Smart Home and privacy
Smart Home: Digitisation of the private everyday life
Digitisation also does not stop at household and everyday objects. The so-called "smart home" applications are equipped with sensors and connected to the Internet. This enables the central control of different systems or devices, for example via smartphone. The simplification of everyday work is countered by data protection concerns. This is because devices like Alexa are repeatedly in the media due to data mishaps.
The advantages of Smart Home
Smart home applications belong to the Internet of Things (IoT) sector and are leading to increasing digitalisation in the private sector. The applications are manifold and enable the operation of blinds, heating or light in a centralized, automated and location-independent manner. Particularly advantageous are the savings potential in the area of energy consumption, but also the convenient access from a distance, for example, if the blinds have to be closed due to sudden hail. In the area of entertainment we already use smart solutions, Alexa plays her favourite song on demand and we can call up the Netflix app via our smart TV to watch series. The advantages are obvious, but how is this topic to be assessed from the perspective of data protection?
Privacy and Smart Home
In particular, the increased circulation of personal data due to the networking of devices via WLAN, Bluetooth or mobile phone networks must be viewed critically. This is because these networks are not always adequately secured. And even if one does not become the victim of a hacking attack, there are numerous possibilities for third parties, such as manufacturers or even craftsmen, to gain more and more insight into sensitive data areas. User profiles can be created from the data of the networked devices and behaviour or habits can be estimated. A sensitive intrusion into privacy and the loss of control over one's own data.
In Europe, the General Data Protection Regulation, how manufacturers and providers may handle personal data. Among other things, providers must observe the following:
- Data may only be collected with the consent of the data subject.
- The processing of the data must be for a specific purpose. For example, an e-mail address provided to receive product updates may not be used for advertising.
- The collection of data must also be earmarked for a specific purpose, e.g. registration for software does not require information on religious affiliation.
Even though the DSGVO regulates many issues in this respect, there are still no specific guidelines or technical standards for smart home applications.
Many users focus on the fun of use and the benefits in terms of time and cost savings, and ignore the intrusions into personal data. Taking necessary protective measures is often not an issue, the Data protection not so important. What points you can consider to check smart home devices, you will find below.
- Research before purchase: can you make settings in the smart home application of your choice for the use of the collected data?
- Check which data your device records, often these are listed under "My activities" or "History". Do you find this data useful?
- At best, do not change the default settings of your devices, especially the passwords set by default, to "12345".
- Keep the operating system up to date by regularly updating it, security holes are often repaired by this.
- Disable the Universal Plug and Play (UPnP) feature of your router, this default setting controls how devices on a network communicate with each other.
- Pay attention to whether your data is collected or processed in encrypted form. The so-called end-to-end encryption is recommended.
Digitization and the Internet of Things have become an integral part of everyday life. Providers outside the European area such as Google or Apple are setting standards with solutions such as Alexa or Siri, which are in line with the GDPR have little to do with it. Smart home solutions will also become more rather than less in the future. That's why it's all the more important to take a close look at the providers before buying smart home solutions. Which functions do I really need, are there alternatives on the market? If a branch or even the headquarters of the provider is located within the EU, the regulations of the GDPR must be observed. Before the device is put into operation, the above-mentioned safety precautions must be taken.
"When using smart home applications, the advantages should be weighed against the risks. In my opinion, the question that users have to ask themselves is whether the cost or time savings are so great that I risk my personal data being misused in the worst case".