During an interview with the BBC last year, Google Devices and Services senior vice president Rick Osterloh pondered whether a homeowner should disclose the presence of smart home devices to guests.
“I would, and do, when someone enters into my home,” he said.
When your central heating thermostat asks for your telephone number, your TV knows what you like to watch and hackers can install spyware in your home through a lightbulb security flaw, perhaps it is time that we all started taking smart home privacy issues more seriously.
Illustration: Kevin Sheu
Just this week the British National Cyber Security Centre issued a warning to owners of smart cameras and baby monitors to review their security settings.
You can get a quick overview of privacy options for many smart home devices by using the Mozilla “privacy not included” guide, but if you have already invested in particular technology, all is not lost.
A few configuration tweaks could help put you back in control when it comes to balancing device performance with data privacy — and they do not involve wearing anything like the ludicrous-looking “bracelet of silence,” which jams smart device microphones, as recently demonstrated by a team from the University of Chicago.
SMART TELEVISIONS
When the FBI warns users that their televisions could be listening to and watching them, maybe it is time to reflect on how dumb we are when it comes to smart TVs. Most of us buy a big TV with all of the Internet streaming and program guide functionality we can afford and kick back in front of it. Beyond the initial tuning in of stations and maybe adjusting the color to our taste, there is not much configuration tweaking that goes on — which is a mistake when both privacy and security issues are in the picture.
Contemporary TVs connect to the Internet, have Web browsers, run apps and can be controlled by your voice. Automatic content recognition (ACR) watches what you see, from TV programs to games, and the resulting data can target you for personalized advertising and produce viewing recommendations — often across various platforms.
You probably agreed to ACR being used when you were setting up your new TV. To disable it — although this varies from TV to TV — head for the general or advanced settings and look for a “viewing information” or “viewing data” option. This would stop some smart features, such as recommendations and even some voice activation functions, from working properly, so bear in mind that ACR data is anonymized before heading for the off button.
SMART SPEAKERS
Smart speakers and digital assistants come in many guises. What they all have in common is that, by necessity, they are always listening.
Research suggests that 59 percent of smart speaker users have privacy concerns, with unwanted listening and data collection being front and center.
Of course, only you can determine whether having a voice-controlled “Star Trek computer” in your home outweighs the privacy concerns.
It is possible to retain the smart performance while minimizing the privacy “threat surface.” To prevent the Amazon Alexa or Google Assistant account holder from being able to view any requests that you have made or questions you have asked, you can tell Alexa to “delete what I just said” and Google Assistant to “delete my last conversation.”
However, this does require the account holder to have enabled the “delete by voice” option in their settings. If you are the account holder, you can use the “voice match” function for Google Assistant to prevent your results from being available to anyone who simply asks for them.
Google Assistant users can use the Home app via Settings | More Settings | Your Data to pause collection of any more voice recordings, but Google warns that this can “limit or disable” more personalized experiences across Google as a result.
You can manage how Amazon uses your data by opening the Alexa app and heading for Settings | Alexa Privacy and toggling the “help improve Amazon services” option off, along with the “use messages to improve transcriptions” setting.
SMART DOORBELLS
A home security surveillance system requires video cameras to record what is going on. When those security cameras are connected to, and accessible from, the Internet, questions about who is watching the watcher come to the fore. When those connected cameras can be found in everything from your doorbell to the baby monitor in the nursery, privacy issues cannot be ignored.
Amazon-owned Ring is perhaps most famous for its video doorbells. In the US Congress, Amazon is facing questions about the sharing of Ring data, including video footage, with more than 900 US police departments.
Following investigations that found that Ring had shared information with the likes of Facebook and Google, the company said that it does not sell personal information to anyone and has suspended the use of most third-party analytics services in Ring apps while it works to provide greater ability to opt out in its new Control Center.
This already lets users manage privacy and security options such as two-factor authentication, sharing information with third parties for personalized advertising and managing any shared users.
Clicking on the authorized client devices option would show all of the devices that can access your Ring account — and therefore your videos. This would show the device and whether it is logged into your account. To remove any that you do not recognize, remove all authorized client devices as one and then re-enroll them individually.
SMART HEATING
That we are even talking about privacy concerning your thermostat is pretty crazy, but fears over central heating technology and privacy are a reality.
In the case of the Google-owned Nest thermostat, such fears are ill founded. Despite some news reports to the contrary, your Nest thermostat has neither a camera, nor a microphone inside.
However, thermostats such as the Alexa-supporting ecobee4 do have microphones. The ecobee4 also has a privacy mode that can be activated once the thermostat is installed: Tap the microphone icon at the bottom right of the thermostat screen and select voice control off. You would no longer be able to use Alexa to control the thermostat, but nor would it listen continuously for wake words or send recorded messages to Amazon.
Both ecobee4 and Nest users can have all of their personal information removed upon request, but this deletes their account and disables the remote access and smart connected functionality that you bought the device for. A Nest thermostat collects data such as your setup information, environmental data from its sensors, and heating and cooling usage.
SMART LIGHTBULBS
Earlier this year, security researchers confirmed that a vulnerability could enable a hacker to launch an attack on your home computer network, and therefore your data, by way of a Philips Hue smart lightbulb.
The vulnerability, without getting too technical, was actually in a low-power wireless protocol used to control many different Internet of Things smart devices. Philips was quick to issue a new firmware update that fixed the problem before it was publicly disclosed.
You can make sure your lightbulbs are protected by opening the Philips Hue app and heading to Settings | Software Update. This would alert you if an update is needed, but to prevent any further checking, you can enable the “automatic update” option on the same page.
The gutting of Voice of America (VOA) and Radio Free Asia (RFA) by US President Donald Trump’s administration poses a serious threat to the global voice of freedom, particularly for those living under authoritarian regimes such as China. The US — hailed as the model of liberal democracy — has the moral responsibility to uphold the values it champions. In undermining these institutions, the US risks diminishing its “soft power,” a pivotal pillar of its global influence. VOA Tibetan and RFA Tibetan played an enormous role in promoting the strong image of the US in and outside Tibet. On VOA Tibetan,
Sung Chien-liang (宋建樑), the leader of the Chinese Nationalist Party’s (KMT) efforts to recall Democratic Progressive Party (DPP) Legislator Lee Kun-cheng (李坤城), caused a national outrage and drew diplomatic condemnation on Tuesday after he arrived at the New Taipei City District Prosecutors’ Office dressed in a Nazi uniform. Sung performed a Nazi salute and carried a copy of Adolf Hitler’s Mein Kampf as he arrived to be questioned over allegations of signature forgery in the recall petition. The KMT’s response to the incident has shown a striking lack of contrition and decency. Rather than apologizing and distancing itself from Sung’s actions,
US President Trump weighed into the state of America’s semiconductor manufacturing when he declared, “They [Taiwan] stole it from us. They took it from us, and I don’t blame them. I give them credit.” At a prior White House event President Trump hosted TSMC chairman C.C. Wei (魏哲家), head of the world’s largest and most advanced chip manufacturer, to announce a commitment to invest US$100 billion in America. The president then shifted his previously critical rhetoric on Taiwan and put off tariffs on its chips. Now we learn that the Trump Administration is conducting a “trade investigation” on semiconductors which
By now, most of Taiwan has heard Taipei Mayor Chiang Wan-an’s (蔣萬安) threats to initiate a vote of no confidence against the Cabinet. His rationale is that the Democratic Progressive Party (DPP)-led government’s investigation into alleged signature forgery in the Chinese Nationalist Party’s (KMT) recall campaign constitutes “political persecution.” I sincerely hope he goes through with it. The opposition currently holds a majority in the Legislative Yuan, so the initiation of a no-confidence motion and its passage should be entirely within reach. If Chiang truly believes that the government is overreaching, abusing its power and targeting political opponents — then
RSS