It’s not uncommon to have your data gathered and shared by smart devices. Part of what makes them “smart” is that they are built to help automate your home or other parts of your life.
But while most of us expect our smart speakers or the apps on our phones to gather data, we may not put much thought into other smart devices we use. After all, how much data can a smart thermostat, robovac or smart plug gather on you? To buy or not to buy: Hot tech products that put your privacy at risk
Well, if we’re talking about smart vacuums, it turns out that the answer is a lot. A new report highlights how much data robotic vacuums actually share about you, and if you’re using one to keep your home tidy, you need to know the details.
Here’s the backstory
As part of Consumer Reports’ Digital Lab initiative, researchers recently evaluated robotic vacuums to find out how much data these devices were gathering and sharing about the consumers who use them. They assessed robotic vacuums on more than 70 indicators, including the following data security and privacy measures:
- Initial security measures such as encryption
- Other security features, like two-factor authentication
- Automatic software updates
- Email notifications for user logins from new email addresses or IPs
- Privacy setting options
- Publicly available documents, such as privacy policies and terms of service, to see how manufacturers collect and use your data
Of the robovacs that were Wi-Fi-connected, researchers noted that none had any major issues with keeping your privacy and security safe. That said, none were great, either. Here’s how they ranked.
How robovac brands rated
These brands were the clear winners when it came to privacy and security. Still, it’s important to note that some robovac ratings were scored lower during the study due to vague data privacy policies or other less-than-transparent information available to consumers.
The ratings were broken into two different categories: data security and data privacy. Here’s how they compare.
1. Data security ratings
iRobot: Excellent rating
iRobot was the only robovac brand to earn an excellent rating for its data security measures.
- The standout features were the encryption in place and the regular updates issued to patch software vulnerabilities.
- The internal policies limit and monitor any employee access to user information.
- The company also invites outside security researchers to monitor its products for vulnerabilities.
Samsung, Ecovacs and Shark: Very good ratings
All three of these robotic vacuum brands earned a Very Good rating for data security.
- The main issues were that the brands did not disclose enough information about limiting and monitoring employee access to user information.
- The other issue was that Ecovacs and Shark don’t have a program in place for security researchers to report bugs or vulnerabilities.
- All three did meet at least two of the following requirements for passwords: they must be at least 8 characters (up to 20), reasonably complex and may contain special characters.
2. Data privacy ratings
Ecovacs, iRobot, LG, Neato, Samsung and Shark: Good ratings
All five of these robovacs earned good ratings for data privacy.
- These vacuums provided more details about their privacy policies than other brands.
- Each of these vacuums allows consumers to request the information that’s collected about them.
- None allow consumers to obtain all of their private and public data, which affected their rankings.
- Few do a good job of updating consumers about changes to their privacy policies, which also affected the rankings.
Eufy: Fair rating
Eufy scored just fair in data privacy ratings, which is the lowest of the list’s vacuums. According to the report, Eufy had the least amount of information available to consumers about privacy protection measures.
How to limit your robovac’s data sharing
To avoid any headaches, you should ensure that any smart tech that gathers and shares your data, including your vacuum, is as secure as possible.
To do this:
- Adjust the privacy settings for your device via its app to limit any data sharing.
- Use two-factor authentication when available to help secure your account with an extra layer of protection.
- Be sure to download any updates or patches as soon as possible to limit vulnerabilities.
- Use strong, unique passwords on all of your accounts.
The bottom line
While privacy issues with robovacs aren’t as serious as they are with other tech devices, it’s still important to note there are vulnerabilities with these devices. Any tech device that gathers and shares your data needs to be secure, so make sure you take the time to secure your robovac and other tech. Use strong passwords, download patches and updates and use 2FA when possible to keep your data private.