Your gadgets are spying on you, here’s how to catch them in the act

It’s now common knowledge that if you own a device, whether it’s a refrigerator or a smart TV, it collects information about you and sends it back to your home. It’s no longer controversial.

You can opt out in most cases, but how do you know if a device has actually stopped monitoring your activities? How do you know if a device that isn’t officially intended to collect and share data is doing so anyway? It’s not always easy or 100% reliable, but there are signs to look out for.

Your technology monitors more than you think

The companies that make our smart gadgets use all kinds of euphemisms for digital surveillance to make it more likely that you’ll click “I agree” when reading the privacy agreement. That is if you bother to read it. This is why it was possible for TV manufacturers to use technologies like ACR or automatic content recognition to blatantly spy on all your TV activities, without people realizing that they had actually agreed to it. Worse yet, it’s an opt-out system, meaning that if you don’t say “no”, the answer is considered “yes”.

Credit: Garrison Cianna / How-To Geek

Telemetry and analytics can include app usage, viewing habits, voice clips, location, and detailed metadata about other devices on your network. The signs that a device might be doing this are usually subtle, but it’s not the same as being invisible.

The subtle signs of silent surveillance

Often, detecting espionage is more about noticing a strange pattern over days, weeks, or months, rather than detecting simple dramatic evidence. Here are some general things to look out for:

• A battery-powered device drains its battery quickly and becomes unusually hot even when you do nothing on it.

• Network activity increases when leaving your home network from devices that do not need to communicate significantly outside of your local network.

• Advertising that appears to specifically reflect interactions you have had with a device for which you have not agreed to any data sharing.

• Permissions change after an update or after a certain period of time. Some manufacturers are sneaky and use updates or policy updates to reset your privacy options, or subtly make you agree to reset them without really knowing you’re doing it.

• Outgoing traffic lights from your router or ONT are flashing when you don’t expect it and you have no explanation for it.

Now, none of these are definitive, but they may indicate that you should investigate more closely what data is leaving your home network.

The Usual Suspects: Gadgets That Like to Listen

While any device with an internet connection is a potential snitch, some are more likely culprits based on how they work, what permissions they request, or simply their reputation for questionable privacy practices from obscure brands.

• Smart speakers and other devices with voice assistants that activate with a “wake word” are still listening and recording. Which means they have the potential to “accidentally” send that recorded voice data to a server somewhere.

• Smart TVs, which as I mentioned, usually have technologies like ACR enabled by default these days.

• Smart cameras and doorbells are notorious for this. Especially if it is a cheap model from an unknown brand, or even a counterfeit device.

• Mobile or Smart TV applications that request permissions that are too broad and have nothing to do with their main functions.

These are just the most likely in my opinion, but you should consider any networked device as a potential threat.

How to catch your devices in the act

Credit: Jordan Gloor / How-To Geek

You don’t need to be a network security expert to figure out when a device is doing something fishy – I certainly don’t.

These days you can use a tool like Wireshark to do a sophisticated analysis of your local network traffic, but the truth is that many modern routers have apps or interfaces that give you all the basic tools you need.

For example, my TP-Link Deco mesh router system displays my information on individual devices and even allows me to change their individual network permissions to make sure they aren’t sending any data anywhere I don’t like.

If you have a modern router system like this, you can find the devices you suspect are on its client list and then look at the data about its traffic. Does it send large amounts of data at frequent intervals? Is this expected behavior? Monitor frequent outgoing connections, large downloads, or connections to unknown domains.

You can usually block all outgoing traffic for a specific device on your router dashboard. Devices like smart TVs will obviously stop working if you do this, but a local IP camera that you only monitor from your local network or a smart light bulb has no reason to communicate with the outside world.

You should check all your app permissions and remove permissions from apps that don’t need them. Delete any apps you no longer use. You may need to do this again after a major operating system update.

Check your smart device menus for labels like “diagnostics,” “telemetry,” “enhanced product experience,” etc. Disable everything.

Lock down your digital life

If you think a device is sending data you don’t want, you have several options. For example, you can place your IoT devices on their own isolated network. There are different ways to do this, but many modern routers allow you to create a virtual network for a subset of devices. Change the default username and password on devices that can be logged in remotely, just for security reasons.

If the device you’re concerned about is from a well-known brand, you may want to research what specific privacy measures people have taken, or if there is evidence of real privacy issues with this device. If you have devices of uncertain origin, it’s honestly best to just disconnect them and replace them with something that’s a devil we know.