Tips & Tricks

Smart Home Privacy: What Your Devices Know About You

By KP August 5, 2023
Smart Home Privacy: What Your Devices Know About You

Every time I mention smart speakers to certain friends, I get the same response: "I don't want Amazon listening to everything I say." The irony is that these same people carry smartphones with always-on microphones, use Gmail, and have Ring doorbells on their porches. Privacy isn't binary — it's a spectrum of tradeoffs.

That said, it's worth understanding exactly what your smart home devices collect. Not to be paranoid, but to make informed choices about which tradeoffs you're comfortable with.

What Amazon Knows

When you use Alexa, Amazon records and stores your voice commands on their servers. You can review these in the Alexa app under Settings > Alexa Privacy > Review Voice History. If you haven't looked at this before, go check — you might be surprised how many recordings are there.

Beyond voice, Amazon collects:

  • Every routine you run and when you run it
  • Device usage patterns (when you turn lights on/off, lock doors, adjust thermostats)
  • Music and media preferences
  • Smart home device states and history
  • If you have Ring: video footage, motion events, and doorbell presses

Ring's relationship with law enforcement has been particularly controversial. Until early 2023, Ring would hand over video footage to police without a warrant in "emergency" situations. After public pressure, Ring changed this policy and now requires a warrant or the user's explicit consent for all law enforcement requests. That's progress, but the fact that it took public outrage to get there is worth noting.

What Google Knows

Google collects similar voice data to Amazon — your interactions with Google Assistant are recorded and stored. The difference is that Google also integrates this data with your broader Google profile. Your smart home usage data sits alongside your search history, location history, YouTube watch history, and Gmail data. That's a more complete picture of your life than any other company has.

Google's Nest cameras store footage in the cloud (with a Nest Aware subscription), and Google has access to this data. Nest thermostats learn your schedule and know when you're home or away. Nest Protect smoke detectors know your home's layout. It adds up.

On the positive side, Google provides decent privacy controls. You can auto-delete voice and activity data on a rolling basis (3 months, 18 months, or 36 months), and you can review and delete specific recordings at myactivity.google.com.

What Apple Knows (Much Less)

Apple takes a fundamentally different approach. Siri voice processing happens on-device for most requests — your audio isn't sent to Apple's servers unless it can't be handled locally. HomeKit data is end-to-end encrypted. Apple doesn't build an advertising profile from your smart home usage.

This comes with real tradeoffs. Siri is less capable than Alexa or Google Assistant because it has less data to learn from. HomeKit device support is more limited. But if privacy is your top priority, Apple is the clear winner among the big three.

The Smart TV Problem

Your smart TV might be the most invasive device in your home, and most people don't realize it. Most modern TVs use ACR (Automatic Content Recognition), which essentially takes screenshots of what you're watching every few seconds and sends that data back to the manufacturer. Samsung, LG, Vizio, and Roku TVs all do this by default.

This data is used for targeted advertising and sold to data brokers. Vizio paid a $2.2 million FTC fine in 2017 for collecting viewing data without consent, and yet the practice continues industry-wide — they just added it to the terms of service.

You can usually disable ACR in your TV's privacy settings, but manufacturers bury these options and sometimes reset them after firmware updates. Check your TV's settings for options labeled "Viewing Information Services," "Live Plus," "ACR," or "Personalized Advertising."

Camera Cloud Storage: The Biggest Risk

Cloud-connected cameras are probably the highest-stakes privacy consideration. You're sending video footage of the inside and outside of your home to someone else's servers. Breaches have happened — Ring had credential-stuffing attacks in 2019-2020, and Wyze accidentally exposed customer data in 2022.

If camera privacy concerns you, local storage and processing options have gotten much better:

  • Frigate NVR: Open-source NVR that runs on a local server. Supports AI object detection (person, car, animal) using Google Coral TPU. No cloud required. Free.
  • Scrypted: Local video management with HomeKit Secure Video support. Your footage stays on your Apple TV or HomePod hub, encrypted end-to-end.
  • UniFi Protect: Ubiquiti's camera system stores everything on a local NVR (UniFi Dream Machine or NVR). No subscription fees, no cloud dependency. The hardware investment is significant ($200+ for the NVR, $100-300 per camera), but ongoing costs are zero.
  • Eufy cameras: Local storage to a HomeBase unit. Eufy had a controversy in late 2022 when it was discovered that "local only" cameras were actually sending thumbnails to the cloud, but they've since addressed this.

Practical Privacy Steps

You don't have to throw out all your smart devices. Here's what I actually recommend:

1. Review and Delete Voice History

Go into the Alexa app or Google's My Activity page and review what's been recorded. Set up automatic deletion on a rolling schedule. Both platforms offer this — use it.

2. Segment Your Network

Put IoT devices on a separate VLAN or at minimum a separate WiFi network. This prevents a compromised smart bulb from being a gateway to your personal computers and phones. Most modern routers support guest networks — that's a simple starting point.

3. Use Local Processing Where Possible

Home Assistant running locally gives you smart home control without sending data to any cloud service. Combine it with Zigbee/Z-Wave devices (which communicate locally, not through the cloud) and you have a genuinely private smart home. It requires more setup, but the privacy benefits are real.

4. Read Privacy Policies Before Buying

I know nobody actually reads these, but at least scan the data collection section before adding a new device to your home. Mozilla's "Privacy Not Included" guide (foundation.mozilla.org) rates smart home products on privacy and is a great quick reference.

5. Disable What You Don't Use

If you don't use voice purchasing on Alexa, disable it. If you don't need your TV to recommend content, turn off ACR. If your robot vacuum has camera-based mapping, check whether it uploads maps to the cloud. Every feature you disable is data you keep private.

6. Use Strong, Unique Passwords and Enable 2FA

Most smart home "hacks" are actually credential-stuffing attacks — attackers use leaked passwords from other breaches. Use a password manager, enable two-factor authentication on every smart home account, and you'll avoid the vast majority of security issues.

The Bottom Line

The convenience-privacy tradeoff is deeply personal. I use Alexa, Google Home, and cloud cameras in my own home because the convenience is worth it to me — but I also segment my network, auto-delete voice recordings, and use local processing for my most sensitive automations through Home Assistant.

The goal isn't to be paranoid. It's to be informed, make deliberate choices, and take the easy privacy wins that don't cost you any convenience. Most people will land somewhere in the middle, and that's perfectly fine.

Related Articles

Written by KP

Software engineer and smart home enthusiast. Building and testing smart home devices since 2022, with hands-on experience across Home Assistant, HomeKit, and dozens of product ecosystems.

More about KP