Our homes seem to grow “smarter” by the day. Gadgets can now dim our lights, scoop cat poop, track when eggs will expire, and even check for wet baby diapers. While these gizmos can certainly make life more convenient, they also entice hackers. That’s because smart devices typically connect to Wi-Fi, which means people can hijack the network and your precious, often intimate data that lives on it.
But a recent incident suggests an entirely new threat that receives far less attention: the companies that make these devices. This past May, a Microsoft engineer named Brandon Jackson claimed he was suddenly locked out of his Amazon account and encountered a “house full of unresponsive devices, a silent Alexa, and a lot of questions.” Jackson assumed that someone had tried to log in to his account multiple times with the wrong password, but he couldn’t find any evidence for this explanation.
After he reached out, Amazon told Jackson that a delivery driver “reported receiving racist remarks” from his smart doorbell—and before the company could investigate this claim, he lost access to his Echo devices controlled via Alexa.
ADVERTISEMENT
Ultimately, Amazon found that Jackson wasn’t in the wrong. “We work hard to provide customers with a great experience while also ensuring drivers who deliver Amazon packages feel safe,” an Amazon spokesperson told The Daily Beast. “In this case, we learned through our investigation that the customer did not act inappropriately, and we’re working directly with the customer to resolve their concerns while also looking at ways to prevent a similar situation from happening again.”
The mishap suggests that companies could continue to remotely shut off customers’ smart gadgets for any reason, a symptom of the cloud service-dominated tech industry that has enabled tech giants to further tighten their grip on consumers over the past few years. Users likely get kicked out of software on a daily basis—but this doesn’t typically receive the level of attention attracted by Jackson’s case, Jathan Sadowski, a research fellow in the Emerging Technologies Research Lab at Australia’s Monash University, told the Daily Beast.
“I would totally expect this kind of thing to happen a lot more,” Sadowski said. “People are constantly locked out of software that they use, for reasons that they have no real transparency about and no obvious appeal mechanisms for.”
Locked Out
If you happen to get kicked off your smart device, you might not have any legal recourse, according to Sadowski. Given the monopolies held by a handful of businesses that dominate our homes, this may prove particularly concerning.
“The idea of locking somebody out without a proper investigation, whatever that means, is the prerogative of a private corporation,” Sadowski said. “There’s no due process here that they have to follow in the legal sense… Nobody is innocent until proven guilty in the court of Amazon.”
In fact, he said that companies likely find smart devices valuable not necessarily due to the products themselves, but for the profitable information they collect. After all, Amazon uses Alexa data to target users with ads.
So, what happens if Alexa hears someone bad-mouthing the company? Could the “court of Amazon” throw them in device jail? Thousands of Amazon employees listen to our conversations to improve Alexa’s performance, as reported by Bloomberg News in 2019. It’s easy to see how they could shut off all our devices if they hear us say something they don’t like.
However, Sadowski said it’s unlikely that businesses will track our words so closely because that would involve “looking for a bit of little signal through a lot of noise.” However, these companies already infer what we think of a product by combining all the seemingly harmless information they collect on us, he explained, including the types of items we buy, the content of our online reviews, and what we post on social media (a process known as sentiment analysis).
For now, tech titans pose a more immediate threat by handing over data gleaned from smart devices to law enforcement. Judges have ordered Amazon to offer this information in multiple murder investigations in recent years (though in 2018 the company refused to voluntarily give up certain information to protect consumer privacy). It’s also possible that devices like Alexa could clue law enforcement into, for instance, people moving about or leaving their homes to seek unlawful abortions or attend protests.
“A court might order the information from a company that knows about whether a light has been turned on or off,” Bill Budington, a senior staff technologist at the digital privacy nonprofit Electronic Frontier Foundation, told The Daily Beast. “You can see this in the context of overzealous prosecutors in states which have outlawed abortion.”
Beyond collaborating with law enforcement, tech companies can also help landlords target low-income residents. In 2019, a smart intercom company called Teman boasted to New York landlords that its technology could help them avoid rent-control regulations with certain spying strategies. For example, Teman claimed that its GateGuard intercom could snap an image of every building visitor to catch illegal sublets or Airbnbs.
And as the EFF points out, landlords could use smart locks to hunt for other minor lease violations, such as letting a guest stay slightly longer than a lease allows, or even to shut out tenants without notice.
We’re also subject to product updates or failing businesses that could leave us in the (literal) dark. Last year, a company called Insteon that sells internet-connected products such as lights and thermostats faced financial troubles and suddenly ceased service without warning customers. This situation is more likely with smaller, more vulnerable companies, Budington said.
But large corporations can decide to stop supporting software updates on older products. Just as older phones eventually reject new software updates and conk out, “there’s no reason why it wouldn’t happen with smart light bulbs,” Budington explained.
Smarter Set-ups
For those of us who can’t give up our phone-powered bulbs or voice assistants, Budington and Sadowski suggest a more secure alternative. You can avoid connecting your tech to Wi-Fi (and company cloud servers) by creating a local network for smart devices. This set-up requires a computer like a Raspberry Pi and software such as the open-source Home Assistant to link and manipulate your various smart gadgets. You you can also opt for Hubitat, a device that comes ready with its own software. (You can learn more about the local hub process here on EFF’s website).
This alternative is worth the extra work, according to Budington. The DIY smart home setups may prove less convenient than Amazon or Google hubs, but they “still have some of that convenience, if not all of it, without making those [privacy] trade-offs,” he said.
The risks inherent in smart home environments point to a broader issue in the tech industry. Remember when you could simply buy Microsoft Word or Photoshop for a single cost, instead of forking over money for them every month? In recent years, scores of tech companies have decided to shift toward subscription-based cloud products rather than trying to squeeze profits from one-time purchases. Companies claim this model is cheaper, easier to scale up, and more appealing for investors.
However, cloud software also gives companies the power to shut off or modify a number of machines we use in our daily lives, from home assistants to vehicles. For example, John Deere has long added software “locks” to its tractors, so farmers can’t repair them themselves and must pay authorized dealers (an issue that the company claims they’re now addressing). And this past February, Ford filed a patent for a system that can lock people out of cars for missed payments and even autonomously maneuver vehicles to the junkyard, The Drive reported.
Essentially, companies now act as digital “landlords” and aim to maintain control of products long after the initial purchase, according to Sadowski. Beyond a shut-off Alexa, this dynamic could have significant impacts on our overall autonomy in a world already dominated by big tech.
“We don’t think about things like cars as a piece of software that we're driving around, but that’s exactly how manufacturers do,” he said. “This is the kind of expansion and encroachment of this platform business model far beyond Alexa and into everywhere else in our life—where it actually has a lot more material consequence.”