The Internet of Things (IoT) raises specific issues in terms of privacy, in particular with respect to information and consent. In this paper, we propose a generic framework for information and consent in the IoT which is protective both for data subjects and for data controllers. We present high level requirements for information and consent and several technical solutions to implement them. We also outline the design space and sketch a prototype implementation.