This App Tells You When Nearby Smart Devices Are Snooping on You

By Shoshana Wodinsky on at

The devices we use every day are increasingly voice-controlled or internet-connected, even if they probably shouldn’t be. If you’re also one of those folks that’s morbidly curious about which of these devices are hiding behind bullshit privacy policies to collect reams of data on you, there’s now a handy app for that.

Enter the Internet of Things Assistant, released yesterday by a team of researchers at Carnegie Mellon University. The pitch, as the team puts it, is to pinpoint which smart devices are immediately in your vicinity and spy back:

Consider public cameras with facial recognition and scene recognition capabilities, Bluetooth beacons surreptitiously tracking your whereabouts at the mall, or your neighbour's smart doorbell or smart speaker. The IoT Assistant app will let you discover the IoT devices around you and learn about the data they collect.

After downloading the app myself, I was able to spot a handful of smart camera companies collecting “visual” data from passers-by on the street, all within a few blocks in midtown Manhattan. The app also let me know that this data is “identifiable,” while also letting me know that it’s being collected for “unspecified” reasons. Fun!

Screenshot: Gizmodo

The Carnegie Mellon team can tip you off about other kinds of data collection too – audio data that’s collected from smart speakers, for example, or “presence data” that could be collected by a beacon in a given storefront. If the device offers a ready way to opt-out of that data collection, this app will help you access those choices – if they choose to offer it. It's worth noting that if you use this app in the US, thanks to the kind of wiggly language of American privacy laws, some companies (like the camera companies pictured above), can weasel out of their opt-out requirements.

While the app’s a great step forward for data awareness, there’s a certain amount of irony that comes with downloading an app to manage this collection in the first place – especially when apps don’t have such a stellar reputation on the data-privacy front. And while an initial scan of the network traffic of the IoT Assistant app didn’t turn up anything fishy, there’s certain parts of the privacy policy – particularly the app’s funding from DARPA’s Brandeis program – that certainly did. As the policy states:

The Federal government offices that oversee the protection of human subjects in research will also have access to research records to ensure protection of research subjects. The research sponsor (DoD and NSF) representatives are authorised to review research records.

So while the app might make for a handy download for the privacy-savvy among us, it also comes with the possibility that its profile of you could be used to power the research of the military industrial complex. Not the best tradeoff, but, uh, it could be worse?

Featured image: Getty