When Your Home Security System Turns the Camera on You

When Your Home Security System Turns the Camera on You
Amazon's Echo Spot device powered by its Alexa digital assistant at the Consumer Electronics Show in Las Vegas on Jan. 11, 2019. Robert Lever/AFP via Getty Images
Kevin Stocklin
Updated:

Consumers around the world are installing “smart” home systems for the convenience and control it gives them, but many are unaware of who or what may actually be controlling these systems and for what purpose.

Users of smart home technology are sometimes startled to find that someone else is operating their systems. In 2019, a Milwaukee couple said they felt “violated” when smart cameras in their house began talking to them, and their thermostat began setting itself to 90 degrees in late summer. While that experience was attributed to a hacker, other customers are finding that the company that made or installed the smart systems was the one taking control.
In August 2022, thousands of Colorado residents who installed smart thermostats to get a $100 credit from Xcel, the local electric utility, were shocked to discover that the utility company had locked them out of their own thermostats, allowing temperatures in their homes to reach as high as 88 degrees in order to reduce power usage during a heat wave.
And last week, a Baltimore resident claimed that Amazon had shut down his smart home security system without warning because of allegations, which turned out to be false, that he had uttered a racial slur to an Amazon delivery person. The resident, Brandon Jackson, who happens to be black, gave evidence from video cameras posted outside his residence that nobody was home when the alleged incident occurred.

Jackson speculated that an auto response from his smart doorbell that said, “Excuse me, can I help you?” might have caused the delivery person to believe he had heard a slur.

“The driver, who was walking away and wearing headphones, must have misinterpreted the message,” Jackson said. “Nevertheless, by the following day, my Amazon account was locked, and all my Echo devices were logged out.”

And then there are numerous creepy tales of hackers taking over baby monitors to observe the families that installed them. In one case in 2018, parents reported a voice coming through the monitor that said, “I’m in your baby’s room.”

Added to this are the many stories that people tell of private conversations they have with a spouse or friend in their home in the presence of a smart phone, after which an advertisement for whatever they were discussing coincidentally appears on their computer or phone.

Currently, about 60 million American households have installed home smart systems and that number is projected to increase by 50 percent to more than 90 million households by 2027. Worldwide, more than 300 million households are estimated to have smart technology in their homes.

The Risks of the Internet-of-Things

In March 2023, academics from several European universities published a study titled, “The Digital Harms of Smart Home Devices,” which detailed a number of risks that consumers take when these systems are installed in their homes. The Internet-of-Things (IoT), which refers to physical mechanisms that connect into larger systems via the internet, includes smart security systems, appliances, thermostats, pet or baby monitors, air quality monitors, TVs, speakers, lights, and health and fitness trackers.

The “harms” they identified from their research included privacy invasion, hacking, malware, stalking and denial-of-service attacks.

Initially, the authors hoped the study would produce comprehensive data on “how many privacy and security incidents and harms are taking place because of the use of these devices,” co-author David Buil-Gil, a criminologist and lecturer at the University of Manchester, told The Epoch Times. “The first thing we realized is that it was impossible because the police are not recording the data out there, and private companies are not sharing any sort of data with researchers or with government.”

Instead, they collected published research from around the world to try to get a better picture of the situation. The authors, most of whom are based in the UK, are currently working with the government there to build a public-private initiative to generate aggregate case data.

“The main conclusion of the project was that there’s a huge lack of awareness and a huge lack of understanding of what may be happening in our households when we go with those devices,” Buil-Gil said. “Like with any technology, you have two types of users; you have the tech-savvy people that know they are exposing themselves to certain risks … But then you also have other types of users that are not aware of that at all, and that’s the worrying part.”

And the Internet-of-Things extends beyond the home. Another product that is increasingly being absorbed into the IoT is cars.

Speaking at the World Economic Forum in January, Qualcomm CEO Cristiano Amon said that “the car is becoming a connected computer on wheels.” Like cellphones, he said, “everything around us is becoming connected intelligence.”
According to Amon, the automotive industry is becoming part of the “industrial to digital transformation,” and increasingly, carmakers are partnering with tech companies such as Qualcomm and IBM. Tech visionaries say that computerized cars will be integrated into the cloud, where they can be monitored and controlled by a centralized network that can prevent collisions and manage traffic, but also do things like disable your car or even drive it away on its own if you’re overdue on payments.
Electric vehicles (EVs) are particularly internet-dependent for things like charging and location mapping to coordinate longer trips with charging stations. An IoT system for EV charging would integrate charging stations with mobile apps and a management platform that allows for the monitoring and tracking of EVs to help manage the electric grid in terms of supply and demand.
In addition, apps like Uber can track users’ location constantly, whether or not you are riding with an Uber driver. According to one Uber driver, the app routinely collects data on how many users are traveling on a given airplane and uses this data to alert drivers in the area when possible customers will be arriving at the airport.

FBI, CIA, NSA Use ‘Data Brokers’ to Surveil Americans

While corporations have taken a great interest in monitoring people’s behavior for advertising or sales, federal law enforcement and intelligence agencies have also become increasingly fixated on tracking the behavior of everyday Americans.
An internal January report by the Office of the Director of National Intelligence (ODNI) to National Intelligence Director Avril Haines, which was just declassified last week at the insistence of GOP House Representatives, detailed the routine purchasing of “commercially available intelligence” (CAI) on American citizens by America’s intelligence and law enforcement agencies. The report defines CAI as “information that is available commercially, through a commercial transaction with another party. The acquisition may occur on a one-time or subscription basis.”
Following a principle called the “third-party doctrine,” the Supreme Court set a precedent in the 1970s that, despite the Fourth Amendment’s prohibitions against searches by the government without probable cause of a crime and a search warrant, “there is no expectation of privacy in information voluntarily provided to others.” This includes information a person shares with a bank, phone company, internet service provider, and more recently the IoT.

The ODNI report states that the government has been buying CAI from “data brokers,” who “maintain large, sophisticated databases with consumer information that can include credit histories, insurance claims, criminal records, employment histories, incomes, ethnicities, purchase histories, and interests.”

The report notes the “potential for comparable abuse of CAI held by the IC [intelligence community]. In the wrong hands, sensitive insights gained through CAI could facilitate blackmail, stalking, harassment, and public shaming.”

Despite this, the ODNI report states, “CAI clearly provides intelligence value, whether considered in isolation and/or in combination with other information, and whether reviewed by humans and/or by machines. The IC currently acquires a significant amount of CAI for mission-related purposes, including in some cases social media data, [redacted], and many other types of information.”

The release of this information comes at a time when the FBI, the Justice Department, and American intelligence agencies are facing increasing criticism for allegedly abusing authority granted to them to surveil foreign terrorist suspects under the PATRIOT Act and the Foreign Intelligence Surveillance Act (FISA), in order to spy on U.S. citizens.

“The violations that we’ve seen have not just been epic in scale, but they’ve also been persistent, over and over again,” Jake Laperruque, a deputy director at the Center for Democracy and Technology (CDT), stated at a Cato conference on government surveillance.

“What we’re talking about is not just random typos or wrong clicks; we’re looking at things like pulling up batches of thousands of political donors in one go, without any suspicion of wrongdoing,” Laperruque said. “We’ve had reports of journalists, political commentators, a domestic political party; these compliance violations are the most worrisome type of politically focused surveillance.”

This has led some legal experts to call for new laws to protect Americans’ privacy, particularly regarding data collection.

Neil Richards, a Koch Distinguished Professor in Law at Washington University in St. Louis, Missouri, said “it’s shameful that we have not had meaningful privacy legislation to this point when … every other democracy and advanced economy in the world has something like this and the United States doesn’t.”

“I think it’s the responsibility of governments to inform citizens what they’re doing with our data,” Buil-Gil said. “We should be working toward a general understanding of data about ourselves, about our everyday activities, who is collecting that data, who owns that data. And legally, and also from an ethical standpoint, how it’s being used.”

Kevin Stocklin
Kevin Stocklin
Reporter
Kevin Stocklin is an Epoch Times business reporter who covers the ESG industry, global governance, and the intersection of politics and business.
Related Topics