Smart Home

The most privacy-respecting option is to not use "smart" Internet-connected devices in your home. However, since we do use them, it is important to fully understand the risks associated with any given product before buying it. The following checklist will help mitigate the risks associated with "smart" devices.

0 out of 9 (0%) complete, 0 ignored

Done?	Advice	Level	Details
Ignore	Understand Alexa/Google Home/Siri risks	Essential	Voice assistants (such as Google Home, Alexa, and Siri) and other Internet-connected devices collect large amounts of personal data (including voice samples, location data, home details, and logs of all interactions). Since you have limited control over what is being collected, how it's stored, and what it will be used for, this makes it hard to recommend any consumer smart-home products to anyone who cares about privacy and security.
Ignore	Rename devices and update passwords	Essential	During or after the first setup, change default device names. Do not include any personal identifiers, and do not specify brand/model to prevent targeted attacks. Update PIN codes and passwords from the defaults. Save all updated information to your password manager.
Ignore	Build a self-hosted smart home	Essential	Home Assistant is a recommended open-source solution for building a smart home, supporting thousands of integrations by hundreds of active contributors. Using it as the core of your setup will guarantee longevity and privacy.
Ignore	Understand what data is collected, stored and transmitted	Essential	Research and ensure comfort with the data handling practices of smart home devices before purchase, avoiding devices that share data with third parties, or don't have hardware switches to turn off microphones and cameras at will.
Ignore	Adjust privacy settings and opt out of sharing data with third parties	Essential	Adjust app settings for strictest privacy controls and opt-out of data sharing with third parties wherever possible. Pay attention to default checkboxes on sign-up. Consider using a fake name and a forwarder email address; your vacuum cleaner doesn't need to know real ones. Avoiding sign-up/log-in via social media or other third-party services to maintain privacy.
Ignore	Keep firmware up-to-date	Essential	Regularly check for updates to smart device firmware to apply security patches and enhancements. Lack of updates for years means no one cares about it anymore. If there is no alternative open-source firmware, you should prepare to follow the "planned aging" decided by the manufacturer – and avoid purchasing any new hardware from them.
Ignore	Don't connect everything in your home to the Internet	Essential	Evaluate the risks of internet-connected thermostats, alarms, and detectors due to potential remote access by hackers. If you are building your smart home, select devices that communicate using Zigbee, Thread, or BLE (Bluetooth Low Energy) with a local gateway you control. Controlling your smart LED light through a server in China is wrong, slow, and insecure (yes, Xiaomi, we are looking at you!).
Ignore	Be wary of wearable devices	Optional	Consider the extensive data collection capabilities of wearable devices and their implications for privacy. Often these devices offer to share your every activity with "friends," which sometimes means anyone interested in tracking where and what you do. Even if sharing is off, some devices would respond to Bluetooth requests, allowing to track your presence.
Ignore	Monitor your home network closely	Optional	Use tools like Zenmap, Fing or router features to monitor for unusual network activity.