The Opt Out: Smart devices are not the smarter choice
THE TECHNOLOGY in modern home appliances has breathed new life (and plausibility) into the old saying ”If these walls could talk.” Your fridge and smart speaker may not have mouths, but they have an internet connection, and that can be more dangerous than the sharpest of tongues.
Tech companies and manufacturers have made it seem like privacy is just a matter of digging into your device’s settings and disabling cameras and microphones. But after years of data breaches and high-profile reports of secret recordings, maybe you don’t trust that approach and are looking for analog solutions that neutralize the hardware rather than the software.
Your phone is not an excuse not to care
You may not care about devices snooping around your home because you assume your phone is already absorbing and transmitting everything you say and do to Big Tech, but that’s wrong. You see, your phone doesn’t need to use its eyes and ears to spy on you: You’re already giving it loads of information just by carrying it with you everywhere you go. Then there’s the biometric data you use to unlock it, and all the apps you interact with that collect information about what you like, scroll through, and look at.
This is not just guesswork. A 2018 investigation by researchers at Northeastern University found that out of the 17,000 most popular apps on the Google Play Store, only a small handful of them surreptitiously listen to you. There are exceptions, but research shows most apps are well-behaved and don’t eavesdrop without your knowledge. To soothe our fears even more, both Android and iOS have launched on-screen features that let you know whenever your phone’s mics or cameras are operational.
So when it comes to spying gadgets, the true wildcards are devices hooked up to the Internet of Things (IoT): smart fridges, washers, dryers, bulbs, and thermostats. For the past decade, people have been welcoming these gadgets into their homes, often not realizing that their data may be poorly protected or that malicious actors may be able to take control of the device itself. Even those who know about the potential security risks have reported difficulties finding specific information about them.
Then there are smart speakers. The sole purpose of this type of gadget is to respond to your voice commands, but to do their job they need to be listening at all times. And according to manufacturers such as Amazon, they also need to record everything you say after the trigger word. They do this so their systems (and sometimes a team of humans you don’t know) can analyze your words and use them to help the artificial intelligence powering your speaker improve with time.
That makes sense—after all, algorithms are only as good as the data we feed them. But even if you don’t have a smart speaker at home, you know trigger words can be tricky. It’s not that rare to “Hey Google” your heart out without the gizmo ever acknowledging you, and sometimes the most random conversation can summon Siri—even if no one said anything that sounds remotely like the name of Apple’s digital assistant. Nonverbal sounds can also invite Alexa to the party, and Amazon’s product has been caught sending private conversations to strangers.
Luckily, a lot has changed in the last couple years. Amazon’s latest generation of Echo devices now comes with a built-in button to turn off the mic, preventing any listening or recording. This also defeats the purpose of a smart speaker, but it’ll allow you to have that intimate family talk in private—if you remember to press the button first. Don’t worry if you’re stuck with an older Echo model: the company also changed its privacy settings so you can manage the recordings, transcripts, and usage history Amazon has on you, and even delete them. No matter which model you have, you can choose to prevent Alexa from saving any future recordings of you, and tell the company not to use your data to improve its smart assistant.
After Alexa kept making headlines due to privacy concerns, Google and Apple took measures of their own. The Big G incorporated new management tools to give users more control over their Google Assistant usage history and put a switch on its speakers to turn off the mic. Both companies paused human review of users’ recordings, but Apple stepped it up a notch when it announced Siri would start handling commands locally. This means Apple’s HomePod would not need to send any recordings to the company’s servers to process a query.
When it comes to protecting users’ privacy, these are all undeniable steps in the right direction. But it’s still fair to wonder if any of this would’ve happened had it not been for independent investigations and reports shedding light on sketchy situations. It’s also fair to wonder whether there are other ways in which these IoT devices are spilling the beans, laying messy groundwork for unexpected consequences in the future. More than that: These concerns are perfectly sensible.
In the digital age, privacy solutions are analog
Disabling a camera is easy: You just cover it. How you do so depends on what you have at hand. You can use a piece of thick tape, get a dedicated cover slide, or, depending on your setup, drape the cleaning cloth that came with your glasses over it. The possibilities are endless.
Disabling microphones, though, is another story. The mics on smart speakers and home appliances are built to detect and understand human speech. For that purpose, they’re equipped with an AI-powered speech system that allows them to focus on one sound source, effectively isolating your voice. So even if your huskies decide to come together in song in the same room, there’s still a pretty good chance your gadgets will understand their trigger word. That means that to prevent your devices from spying on you, you’d have to drown out their mics with constant loud sound. Not the most practical task in the world.
That’s not to say there aren’t solutions. Take Project Alias, for example: an open-source, 3D-printable gizmo that sits atop your smart speaker and constantly drowns out the microphone to prevent recording. It won’t totally neutralize your speaker, and you can rename your device so that when you say the trigger word, the microphones will work again. That means if you rename your Echo speaker “PopSci,” Project Alias won’t allow it to hear “Alexa” but will grant you access if you say, “Hey, PopSci.” The bad news is that Project Alias was designed to fit a previous tubular-shaped version of the Echo, and the discontinued Google Home, so it’ll only help if you buy these speakers secondhand or already have one at home. Needless to say, it won’t work with other IoT devices.
Short of options, the next step we can take to protect our privacy against snooping devices is to just not buy smart home devices. This may sound like an extremely disappointing solution, especially when you’ve already splurged on a washing machine that texts you when your laundry is ready for the dryer—but that’s what we’ve got. The research team at Northeastern University is looking to determine just how much data these gadgets are harvesting, but as long as manufacturers hide information under the guise of proprietary technology, we’ll never have full transparency as to what they’re actually doing. And just like with smart speakers, changes are most likely to come only after abuse has been exposed and harm already done.
In the meantime, if you’re in the market for new appliances, ask yourself if you really need your lightbulbs connected to your WiFi network, or how much value fridge notifications bring into your life. Sure, being able to peek through your doorbell camera on your phone can be incredibly useful, but the price you pay may not only be in dollars—and you’ll be paying it for as long as your device is online.
Read more PopSci+ stories.
Comments are closed.