Tech companies and manufacturers have made it seem like privacy is just a matter of digging into your device’s settings and disabling cameras and microphones. But after years of data breaches and high-profile reports of secret recordings, maybe you don’t trust that approach and are looking for analog solutions that neutralize the hardware rather than the software. This is not just guesswork. A 2018 investigation by researchers at Northeastern University found that out of the 17,000 most popular apps on the Google Play Store, only a small handful of them surreptitiously listen to you. There are exceptions, but research shows most apps are well-behaved and don’t eavesdrop without your knowledge. To soothe our fears even more, both Android and iOS have launched on-screen features that let you know whenever your phone’s mics or cameras are operational. So when it comes to spying gadgets, the true wildcards are devices hooked up to the Internet of Things (IoT): smart fridges, washers, dryers, bulbs, and thermostats. For the past decade, people have been welcoming these gadgets into their homes, often not realizing that their data may be poorly protected or that malicious actors may be able to take control of the device itself. Even those who know about the potential security risks have reported difficulties finding specific information about them. After Alexa kept making headlines due to privacy concerns, Google and Apple took measures of their own. The Big G incorporated new management tools to give users more control over their Google Assistant usage history and put a switch on its speakers to turn off the mic. Both companies paused human review of users’ recordings, but Apple stepped it up a notch when it announced Siri would start handling commands locally. This means Apple’s HomePod would not need to send any recordings to the company’s servers to process a query. When it comes to protecting users’ privacy, these are all undeniable steps in the right direction. But it’s still fair to wonder if any of this would’ve happened had it not been for independent investigations and reports shedding light on sketchy situations. It’s also fair to wonder whether there are other ways in which these IoT devices are spilling the beans, laying messy groundwork for unexpected consequences in the future. More than that: These concerns are perfectly sensible. Disabling microphones, though, is another story. The mics on smart speakers and home appliances are built to detect and understand human speech. For that purpose, they’re equipped with an AI-powered speech system that allows them to focus on one sound source, effectively isolating your voice. So even if your huskies decide to come together in song in the same room, there’s still a pretty good chance your gadgets will understand their trigger word. That means that to prevent your devices from spying on you, you’d have to drown out their mics with constant loud sound. Not the most practical task in the world. That’s not to say there aren’t solutions. Take Project Alias, for example: an open-source, 3D-printable gizmo that sits atop your smart speaker and constantly drowns out the microphone to prevent recording. It won’t totally neutralize your speaker, and you can rename your device so that when you say the trigger word, the microphones will work again. That means if you rename your Echo speaker “PopSci,” Project Alias won’t allow it to hear “Alexa” but will grant you access if you say, “Hey, PopSci.” The bad news is that Project Alias was designed to fit a previous tubular-shaped version of the Echo, and the discontinued Google Home, so it’ll only help if you buy these speakers secondhand or already have one at home. Needless to say, it won’t work with other IoT devices. Short of options, the next step we can take to protect our privacy against snooping devices is to just not buy smart home devices. This may sound like an extremely disappointing solution, especially when you’ve already splurged on a washing machine that texts you when your laundry is ready for the dryer—but that’s what we’ve got. The research team at Northeastern University is looking to determine just how much data these gadgets are harvesting, but as long as manufacturers hide information under the guise of proprietary technology, we’ll never have full transparency as to what they’re actually doing. And just like with smart speakers, changes are most likely to come only after abuse has been exposed and harm already done. In the meantime, if you’re in the market for new appliances, ask yourself if you really need your lightbulbs connected to your WiFi network, or how much value fridge notifications bring into your life. Sure, being able to peek through your doorbell camera on your phone can be incredibly useful, but the price you pay may not only be in dollars—and you’ll be paying it for as long as your device is online. Read more PopSci+ stories.
