Zephyrnet Logo

Generative Data Intelligence

AI

Which? highlights smart speakers, security cameras sharing data to social media, marketing firms | IoT Now News & Reports

Republished By Plato
Republished By Plato

Date:

Views: 113

Which? research has found that smart home device owners are being asked to provide large amount of data to manufacturers, which could compromise their privacy and potentially result in them handing their personal information to social media and marketing firms. The consumer champion found companies appear to hoover up far more data than is needed for a product to function. This includes smart speakers and security cameras that share customer data with Meta and TikTok, smart TVs (televisions) that insist on knowing users’ viewing habits and a smart washing machine that requires people’s date of birth.

The research suggests that, despite consumers having already paid up to thousands of pounds for smart products, they are also having to ‘pay’ with their personal data. Which? analyse data collection practices of popular brands behind a range of smart devices. Skilled persons look at what information they require to set up an account, what data permissions their apps request and what activity marketing companies are tracking on people’s products.

Every brand looked at the required exact location data as well as an approximate one, despite this arguably not being necessary for the functionality of product. Smart speakers are only supposed to listen when you want them to, but this is not always the extent of data collection. Which? found that Bose smart speakers share user data with Meta, the parent company of Facebook.

Researchers found a difference in the volume of data requested by smart speakers if users own an Android phone versus an Apple iOS device. For example, Google Nest products request contacts and locations on Android, but neither on Apple’s iOS. The app functions the same on both, so additional data collected on Android does not appear to be essential. It is not known why this additional data was collected. However, Google’s primary business is advertising and marketing, whereas Apple currently focuses on selling hardware.

When it came to smart cameras and doorbells, Which? found Ezviz devices, sold by major high street retailers including Argos, had by far the tracking firms active. This included TikTok’s business marketing unit, Pangle, Huawei, as well as Google and Meta. Every single smart camera and doorbell brand Which? assessed used tracking services from Google, while Blink and Ring also connected to parent company Amazon. Google’s Nest product demands full name, email, date of birth and gender.

On Android, Arlo, Eufy and Ring also want permission for people’s background location, which is not necessary to alert users when their home security system is triggered, and means they could track users even when they are not using the app. All permissions are activated by default. Consumers can opt out, but this requires changing settings and could lead to aspects of the device or app no longer working.

In a survey of 1,201 Which? members in April 2023, the data people were concerned about being shared were their contacts and background location, involving an app tracking where people are even when they are not using it. This was followed by photos, phone numbers and precise locations. For smart washing machines, skillful people were surprised to find companies needing the date of birth of users although this is optional on Beko machines, LG and Hoover will not allow use of the app without knowing when customers were born.

LG wants data on all washing machine brands the company will know the customer’s name, date of birth, email, phone contact book, precise location and phone number. Hoover wants users’ contacts and phone numbers on Android devices. With Miele, tracking of precise location is enabled by default, and required to use the app. Many smart TV menus are now flooded with adverts, some personalised based on user data. While tracking is optional, Which? has found that LG, Samsung and Sony bundle this up into an ‘accept all’ button, rather than encouraging customers to review a full list of tracking options and then accept or decline which ones they want.

A third (33%) of Which? members surveyed admitted to not reading any of the privacy policy when downloading an app, while two thirds (67%) says that they merely skimmed it. This is perhaps unsurprising given terms and conditions and privacy policies are usually incredibly long to read. A Google Nest owner would need to work their way through more than 20,000 words to get to grips with them, which would take one hour and twenty minutes for someone who reads at 250 words per minute.

Under general data protection regulations (GDPR), companies must be transparent about the data they collect and how it is processed. The data collected must also be relevant and limited to what is necessary for processing to take place. However, reasons for taking information are often too expansive for consumers to appreciate, with companies claiming ‘legitimate interests’. While it all should be listed in a privacy policy, the reality is that when consumers come to click ‘accept’, unless they closely analyse fine print, they have little to no idea what will actually happen with their data.

“Consumers have already paid for smart products, in some cases thousands of pounds, so it is excessive that they have to continue to ‘pay’ with their personal information. Firms should not collect more data than they need to provide the service that’s on offer, particularly if they are going to bury this important information in lengthy terms and conditions. The ICO should consider updating guidelines to better protect consumers from accidentally giving up huge swathes of their data without realising.” says Rocio Concha, Which? director of policy and advocacy.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

spot_img

Latest Intelligence

spot_img

Copyright @ 2024 Plato Technologies Inc.