Slashdot Mirror

← Back to Stories (view on slashdot.org)

Smart Home Makers Hoard Your Data, But Won't Say If the Police Come For It (techcrunch.com)

Posted by BeauHD on from the lips-sealed dept.

An anonymous reader quotes a report from TechCrunch: Thermostats know the temperature of your house, and smart cameras and sensors know when someone's walking around your home. Smart assistants know what you're asking for, and smart doorbells know who's coming and going. And thanks to the cloud, that data is available to you from anywhere -- you can check in on your pets from your phone or make sure your robot vacuum cleaned the house. Because the data is stored or accessible by the smart home tech makers, law enforcement and government agencies have increasingly sought out data from the companies to solve crimes. And device makers won't say if your smart home gadgets have been used to spy on you. We asked some of the most well-known smart home makers on the market if they plan on releasing a transparency report, or disclose the number of demands they receive for data from their smart home devices. For the most part, we received fairly dismal responses. Amazon did not respond to requests for comment, but a spokesperson for the company said last year that it would not reveal the figures for its Echo smart speakers. Facebook said that its transparency report section will include "any requests related to Portal," its new hardware screen with a camera and a microphone. A spokesperson for the company did not comment on if the company will break out the hardware figures separately. Google also declined to comment, but did point TechCruch to Nest's transparency report. Apple, the last of the big tech giants, said that there's no need to disclose its smart home figures because there would be nothing to report, adding that user requests made to HomePod are given a random identifier that cannot be tied to a person.

TechCrunch also asked a number of smaller smart home players, like August, iRobot, Arlo, Ring, Honeywell, Canary, Samsung, and Ecobee.

20 of 45 comments (clear)

  1. Data is the new oil. Haven't you heard? by Anonymous Coward · · Score: 1

    We used to call this behavior "phoning home" and if a program so much as checked if there was an update available without giving you the option to turn that off, it was shunned. Now you don't even know how a filesystem works anymore and need everything to be in the cloud.

    1. Re: Data is the new oil. Haven't you heard? by grep+-v+'.*'+* · · Score: 3, Funny

      Au contraire - who said that it was YOUR data to begin with? You're just the person in the picture while still in your house.

      If you didn't want the insides of your home to become public property, you shouldn't have put it all out there to begin with.

      --
      If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
    2. Re: Data is the new oil. Haven't you heard? by Opportunist · · Score: 1

      I say it's my data.

      That's why it's not in the cloud.

      A funny coincidence, by the way, is that cloud is a homophone of "klaut", German for "he/she/it steals".

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. Spoiler alert! by Narcocide · · Score: 1

    This means the police already have all of everyone's data, all the time. They've been granted blanket access. Heads will literally roll before anyone in charge will admit it though. Enjoy.

    1. Re: Spoiler alert! by astrofurter · · Score: 2

      We have become our own caricature of the Soviet Union.

    2. Re: Spoiler alert! by RespekMyAthorati · · Score: 1

      That is, we have become our own caricature of 1984.

  3. simple test by nimbius · · Score: 5, Insightful

    if it comes packaged as a service and you access a website, portal, or online content to use it, then you dont own it. Read the terms of service, because you likely dont own the data these devices collect either.
    if thats the case, it can be leveraged by American law enforcement in routine investigation. That investigation can be triggered by something as simple as driving a nice car while black, or by downloading too many files. https://en.wikipedia.org/wiki/...

    Save yourself the heartache of finding out just how deep in bed these companies get with US law enforcement, and use FLOSS home automation. https://www.openhab.org/

    --
    Good people go to bed earlier.
    1. Re:simple test by Actually,+I+do+RTFA · · Score: 1

      OpenHab feels like a failure. I went there, click on "Get Started", There was no option to buy branded (or even proven compatible) hardware. It was all about downloading/installing/configuring the server. Which I would be willing to do if that happened after I got some hardware on the way...

      Bottom-line, if OpenHab wants to succeed, it at least has to be more consumer friendly. Enough that I get a call from a relative who has a pile of hardware at their house; hardware ,they found and bought online I'm not saying they have to be able to set it up. But they have to be able to buy it.

      --
      Your ad here. Ask me how!
    2. Re:simple test by kaizendojo · · Score: 2

      You need to look at Home Assistant. https://home-assistant.io/

  4. Not in my home by Anonymous Coward · · Score: 1

    No "smart" shit in my home, ever.

  5. Ummmmm by JustAnotherOldGuy · · Score: 5, Interesting

    "Thermostats know the temperature of your house, and smart cameras and sensors know when someone's walking around your home. Smart assistants know what you're asking for, and smart doorbells know who's coming and going. And thanks to the cloud, that data is available to you from anywhere"

    Yes, and it's also available to the police, criminals, and anyone else who wants it bad enough.

    This is exactly why all of my home automation gear (dated, but still working) is non-cloud, non-connected devices that are unable to call out or store stuff off site.

    --
    Just cruising through this digital world at 33 1/3 rpm...
    1. Re:Ummmmm by JustAnotherOldGuy · · Score: 1

      You should know that Qualcomm's upcoming chipset for 60GHz wireless networks will "support new 60GHz Wi-Fi Sensing applications like proximity and presence detection, gesture recognitions, room mapping with precise location and improved facial feature detection."

      Well if they can sneak into my home and secretly retrofit all my gear to use that chip, then they deserve to be able to watch me fondle my wife, make breakfast, and leave pithy comments on Slashdot.

      --
      Just cruising through this digital world at 33 1/3 rpm...
  6. Literally nobody gives a shit. by Anonymous Coward · · Score: 1

    A nightmare of total surveillance is already a fact and not one god damn fucking thing has done to stop it. You are all pathetic.

  7. Build your own open solution by Martin+S. · · Score: 3, Interesting

    This stuff is not rocket science, cheap easy to use controllers such as Pi and Micro:bit are out there now

    https://www.raspberrypi.org/
    https://microbit.org/
    https://www.eclipse.org/smarth...

  8. Suuuuure by Spamalope · · Score: 2

    "requests made to HomePod are given a random identifier that cannot be tied to a person"

    Now, they can be tied to an apple account, and that can be tied to a persons file* of course. Our ad revenue depends on it!

    *File contains credit report, purchasing history, web browsing history, location history, people associated with, average economic class, political beliefs, employer, sexual orientation, medical conditions, hobbies, social graph, porn habits/strip club visits/any other possibly embarrassing leverage etc = you've got nothing to hide, right?!? It's ok if we have all of your personal info but you have none of ours, right?

  9. Even without terms of service ... by Ungrounded+Lightning · · Score: 2

    if it comes packaged as a service and you access a website, portal, or online content to use it, then you dont own it. Read the terms of service ...

    Even without terms of service that claim ownership of the data, when the data IS yours and nobody claims otherwise: If it's stored on an external service the supreme court has repeatedly ruled that that you have no "reasonable expectation of privacy".

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
    1. Re:Even without terms of service ... by Impy+the+Impiuos+Imp · · Score: 1

      The Supreme Court is shifting. As people move their "papers" into the cloud, it carries with it an expectation of privacy. People should not have to give up their 4th Amendment rights just to take advantage of modernity.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  10. FISA? by fred911 · · Score: 1

    "Google also declined to comment, but did point TechCruch to Nest's transparency report......etc....."

    Doesn't a FISA warrant require the holder of the data not to release any specific information regarding the warrant, or even the existence of one? Basically it's not a company failure to guard privacy issue, it's a legal requirement. A failure of legislation is where the blame should be placed.

    --
    09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  11. "Smart homes" are a surveillance boon by anegg · · Score: 1

    Your electric company may have already replaced your traditional meter with an electronic meter that monitors your energy consumption on a very fine-grained basis; the data from these meters is already being collected by the utilities. Researchers at UMass showed that they could determine what loads were being switched on and off inside a home with such a meter. Nest smoke detectors monitor "presence" information on a room-by-room basis and feed it up to the cloud. If you have cloud-based "smart home" devices (room by room presence, electrical switch state, thermostat/temperature state, door monitoring, etc., then they are feeding the state of your home to the cloud, where it can be used to determine what the people in your home are doing. If you are using geo-fencing with your smartphone, your location is being fed into these cloud systems (quite apart from the "ordinary" concerns about cell company location monitoring). If you have video/audio devices that feed into the cloud, people with access to that information can observe/monitor directly what the people in your home are doing.

    The ability to pull all this information together may involved inter-corporate agreements or a government mandate, but it obviously enables a kind of surveillance that makes past court cases involving thermal scanners being used to peep inside dwellings charming glimpses of a less intrusive era. The fact that there is a) no legislation regarding the protection of privacy, and b) very low public awareness of the risks involved, make it very unlikely that the brakes will be applied to the adoption of these systems any time soon. We are bugging our own homes; the panopticon isn't something the government will force upon us, it is something we are building that the corporations/government need merely to tap into.

  12. Apple HomeKit by k2r · · Score: 1

    AFAIK Information about your devices is stored encrypted in the iCloud and can only be decrypted with the keychain. The keychain can only be decrypted by you, not by apple.
    If you access actuators from outside the house, information is exchanged by sending e2e-encrypted iMessages to an iOS device in your house to relay to the device.
    This all looks like a sound concept to me.