Beware, your home is spying on you - and Amazon Alexa is the most data-hungry

Smart house device illustration with app icons. Woman holding his smartphone with smart home app
(Image credit: Issarawat Tattong, via Getty Images)

In an ever-growing digital world, our houses, as well as our phones, keep getting smarter and smarter. More than 780 million people worldwide are expected to be part of this revolution by 2028. There's a catch, though; our privacy seems to be the price we pay for more convenience.

A new study conducted by Surfshark, one of the best VPN providers on the market, found that an average of 1 in 10 smart home apps uses your data for tracking. Unsurprisingly, Big Tech firms Amazon and Google top the list for the most data-hungry gadgets.

As Privacy Counsel at Surfshark, Goda Sukackaite explains, data collection isn't the only issue here. A home is the private space par excellence, where intimate aspects of our lives take place. "If mismanaged, [data collection] could lead to data theft, security breaches, and the unsanctioned, uncontrolled dissemination of personal information to third parties," said Sukackaite. "Users must be made aware and given the means to reclaim their digital privacy."  

Privacy or convenience?

Surfshark's Smart Homes Privacy Checker investigates 290 applications connected to over 400 Internet of Things (IoT) smart home devices. The most popular entries from over 64 device types were selected, ranging from security cameras to robot vacuum cleaners. Researchers examined 32 potential data points across 12 categories for each smart home gadget, emphasizing user uniqueness, tracking, and linkage.

The widely used Amazon Alexa was the most data-hungry device, collecting 28 out of 32 possible data points. "That's more than 3 times more than the average smart home device," noted researchers, adding that all the collected data, such as location, contact details, and health data, is linked and associated with a specific user profile. 

Worse still, Amazon can use other data to trace the four uncollected data points. For instance, Alexa does not record browsing history, but does record search history. Likewise, while fitness data remains private, the same can't be said for the health data linked to it.

Google is Amazon's closest competitor, gathering 22 out of 32 potential data details while linking all collected data back to you. Surfshark reports address, precise location, photos, videos, audio data, browsing, and search history as the most notable collected data points. 

"The extensive collection of such data can be concerning because it may compromise user privacy and potentially be exploited for targeted advertising, surveillance, or even malicious purposes if it falls into the wrong hands," the provider explains.

The Keurig coffee machine app placed as the third most data-hungry device, recording 19 out of the 32 data points analyzed. This is still more than double the average for popular smart home tools. Again, Keurig linked all data gathered back to you.

Outdoor security cameras are also among the devices that collect most of your data—12 data points, linking seven of those right back to your identity. The Deep Sentinel and Lorex apps are especially active when it comes to data collection.

Another worrying finding is that 12 of the 290 analyzed applications have not updated their data collection practices for at least a year. These include MekaMon and Cozmo which handle sensitive information, such as precise location, photos, videos, and audio recordings. According to Surfshark, all this raises concerns about transparency and compliance with privacy laws.

Applications may use the data collected to track you down across the internet and show you targeted ads. They may also share your personal information with third-party services and data brokers.

"In such instances, you effectively pay twice for those Internet of Things (IoT) apps: initially for the device and subsequently with your data, which might be monetized," Surfshark pointed out.

How to stay safe

While you might not be willing to renounce your smarter home and all its gadgets, you can still join the tech revolution without completely giving up on your privacy.

Commenting on this, Sukackaite said: "Individuals should actively seek out and utilize privacy settings, question and manage app permissions, and stay informed about the data security policies of the smart home devices they choose to integrate into their lives."

Start by avoiding notorious data-hungry devices such as Amazon or Google's gadgets whenever possible. Ask yourself: do I really need this? If yes, is there a more private alternative I can use instead?

Another crucial step is to go through the applications' privacy settings. As a rule of thumb, you should grant only the permissions necessary for the app to execute its functionality. Ensure that you disable access to microphones and cameras unless strictly necessary.

To guarantee maximum security, you should also regularly update your apps as soon as a new version is available. Developers use updates to fix bugs and vulnerabilities that hackers might otherwise exploit. Secure your Wi-Fi network with a strong password and enabling two-factor authentication to protect your accounts is also recommended. 

A VPN, short for virtual private network, is also handy for protecting your smart home against cyber attacks, as it encrypts internet connections to prevent unwanted access. It's worth noting, though, that to secure your smart home devices you need to install the VPN software on your router or get one of the best built-in VPN routers.

In case you want to take more agency over your information already out there, Surfshark also recommends using services like Incogni to help you delete your data from data brokers and get back your privacy.

Chiara Castro
Senior Staff Writer

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to