Back in 2020, we wrote an article entitled, “Your Home Is Spying on You, Too.”
It was our first foray into the world of the “internet of things” or simply “IoT”: a system of internet-connected devices or objects (including tracked animals and people) that can transfer data without any interaction between humans and computers.
We suggested that if you value your privacy and security, you should avoid the IoT as much as you can, unless you’re willing to take rigorous security precautions. But it’s becoming increasingly difficult to purchase them.
For instance, the old refrigerator at my home started making weird noises two years ago and stopped cooling. It was obvious that I needed a new one. So, I began shopping for one.
After considerable internet research, I settled on GE “Energy Star” 27 cubic foot unit. But only after a few months, the icemaker stopped working. Fortunately, it was still under warranty, but I was surprised when the technician told me what the problem was: the refrigerator had malfunctioned due to the unit not being able to communicate with GE so that it could advise me when to change the filter.
He told me that he would need to install a “connect module” to enable this “smart” feature. I suspect he was quite surprised when I told him, “No thanks.” Instead, I called GE directly – not the warranty company – and asked them to dispatch a technician to fix the problem. That technician informed me that I didn’t need to install the connect module, but that if I did and then connected it to my home network, I would get notifications via an app on my smartphone if I forgot to close the refrigerator door or needed to replace the filter.
In keeping with my overall philosophy of avoiding smart technology, I never ordered the command module. But I’m obviously behind the times, because an almost bewildering variety of internet-connected smart devices are available. You can buy smart televisions, fish tanks, voice assistants, doorbells, door locks, coffee makers, thermostats, pet feeders, light bulbs, alarm clocks, security systems, washers, dryers, ranges, toothbrushes, and vacuum cleaners.
Research published last August on “smart home trends” revealed that the average home in the United States, Europe and Japan has 17.1 internet-connected devices. You can even buy smart eyeglass frames or a smart penis cage.
You can also implant smart devices into your body. Wireless pacemakers have been around for at least 15 years. And we recently learned of a smart knee replacement.
What could go wrong? Our article from 2020 highlighted security problems with the popular Nest smart thermostat from Google and observed that if it uses your family’s wi-fi network, a hacker could retrieve the network password and potentially use it to infiltrate any other smart device connected to the network.
That’s bad enough, but can you imagine what would happen if a hacker took control of your smart penis cage? Or when a garage door controller has such poor security in its network that anyone with moderate technical skills can open and close the garage doors from anywhere in the world.
IoT devices are also now being deliberately weaponized. In January, the British government discovered a geo-location device inside a factory-installed part in one of its diplomatic vehicles. The vehicle had been manufactured in China.
The incident raised questions about the espionage potential in IoT devices since the majority of them are made in China. Indeed, the Pentagon has expressed concern that Chinese-manufactured cargo cranes are potential spying tools.
There’s very little that any of us can do individually to prevent China from implanting spy devices in the billions of IoT devices it manufactures. But even if you don’t fear that Chinese spies are monitoring your activities, the data that the myriad of IoT devices can collect is almost mind-boggling: from your thermostat settings to your location and movement patterns.
This data can be used to build detailed profiles of your behavior, habits, and preferences, which can be used for a variety of purposes, including targeted advertising, market research and, especially in smart devices equipped with microphones and cameras, surveillance. Hackers that penetrate the often-unsecured IoT devices can capture this data and use it to target homes for burglary, kidnapping, or other criminal activity. Domestic abusers are using smart home devices to harass their ex-spouses or partners.
Since it’s becoming increasingly difficult to avoid the IoT, all of us need to take steps to protect ourselves. Your first line of defense is not to purchase products that are internet-connected unless they need to be connected to function. In my case, my smartphone, my PC, and my laptop are the only devices I own that need internet connectivity.
But since it’s increasingly difficult to purchase mass-market products that aren’t smart, your second line of defense is to not activate the smart features. For instance, I own an LG smart dryer that the previous owner of my home installed. I didn’t realize it could be connected to the internet until I looked in the user manual and discovered that I could activate smart features that would provide benefits such as warning me when I needed to clean the lint tray.
The challenge is that a consumer doesn’t see the true value that manufacturers see in terms of how that data can help them.
Yes, we suppose that convincing customers that having their smart devices monitor them 24/7 will “help them” might be a challenge. In our view, every one of them is a potential privacy and security threat.
For the smart devices you own, take time to set them up with hard-to-guess passwords. Choose different usernames and passwords for every device. That way, if hackers gain access to one device, it won’t mean every other connected device in your home can be compromised. Check the terms of service for each device and opt out of as many forms of data sharing as you can. And opt into automatic hardware and software updates if you can for each smart device you own.
Finally, it’s becoming harder to buy “dumb” non-internet-connected devices. It wouldn’t be a bad idea to stock up on the ones you might need in the next few years while they’re still available.