Smart devices are great and can help us so much—from voice assistants like Alexa and smart TVs to cameras for the home—so much convenience, but at considerable costs to privacy. Most smart devices feature microphones and cameras that can record what we say and do without us even knowing. Most manufacturers convince consumers these devices only make recordings during commands. There are many examples of devices making accidental recordings after unintended sounds (and eventually wake words) are heard in the background.
Some smart devices send data to cloud storage where processing occurs. Data that is not only stored, can be human-reviewed data. Now the question becomes, “How private is our data, and do companies really care about its privacy?” With the amount of data breaches and hacking that occur, super-firm “security” isn’t so firm.
Watchdog organizations/groups and governments have attempted to limit what actually gets collected, then limit the length of time items can be retained for. If using cloud storage, be sure to periodically check privacy settings, mute the device when not in use, and update its software to the latest version.
In addition to home use, smart devices are omnipresent in workplaces, vehicles, and public places, which expands the universe of surveillance. Smart assistant devices may unintentionally troll recordings of conversations during office meetings. Internet-connected vehicles can track location, speed, and even driving habits; these data could be harvested at scale and pushed to insurance companies, advertisers, or even law enforcement in real-time—all of which raises a ton of ethical and legal questions.
In 2019, The Guardian released a report that demonstrated contractors working for Apple, Amazon, and Google had access to audio snippets from users’ self-built smart devices. Not infrequently, those snippets contained incredibly sensitive personal information and contents from users’ homes. While each of these companies subsequently promised to update their privacy policies, the fact that it happened at all demonstrates the lack of transparency with certain agencies that collect data.
While other tech firms may have privacy-related issues, the concern is not sacrifice unique for major tech firms. In addition, cheap off-brand smart technology has the ability to be hacked more easily because there is not robust encryption in many cheap versions of smart devices. Once it is hacked, a smart device that doesn’t have the data proactively discarded could be turned into a surveillance device in your home, which means that it could obtain regular and continual data that fits personal characteristics.
Experts recommend to buy smart technology from respectable brands that disclose how they use user data. Users should routinely audit permissions granted for device access and limit device access to personal spaces.
The expansion of smart home ecosystems such as Google Home, Amazon Alexa, and Apple HomeKit has formed a network effect. Each device could potentially share data with others, in other words, the interconnectedness of these devices could make life easier, but also increase risks. If a hacker compromises your smart plug or thermostat, they could potentially leverage access to invade your entire home network.
Another growing worry are the third-party apps and skills you will integrate into these ecosystems. Often they ask for expansive permissions that are probably not required for its functionality. A study published by Northeastern University (Northeastern University, 2020) showed that many third-party Alexa based skills collected more user data than necessary, with some not even having privacy policies in place, which increase the awareness of misuse.
Users should always read the privacy policies, disable unnecessary integrations, and implement network segmentation to separate smart devices from critical systems for god practice.
Also concerning is the possibility of government surveillance via smart devices. Law enforcement has sought information from smart speakers, smart refrigerators, and fitness trackers in a number of legal cases and they often use that to resolve criminal investigations or to bring justice. While law enforcement finding justice should always be a good thing, using smart device data strays into civil liberties territory where there is a concern about government access to information without a warrant or explicit consent by the user.
One of the more famous examples of smart device data being sought was a case from 2016 when police in Arkansas sought access to Amazon Echo recordings in a murder investigation. Amazon resisted this request from law enforcement until the defendant consented. This case emphasized the unclear line that existed on user privacy and legal access. All cases involving these smart devices demonstrate how it becomes an unintended witness of a user’s life.
In authoritarian regimes, the risk is even worse. The government could use smart technology to monitor dissenters or impose limits. Daily deviced used in daily life has the potential to be an oppressive tool or a robotic enforcer of the state. Human rights groups warned that without robust privacy protections, smart technologies may become accessible for mass surveillance.
To protect yourself, try to find local voice processing devices without cloud storage and look for things that allow you to delete your data or maintain full transparency.
Read more:
ACLU – Smart Devices and Law Enforcement
Washington Post – Smart Homes as Witnesses
