Smart Home Security

What you need to know:

Most smart home security systems are accessible online via a phone app. Like most app creators, these companies can use them to collect your personal information as well as your location data and share it with third parties for marketing and advertising purposes.

In addition, user video recordings were found to be accessible by employees of some home security manufacturers, including teams tasked with training these devices to utilize artificial intelligence to recognize individuals and objects. These video recordings were secured with few measures in place to prevent improper access. In addition, some devices were found to still store video recordings of previous owners after being restored to factory settings. Most of the larger manufacturers have since (after much public outcry) put in more security measures and limit storing videos on its servers to users that voluntarily share access. However, smaller device manufacturers likely still have lax protocols in place.

Furthermore, home security camera systems are the most hacked internet of things (IoT) devices and many are susceptible to breaches with many high profile instances of hackers being able to access video feeds and microphones to harass individuals. When hacked, all indicators that the device is actively monitoring, such as lights and audio cues, can be disabled so that the camera appears inactive.

Finally, some home security companies have struck partnership deals with law enforcement agencies across the country that allow these agencies to access camera footage. This has led to some local police departments actively encouraging homeowners to purchase these devices, with some local governments even providing rebates as an extra incentive to opt in to their surveillance programs. This type of monitoring paired with facial recognition technology has the potential to lead to invasive tracking of unsuspecting individuals simply walking by these devices.

Learn More:

How Ring’s app shared data with third parties and how their employees were allowed access to video recordings with few internal security measures

Ring’s poor security measures, has led to hacking incidents like when an 8 year old was spied on and when a couple’s camera was accessed 

Some security measures Ring is putting into place after some high profile incidents and public outcry

How Nest devices still contained data after resetting to factory settings and one incident where hackers took over a device to broadcast fake audio warnings about a missile attack

How these home security devices can be used by law enforcement agencies and one case where law enforcement obtain Nest footage to convict a fraud ring

What to do:

See this guide for some of the more secure home security cameras.

Use a strong password for the device to thwart hackers (consider using a password manager). Also if your device has two factor authentication (such that every time you log in you will need a one-time code shared via email or text), then you should enable it.

Turn off the microphone if it is not essential.

On the app, check the privacy settings to see if you can limit the manufacturer from sharing your information with third parties.