More people are filling their homes with smart devices without giving a second thought to who is capturing information about them or who they will share it with next.
This is a guest post by Solana Larsen, Editor of the Mozilla Foundation’s Internet Health Report. All views expressed are Solana’s own, and not necessarily shared by Which?.
It’s the holiday season, and we can expect that many of the gifts unwrapped this year will be ‘smart’ things that connect to the internet or can be controlled by an app on a phone.
The best known of these are probably smart speakers like the Amazon Echo or Google Home. But this is just the tip of the iceberg.
Among the products joyfully marketed by retailers, will be everything from smart scales to cat litter trays. Meow!
There is a lot that is fun about the idea of the ‘smart home’ and connected gadgets and robots that cater to our whims. But there can be a dark side too.
Watched in your own home?
While the variety of smart devices on offer is rapidly increasing, so are the number of products that pay no heed to even basic security measures.
For instance, some don’t require strong passwords, making it easy for them to be hacked or controlled by strangers. And privacy? Even big companies who do security well are among those who most disregard it.
Now that more and more companies collect personal data about you, including audio and video of your family, and sensitive biometric and health information, like your heart rate and sleeping habits, it’s worrying that more are not upfront about the privacy and security of their products.
To address this, we at Mozilla publish a ‘*Privacy Not Included’, buyer’s guide every year to assess whether popular smart devices meet our five Minimum Security Standards. This year, we examine 76 popular products, and encourage you to judge for yourself what you think.
It gets creepy
What we’ve found is that while many of the most popular devices are becoming more secure, there are still a lot with worrying and potentially dangerous flaws.
For example:
- New types of smart devices like doorbells, which have been criticised for lack of encryption, security vulnerabilities, and privacy issues.
- Fitness trackers designed for kids as young as 4 years old, raise questions about what we are teaching our children about how much digital surveillance in their lives is normal.
- A whole range of pet-focused products entering homes are disturbingly weak on both privacy and security.
Recently Which? released its own investigation into cheap security cameras which showed how this whole category of products has its own similar problems.
What we can do
To explain why privacy and security is such a challenge in the market for connected devices, and offer advice on what can be done, Mozilla’s Internet Health Report has released a special edition as a companion to the buyer’s guide this year.
It’s based on conversations with dozens of experts, most of whom hesitate to recommend products. We also talk to developers of more secure and private alternatives around the world, and get their take on what needs to happen.
Our findings: we could do a lot to correct course.
For example:
- Start rating products on their privacy and security. Wherever we rate the price and performance of products, let’s start rating them on privacy and security too.
- Push for better privacy laws and regulations. In Europe, and beyond, we need to urge politicians to pass robust data privacy regulations — and enforce them!
Read the full Internet Health Report article “How smart homes could be wiser.”
Clearly it makes sense to do some research before you buy, whether for yourself, or as a gift.
Just because something on your wishlist this year connects to the internet, doesn’t mean you have to compromise on privacy and security.
This was a guest post by Solana Larsen, Editor of the Mozilla Foundation’s Internet Health Report. All views expressed are Solana’s own, and not necessarily shared by Which?.

Do you own any smart devices like those examined in the guide, or are you considering them as gifts? Have you ever considered the security and privacy settings? Does the way they can gather your information change your feelings about them?
Tell us your story in the comments.