.
The shift to ipv6 will result in loss of Internet privacy. Little known aspects of ipv6 behavior allows lesser known quirks of ipv6- such as ipv6 fragments and ipv6 extension headers to be used to penetrate firewalls.
Some similar holes seem to be made possible by abusing MDNS services discovery
A great many kinds of data can be collected and exposed by IoT devices.
One example of information which will likely be sold is health data.
Newer cell phones contain raw data capable GPSs that can reveal the users exact location to a few millimeters (typically less than 2 cm when outdoors with a clear sky view, not quite that accurately indoors but relative accuracy might be good enough to use the data to determine cardiovascular health
Most GPSs that people are used to may log the location at 1 Hz but some newer chips can log up to 20 Hz. (20 times a second)
The use of location data by purchasers of exfiltrated data (often without peoples knowledge) can have far ranging repercussions. All of this information will become marketable data.
Areas lived could also impact insurance rates because of polluters.
Data retention will make it possible to look back in time to determine who was exposed to what retrospectively, and charge them accordingly.