Is privacy an afterthought in a smart home?

Voice assistants from Google and Amazon are attempting to be a unified interface for consumers to interact with different smart home devices and services, further integrating themselves into every aspect of consumers' daily lives. In the past, these tech giants collected data whenever their voice assistant was used to perform an activity by the consumer, such as turning on a light or locking a door.

According to a recent report by Bloomberg, they are now asking device-makers to send a continuous stream of information from connected devices; irrespective of whether or not the assistant was used to control the device, bypassing user agreements and asking device-makers to share data across companies. As an example, TVs would be required to report the channel that is currently being watched, eliminating the user's privacy over content consumption; or smart locks would be required to notify at all times whether or not the door bolt is engaged, thereby informing the company about the user's occupancy.

Russell, an analyst from Parks Associates Inc., calls device-status reporting "a bit of a Trojan Horse request".


The new recommendation requires consumers to place their trust in these companies, and raises alarming questions around data privacy. Though this information may seem trivial at first, every device at home serves as a map of the consumer's personal life, providing sensitive information such as when the consumer comes home and what time everyone in the household goes to sleep. This gives companies a glimpse into the consumer's preferences, schedule, and adds a literal ear into the consumer's life giving them the ability to profile consumers and use the collected data for various purposes, including marketing.

Users agree to provide information when they ask a smart device to perform an action, but this consent extends only to provide specific companies with specific data and for the specific intended use. Any additional information gathered and shared beyond that requires another level of permission that is currently not requested. Is this a problem better solved with regulations?

Bloomberg quoted an Amazon spokesperson saying that they cannot share details on how the data is going to be used in the future or how long the data is saved.

Not only does this new recommendation raise major privacy concerns, but also public guidelines shared by primary market shareholders don't set limits on what they can do with the information they collect. Having an insight into what consumers do in their private spaces can open doors to much larger issues. Bloomberg quoted an Amazon spokesperson saying that the company doesn’t sell user data and doesn’t use information from device-status reports for advertising, but cannot share details on how the data is going to be used in the future or how long the data is saved. All pointing to the lack of a proven business model, making it a loss-leader to first capture as much market share as possible and decide to monetize later on, a potential reason why the primary market shareholders are investing heavily and subsidizing hardware and services.

While policies are catching-up to the realities of the technology and market, companies must do the right thing, not the easy thing.


As a smart home technology provider, we at Universal Electronics Inc. understand the value of data in providing better and richer experiences. We believe that is how a home can truly be smart. Finding the right balance between rich AI models based on complete user data vs. fair use of data with proper consent for application, should be an industry-wide initiative. We believe the following must start today to ensure that we can deliver on the promise of a smart home:

  • User consent: Performing specific actions and sharing data requires user consent. A smart home device purchase means a consumer buys into a promise, whether stated explicitly or implicitly. They "approve" access to some data for a specific company to deliver a specific function. On anything beyond that, either through software updates, or integrations, companies need an explicit approval on what new data will be used, for what purpose, and by which company in terms that consumers can easily understand.
  • Regulations: The process needs to be regulated by establishing industry-wide standards and protocols to specify the frontiers of data collected and shared.
  • Level playing field: Consumers and companies must have a level playing field to avoid scenarios that result in a monopoly or duopoly; or those that limit chances of innovation, or risk consumer choice in the long run. This is easy to overlook when faced with decisions that are artificially influenced through free or subsidized services today, in hopes of building an unknown business model in the future without any boundaries imposed.


We should regard privacy as a core feature of all voice assistants, rather than being an afterthought.

Smart homes have lasting effects in a consumer's life. For an aging population, a smart home is essential in controlling how we live in our homes as we age with the help of technology. To ensure that a user's data and conversations are not being compromised, we should regard privacy as a core feature of all voice assistants, rather than being an afterthought. While policies are catching-up to the realities of the technology and market, companies must do the right thing, not the easy thing.

The industry is starting to take notice, and hopefully, we are ready to find a lasting solution:

Your Smart Light Can Tell Amazon and Google When You Go to Bed

Google Home and Amazon Alexa are asking smart home device makers for user info

Amazon, Google demand constant data from smart home devices

Your smart light can tell Amazon, Google when you go to bed at night

Your smart light can tell Amazon and Google when you go to bed, as tech giants track you from morning till night

Repost: Discussing Privacy and Security Concerns at CONNECTIONS

You can read the original post here: Connected Products: Discussing Privacy and Security Concerns with UEI

Given the continual increase in the number of connected products, how can providers ease consumer concerns associated with data security and privacy?

This has been an ongoing debate within the segments we address. The only long term true solution includes a few parameters:

  • On user data: Data captured should be clearly explained, and repeated for consumer to understand, however, more important is how the data is to be used. Consumer consent should not be on the data, rather on the combination of what data is shared and how it is to be used.
  • Data ownership is a rather gray when it applies to device data – who owns this data. There needs to be differentiation between device diagnostic data and consumer data. The device diagnostic data does carry substantial value in what it can enable. The ownership of this data is unclear at the moment, device manufacturer, service provider/ecosystem owner, or consumer. The most beneficial scenario is when data is owned by device manufacturer, regardless of ecosystem, which allows a well-defined relationship started at the time of purchase.
  • Last but not least, privacy should be built into the architecture, smarter edge devices enabled cloud-less implementations which are effectively private. Expanding on what is possible offline/at edge vs what requires a back-end is going to be very interesting.

How will artificial intelligence (AI) impact the smart home, IoT, and connected entertainment landscapes in 2018 and beyond?

In many positive ways, but with some areas to be aware of / plan for:

  • Our data is biased, our implementation of AI cannot intensify this issue. As the workforce will need to evolve/be trained to adapt to new tools and technologies, we need to implement processes that address/prevent undesirable biases. This is essential in entertainment targeting which affects culture, and security/home care implementations which can have serious issues.
  • That said, AI is going to finally make connected devices smart. We still live in a time where connected devices have simply added to our overload of data, with proper implementation of AI they can finally act as assistants.
  • However, one major obstacle remains in the smart home domain. AI systems are only as smart or complete as the amount of data they have access to. The walled garden approach of ecosystem creators has caused data fragmentation issues, and without proper connection of these data silos, no AI will be able to be properly trained to address the end vision of the smart home. (Unless we believe a home will be dominated by a single brand, which is not the case today.)

Will the rise of DIY solutions significantly impact the traditional security landscape?

Although seemingly counter intuitive, we believe this may actually help. All boats will rise with this tide, and the lower barrier of entry is going to help in sell-through of additional monitoring/professional services.