This article appeared in the Spring 2021 issue of This Old House Magazine.
Our measure of a good smart-home gadget is usually whether it’s practical and useful. Do we actually save on our heating bill if the Nest thermostat creates its own schedule, or does it drive us crazy by turning the heat down too low at night?
Can Smart Devices Be Trusted?
But separate from the question of whether a smart-home device is doing its job is: Can it be trusted with the data it gathers? Because whether we’re talking about Maytag clothes washers that connect to our Wi-Fi, Google smart speakers that listen for spoken commands, or Amazon’s Ring path lighting that triggers a video doorbell, these gadgets all live to gather and share data.
Their whole smart-home reason for being is to watch us closely, like a helpful, modern-day butler, in order to make themselves more useful. Often, they do that best by communicating with other devices, and future advances promise even more sharing of data to enable even more modern conveniences. Greater coordination of smart-home monitoring devices could further improve alerts to a relative if something’s amiss at the home of a loved one living alone, as less movement or water usage is detected, for instance.
Are Smart Devices Collecting Data?
How concerned should we be about where the data collected by these new helpers goes? There are plenty of horror stories. Last year, for example, the Android app for Amazon’s Ring video doorbell was found by EFF privacy advocates to be sharing data with third-party marketing services—a little off-brand for a company that’s about securing and protecting our homes.
Arlo, a rival maker of home security cameras, has made hay of this, even hiding a discount code in its privacy policy to encourage customers to read its promise never to sell user data or even save it without consent.
It’s worth noting that privacy isn’t the same as security—Amazon’s Ring, for instance, has generally good security for its user accounts. But the right to privacy is a pretty clear principle: This past election, Californians handily passed Proposition 24, the California Privacy Rights Act, giving residents the right to tell businesses not to share their data.
3 Ways to Protect Your Data
Here are three areas where you may want to button up companies’ access.
1. Stop a Smart Speaker from Recording You
Both Amazon and Google have argued that too much privacy holds them back from improving services such as speech recognition. If you have an Alexa smart speaker or another Alexa-enabled device in your home, you might want to go to the Alexa mobile app or Alexa Privacy Settings page at Amazon.com to review and delete recordings.
These are most likely accidental recordings of room conversations captured when Alexa mistakenly thought it was being hailed. We recommend setting Alexa to automatically delete all recordings, and not to allow voice recordings to be used for product development or manual review of accuracy.
Apple, on the other hand, assumes you don’t want to share your Siri conversations with researchers unless you opt-in, so you can choose not to. It’s worth noting, however, that Apple only came to this righteous position after being caught doing the opposite last year by the UK’s Guardian newspaper.
2. Secure Your Security Camera Video
Apple, which proclaims that “privacy is a fundamental human right,” has designed a clever system called HomeKit Secure Video.
Connected security cameras that support HomeKit Secure Video—and there are many, ranging from low-cost Eufy models to Logitech’s excellent Circle View and Yobi’s B3 video doorbell—bring camera streaming, recording, and activity notifications securely to Apple’s Home app, where the video securely syncs across your Apple devices but is inaccessible even by Apple, except as a meaningless encrypted scramble (the security standard for stored passwords). Activity detection and analysis is done locally on your own Apple devices.
In contrast, Google Nest’s video feed from your home is encrypted in transit but not on cloud servers where it’s stored, and where some Google employees could, quite literally, see you. If you’re not sticking within Apple’s HomeKit Secure Video, we recommend following product recommendations by the privacy-minded Mozilla Foundation, where Eufy video doorbells and Arlo security cameras get high marks.
3. Keep Your Smart TV From Tracking You
If your TV connects to the Internet for Netflix and other streaming services, it’s very possibly using the Internet connection to also report back and sell your viewing habits to marketers. Maybe you’re fine with this deal—and you may well have been subsidized in some way for handing over a part of your privacy with a discount purchase or subscription—but maybe you’d prefer not to share.
These services will let you turn off this surveillance, but you have to dig into the submenus of settings. Turn off “Viewing Data” or “Smart Interactivity” (Vizio models) or “Internet-based Ads” and “Collect App and Over-the-Air Usage Data” (Amazon Fire TVs and TVs with built-in Amazon Fire), or turn on “Limit ad tracking” (Roku streaming stick, set-top box, and TV sets). Your data, after all, is your business.
“One of the surest signs that this is still early days with the smart home is that ease of use and privacy are too often seen as trade-offs. Privacy shouldn’t be an add-on feature.” —Ross Trethewey, TOH home technology expert
Read the Fine Print
The terms of service agreements that come with various smart-home devices often disclose the ways in which manufacturers can store, sell, or otherwise use the data they collect, although the language may be hard to understand.
Good policies explicitly promise not to share or sell private data, and the most advanced technologies are built to safeguard private data even from the service providers and product-makers themselves.
From this point of view, the best smart-home products are now being designed with privacy in mind from the beginning, without the need to opt-out. Because there’s so much more they can do for us if we can trust them.