Privacy and Security of ISAC and E3 User-Plane Data Exposure

Establish privacy-preserving ISAC architectures and governance—including regulatory compliance, privacy-preserving algorithms, access control for third-party dApps, and data isolation across the sensing pipeline—to mitigate privacy risks and the attack surface created by exposing raw I/Q data through the E3 interface.

Background

ISAC can passively capture sensitive information, and exposing raw I/Q samples to dApps via E3 introduces new security risks. The architecture’s programmability and third-party extensibility heighten the need for robust privacy and security controls.

The authors explicitly note that privacy and security remain open concerns and list concrete areas—compliance, privacy-preserving algorithms, access control, and data isolation—that must be addressed.

References

Finally, privacy and security remain open concerns: ISAC can inadvertently collect personal information through passive sensing, and exposing raw I/Q data through the E3 interface creates a new attack surface. Compliance with privacy regulations, privacy-preserving algorithms, access control for third-party dApps, and data isolation at each layer of the sensing pipeline must be addressed.

Enabling Programmable Inference and ISAC at the 6GR Edge with dApps  (2603.29146 - Polese et al., 31 Mar 2026) in Section 6, Conclusion and Open Challenges