Now that we’re all connected all of the time through smartphones, tablets, watches, TVs and even kitchen appliances, concerns over data security and privacy have never been more pressing. We don’t all read the terms and conditions or make changes to the privacy settings in the devices and apps we use, nor do we check what smart-connected devices are up to in terms of transmitting the information. This could lead to our private information being sold, our identities being stolen in order to commit fraud and marketers finding more ways to target us with their advertising.

It may seem paranoid to suggest that your devices are spying on you, but this is a situation suggested by the findings of a new study on smart-connected devices in the home.

How many Internet of Things smart-connected devices do you have in your home?

A new piece of important research from Princeton University in the U.S. examined the kinds of data that might be revealed in normal homes using smart-connected devices. Researchers set up a test home for the experiment, which was connected to seven Internet of Things (IoT) devices, including indoor security cameras, smart light switches, sockets, and baby sleep monitors.

If you haven’t encountered it before, IoT is a term used to cover any device or sensor which uses the internet to operate, transmit information or communicate. A surprising number of devices in modern homes use the internet, from fridges to energy monitoring equipment such as thermostats. Research by Gartner estimates that by the end of 2017, there will be 8.4 billion such devices – an increase of 31% compared to last year. By 2020, we could see an enormous 20.4 billion IoT devices in operation.

ISPs could be using IoT devices to gather data

The Princeton team found that four of the seven IoT devices placed in their test home could be detected and identified by Internet Service Providers (ISPs). Features such as how they connect to the internet can help with this identification, and once ISPs know what the device is, they can use it to gather data on how and when someone accesses the connection. This data can be collated to build up a picture of our private internet habits, which could then be passed on to third parties and advertisers.

The picture is a little unclear regarding whether or not this is legal. The EU and UK are understood to be bringing in new laws to protect data gathered from Internet of Things devices, but under U.S. law – broadband providers appear to have free rein to sell or share these insights collected about your internet habits.

Commenting on the findings, the researchers said:

“The privacy threat of traffic metadata analysis will continue to grow along with the market for IoT smart home devices.

“In this paper, we demonstrate that a passive network adversary can infer private in-home user activities from smart home traffic rates and packet headers even when devices use encryption.

“Many commercially-available smart home devices do not function without network connectivity.

“This makes the smart home network metadata privacy problem unavoidable because these smart devices connect to the Internet.”

What use is this data?

You might think that it doesn’t matter if your broadband provider or other third party knows when and how often you access the internet. However, your privacy could be breached depending on the device you use to connect to the internet. For example, the study found that:

  • Sleep monitors can be used to track a user’s sleep patterns – knowing when you go to bed and get up can help advertisers to know the best times to target with advertising.
  • Motion-activated wi-fi security cameras could potentially alert ISPs when movement is detected – providing data on when you and your family are most active in the home as well as when you typically go to bed.

What can you do to protect yourself?

If all this sounds more than a little creepy, don’t panic. There’s no need to shut off your smart-connected devices and lock yourself in your bedroom. The research team at Princeton has a handy tip to help you defend against this kind of activity until it is made officially illegal.

They advise running your internet traffic through a Virtual Private Network or VPN. A clever feature of doing this is that you can request that the network records your internet history and plays back the same traffic whenever there is no activity (i.e. when you’re out at work or in bed). This can mask your habits and confuse your ISP so that no accurate patterns will emerge, but it does have the drawback of potentially slowing down your connection.

Other tips include:

  • Switching off internet-connected devices unless you need them running
  • Checking what devices do connect to the web – as some may surprise you
  • Take some time to review your privacy settings on the apps, websites, platforms and devices you use most often. Your phone, tablet and social media accounts are an excellent place to start. Spending just a few minutes could protect your private information at home and out and about.

Using bug detectors, you can check for other unwanted spying activity and secure your smartphone with the best smartphone security software. Online Spy Shop’s phone and tablet security section is a good place to start if you suspect that your settings aren’t as secure as they should be or that someone has gained unauthorised access to your phone. You can use security software to conduct deep-level cyber analysis to ensure your device is completely clean of malware, spyware and other malicious bugs and detect when someone is trying to eavesdrop on your calls remotely.