The promise of smart thermostats has attracted many homeowners. The Nest home thermostat, the Honeywell, the Ecobee, and others are capitalizing on this interest. The industry is on the rise and this growth has attracted many companies to jump in. But unless customers demand strong privacy controls, their smart home thermostat may become a source of information for intruders.
Your Smart Thermostat Knows More Than You Suspect
Smart thermostats do more than help keep your home at the perfect temperature. These smart thermostats also help homeowners save hundreds of dollars on energy bills. The thermostat learns when you will be away and return, so you only use energy when you need it. You can also adjust the thermostat from an app on your phone. This allows you to remotely raise or lower the temperature if you are going to be away longer than planned. These advantages and conveniences are what make them so attractive to buyers.
These benefits may cause you to overlook the potential privacy concerns in using a smart thermostat. You don’t pass your banking password or email through your thermostat, so how much risk to your privacy can it pose? Smart thermostats can create a gap in your privacy security precisely because they learn about your habits and behavior.
Your thermostat learns when you will be home and when you will be away. The smart thermostat even learns when you go to sleep, and if that time is different on the weekends. The smart thermostat learns what your preferred temperature is while you are at home. This information reveals more about you than you might suspect.
Who Might Want Your Smart Thermostat Data
The data from your smart thermostat reveals trends about your life. Anyone with access to that data can figure out when you are home or when you sleep. As you can imagine, this information can be quite useful.
Hackers can use data about when you are away from home to know when to break into your house without fear of your return. By analyzing trends of when your thermostat changes, a thief could determine the best time to break in. A thief with access to these settings can know you are away from home and not returning soon.
Advertisers benefit from information about your activities as well. Some ads work better soon after you wake up, or later in the evening. By spotting trends in your smart thermostat controls, an advertiser could target their ads to you at the right moment. This can dramatically increase their odds of making a sale. Marketers know the value of this information and may try to tease the data from your smart thermostat. It might not seem like a big thing but you are, in a sense, being manipulated.
Company policies might change
Company server break-in
There is also a risk that hackers could break in and steal the data stored on the thermostat maker’s servers. Even secure companies such as banks suffer data breaches that expose private information. If your data is stolen from a company server, the breach of your privacy could be severe.
No smart thermostat maker has yet reported any breach in consumer data. Privacy experts agree, though, that in most cases a data breach is inevitable for any company. If the Pentagon can be hacked, no company is immune to a data breach. The safest policy is to treat your data as though you expect it to be compromised and take action from there.
How Can You Protect Your Privacy?
To get the most value from any information from your thermostat, an advertiser needs to be able to link it back to your profile. A thief looking to break in will need your location as well. Without linking the information back to you, your data is just so much random noise. One way to keep this information private is the use of a VPN.
Using a VPN
Connecting through a VPN secures your privacy by keeping your information online anonymous. Information going out from your device is encrypted and passed to the VPN server. That server is often used by hundreds of users at a time, keeping all their information anonymous. The server directs your information to its destination. Any data returning to you goes to the VPN server instead of directly to your device. This middleman technique makes it impossible for others to connect your online actions to your location or person.
While you cannot connect your smart thermostat directly to a VPN, a quality VPN service will often allow you to route all internet traffic in your home through the VPN server. Since your information is sent anonymously, determining the location of the smart thermostat becomes almost impossible without access to more information. Ultimately, the use of a VPN will render any data stolen from you or sold about you almost useless.
To learn more about the privacy features and other benefits of a VPN, check out our post on choosing the best VPN for your needs.