Smart speakers, thermostats, doorbells, and appliances in the average connected home generate detailed behavioral profiles that reveal sleeping patterns, daily routines, health status, and household composition. Research published this week found that data from smart home devices is shared with an average of 14 third-party companies per device, many of which are unknown to the consumer.
New state privacy laws in California and Virginia give consumers the right to request deletion of their smart home data, but enforcement is sporadic. Security researchers have also documented dozens of cases where smart home devices contained exploitable vulnerabilities that allowed unauthorized access to camera feeds and microphones. Consumer advocacy groups are pushing for federal standards requiring security certification before connected devices can be sold.
