Is your TV eavesdropping on you? How about that gaming console? Or your phone?
As homes continue to get smarter, more and more products are shipping with cameras and microphones, and that has privacy experts urging consumers to be more vigilant about educating themselves before they make a purchase.
At the same time, things that were not Internet-enabled in the past—like thermometers, watches, fitness wearables and even dolls—are now connected online, known as the Internet of Things. While smart homes help link people with others on the outside through these devices, this increased connectivity leaves them more vulnerable to cyberattacks.
“I would say there’s definitely a reason to at least be concerned,” said Jeremy Gillula, staff technologist at Electronic Frontier Foundation (EFF). “It’s not a situation of ‘everything is listening to me,’ but you might want to think twice about the policies of a product before you buy. … If it is a networked [device] or voice activated, it might make sense to check.”
Samsung quickly denied it was eavesdropping on consumers and blamed the confusion on poor wording. It has since updated the policy to note that the captures were made when you specifically activated the vocal search feature—and were being used only to improve voice recognition.
The tempest in a teapot surrounding that miscommunication, though, underscored the level of unease that exists around smart appliances and their monitoring capabilities. That’s a hurdle manufacturers of those products will need to clear to speed adoption.
“I think we’re going to see lots of devices like this that are trying to service people better and become intimate with our households,” said Jules Polonetsky, executive director Future of Privacy Foundation. He added, “[Companies that make them are] going to have to learn to become trusted and create things we can rely on to help us and not incriminate us.”
Spying eyes in your living room
While the issue has been making headlines lately, it’s not exactly new. Microsoft had to assuage consumer fears when it released Kinect, the always-on camera that came with the Xbox One in 2010. And Apple had to detail strict privacy safeguards with the introduction of Siri in 2011.
So far, there hasn’t been a significant data breach based on smart home technology, but advocates warn that could be lulling people into a false sense of confidence.
“The average person hasn’t had to worry too much about it yet, because it hasn’t been a huge issue,” says Gillula. “We haven’t seen any major abuses yet, but there’s a big ‘yet’ on that.”
The EFF is especially worried about law enforcement being able to use home technology as surveillance devices, said Gillula. And professionals, like lawyers or psychologists, who work out of their home would have confidentiality issues to consider. But there’s another threat looming as well: hackers.
Anything that’s connected to the Internet is vulnerable to a motivated hacker. Last year’s Black Hat security conference in Las Vegas focused on hacking smart devices, in fact.
“This is a computer that the user can’t put an antivirus on,” said Daniel Buentello, a student security researcher at the University of Central Florida who demonstrated a hack of the Nest thermostat. “Worse yet, there’s a secret back door that a bad person could use and stay there forever. It’s a literal fly on the wall.”
Privacy experts say cloud-based updates (rather than ones relying on the user to manually install them) should help alleviate the hacker threat—though that won’t eliminate it entirely. Ultimately, it will be dependent on the consumer to learn more about the operation of smart home products, which could be yet another stumbling block.
“As these things become mass-market and the average consumer tries to figure out what’s going on, it’s going to be critical to leave them feeling in control,” said Polonetsky. “We’re all befuddled by our computer to a certain degree. I don’t think we want the blue screen of death preventing us from making toast in the morning. … And certainly, if people start hearing their toasters leading to identity theft, we’ve got a big problem.”