Smart appliances: convenient or creepy?

When it comes to privacy and data safety, you’ll obviously be concerned about your computers and smartphones. But have you thought about your WiFi-connected household appliances? We live in a world where I can use my phone to turn on the heater as I’m leaving the office or check I haven’t left the oven on while I’m out shopping.

But what kind of information can a business gather about me using these convenient features? How well is my data protected, and are companies upfront about what they do with it?

What makes an appliance smart

Any appliance with WiFi connectivity should be considered “smart”, also called Internet of Things (IoT), and can transfer data over a network, such as the internet, without human interaction.

Your smart oven knows when it’s turned on and off each day, and your robot vacuum knows the layout of your home.

This information can reveal a lot about you and your household. Your oven data helps paint the picture of what time you normally get home and start eating dinner, while the robot vacuum can produce a detailed floor plan of your home a burglar could use.

Benefits vs risk

Smart appliances are gathering data about your household and, once connected to the internet, they could send that information to cloud servers, whether you realise it or not.

But it’s not always apparent when it’s being collected. For example, while some smart TVs can respond to spoken commands and record interactions, in 2015 it was widely reported that some Samsung TVs were always recording conversations. The issue wasn’t just that they were potentially listening to your private conversations, it could also share them with third parties according to its privacy policy. Samsung denied that this was the case. This doesn’t mean that future firmware and privacy policy updates mean it will always be the case.

The risk to data

Our daily habits and behaviours can be recorded by some smart appliances. How that information is stored is important as any data is susceptible to hacking or data breaches. Encryption is one way of protecting stored data, as it allows only authorised people with the key to decrypt and read it. Though encrypting data collected about people isn’t required under New Zealand law, it should be.

Another issue is data sovereignty. Data is subject to the laws of whichever country it’s physically stored in, and your personal data could be stored anywhere in the world. This means foreign government agencies could have access to data about your household and its habits. New Zealand law covers companies storing data here, but many appliance manufacturers are based in other countries, and user data could be stored anywhere.

We need to think of data collected by smart appliances as being just as sensitive as data collected by your smartphone.

This data is valuable. Developers and manufacturers can use it as a type of currency. It might be sent to related companies or shared or on-sold to third parties without you even realising.

Companies can anonymise data by stripping out identifying information such as name, email address or location. But unless done properly, data can be deanonymised and someone’s identity can still be deduced by cross-referencing with other data.

Before buying a smart appliance, check the manufacturer’s website and required apps and actually read the privacy policies. They should state whether your data will be shared and, if so, who with. If there isn’t a declaration, don’t buy the appliance.

The app you use on your smartphone to control many of these smart appliances can also be a risk. Some manufacturers or app developers could use this as a path to access data on your phone, such as contacts, location and call history.

I’m taking a second look at how much I let my smart appliances know, and I suggest you do the same. It’s time to think about the safety of our data and what we need to share for these appliances to be convenient, not creepy.

How you can protect your data

Before buying a smart appliance or downloading its associated app, check what information it wants you to share and think hard about whether you want to share it. The easiest way to protect your data is to not share it in the first place. You can still use the appliance without smart features.

If you’re still keen on using a smart appliance in your home, here are a few steps you can take to help keep your data safer:

• Look for appliances that have clear data privacy policies and use encryption.
• Before installing apps or connecting an appliance to the internet, read the privacy policies (in the app store) and pay attention to updated policies.
• Provide the minimum personal information required when signing up (avoid optional profile fields).
• Regularly clear data on apps associated with your smart appliance, and keep them both updated.
• If possible, disable any smart features you don’t use.
• If you find you aren’t using any of the smart features of your appliance, disable its access to the internet and uninstall associated apps.

Don’t forget to lock the virtual “front door” to your home, the router. See our article on routers for advice on how to do this.