New privacy concerns aren’t limited to smart TVs and phones. Seemingly innocent everyday items are also presenting new threats to our personal privacy.
Case in point, a Canadian sex toy manufacturer agreed to hand over $4 million to settle a privacy lawsuit last week after a customer discovered its Bluetooth controlled, app-connected vibrator secretly collected highly sensitive personal data, right down to the date and time the device was used.
A week prior, WikiLeaks claimed powerful surveillance tools once held deep inside the CIA could be designed to turn any connected device — smart TVs, phones, and even cars — into tools to spy on their owners. And while it’s hard to imagine the CIA would want to spy on the average person, let alone the average Canadian, it’s important to remember hackers have been targeting so-called smart devices for years.
As former Ontario Privacy Commissioner Ann Cavoukian puts it, “Beware of all things smart, in terms of TVs and smart fridges and all that kind of stuff.”
So, in a world where even the most private of devices offer internet-connected features, how do you protect your privacy in your own home?
Take the old school approach, put some tape over your webcam
Long before there were web-connected TVs to toy with, hackers began taking control of computers, baby monitors and gaming systems, often spying on their victims using the webcam attached to the device.
One do-it-yourself trick users have often turned to is covering their computer or gaming system’s built-in webcam with a piece of tape – that way, if hackers gain control of your device and are able to access the webcam, they aren’t able to see much of anything.
WATCH: Netflix hack compromises couple’s privacy. Tech reporter Nicole Bogart explains.
Even FBI director James Comey has recommended users tape over their webcams for their own protection. Facebook CEO Mark Zuckerberg does the same.
Consider disabling the voice assistant on your phone
If all of this data collection talk is making you uncomfortable, you might be feeling increasingly suspicious of your most-used device – your smartphone.
Android, Apple and Windows phones all feature useful voice assistants; however, they can easily be disabled if you choose.
iPhone users can disable Siri by going to Settings and selecting Siri. You can choose to disable Siri altogether or turn off the “Hey Siri” feature, which allows you to speak to Siri at any time without having to touch the home button.
Android users can turn off Google Assistant by holding down the home button and tapping the “…” (more) symbol and turning the Google Assistant switch off.
Windows Phone users can turn off Cortana by selecting the virtual assistant app in the app list and turning the Cortana switch off.
Disable any data and voice tracking features on your smart TV
It’s not just hackers and authorities who can track your data. In February, The Federal Trade Commission fined TV maker Vizio US$2.2 million for monitoring the content users watched without their consent and selling the data to advertisers.
WATCH: Samsung Smart TV’s causing concerns about privacy
Some users pointed out the fine print read the voice recognition system may “capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features.” However, Samsung later said the gadgets only record voice commands and searches, not entire conversations.
Still, privacy experts like Cavoukian recommend pulling out your smart TV’s manual and exploring what data tracking features you can opt-out of.
For the very privacy conscious, you might consider disconnecting your TV from the internet altogether.
Change the default password on any smart home device (if you can figure out how)
The easiest way to protect your smart devices from hackers is to change the admin password associated with the device — and make sure it’s hard to guess (i.e. don’t just change it from “admin” to “password”).
However, some security experts have raised concerns smart devices, like home security equipment, make it hard for the average consumer to figure out how to change password information.
“The issue with these particular devices is that a user cannot feasibly change this password,” Flashpoint security expert Zach Wikholm told KrebsOnSecurity. “The password is hard coded into the firmware, and the tools necessary to disable it are not present.”
One thing you can do is change the password on your home router in order to better protect the devices using your home Wi-Fi connection.
You should also make sure your router has the latest firmware update installed — you can check for any updates by going to the manufacturer’s website (Nexus, D-Link, etc) and check for any available downloads.
Of course, every smart home device is different, so check with the device manufacturer for information on changing the default password.
Practice good password security, while you’re at it
Stay away from easy-to-guess passwords like “1,2,3,4″ or “Password” and easy to guess identifiers like your dog’s name. It’s also important to try to have a different password for each of their online accounts, as confusing it can be to remember them all.
Passwords that use up to ten upper- and lower-case letters mixed with numbers are proven to be more secure. One tip is to construct a password from a sentence, mix in a few upper case letters and a number – for example, “There is no place like home,” would become “tiNOplh62.”
Numbers included in a password should never be something easy to guess based on the user.
That means your age, the current year, or your address are not good choices.
WATCH: How to avoid using the most insecure passwords on the web
Similarly, the longer the password the better.
If you are having a hard time remembering your passwords, you could try using a password organizer app or program (one that is secure) to keep track of hard-to-remember passwords.
Another way to ensure better security on your online account is to enable two-step authentication on sites that allow it. Many websites allow users to set their accounts so that a text message containing a secondary login code is sent to their phone every time they log in to their account.