Even though public awareness about privacy risks in the Internet is increasing, in the evolution of the Internet to the Internet of Things (IoT) these risks are likely to become more relevant due to the large amount of data collected and processed by the ‘‘Things’’. The business drivers for exploring ways to monetize such data are one of the challenges identiﬁed in this paper for the protection of Privacy in the IoT. Beyond the protection of privacy, this paper highlights the need for new approaches, which grant a more active role to the users of the IoT and which address other potential issues such as the Digital Divide or safety risks. A key facet in ethical design is the transparency of the technology and services in how that technology handles data, as well as providing choice for the user. This paper presents a new approach for users’ interaction with the IoT, which is based on the concept of Ethical Design implemented through a policy-based framework. In the proposed framework, users are provided with wider controls over personal data or the IoT services by selecting speciﬁc sets of policies, which can be tailored according to users’ capabilities and to the contexts where they operate. The potential deployment of the framework in a typical IoT context is described with the identiﬁcation of the main stakeholders and the processes that should be put in place.