By: Jennifer Schmidt

This past month, smart technology has made headlines for breaching the privacy of those who own it. In July, the iRobot’s smart vacuum “Roomba” made headlines because of a CEO’s vague statements alluding to a potential sale of user data to third parties. The data collected by these wifi-connected vacuums includes square footage of homes, the amount of furniture in each room, and possibly even the type of furniture. This means that this data could be used to provide even more targeted advertising to owners of smart tech. For example, if a Roomba is able to detect that there is a child’s room within the home, perhaps by bumping into a crib multiple times, then it could advertise products to the consumer that may be completely unrelated to the home such as minivans or car seats. The Roomba uses this technology and wifi capability to create an “anonymous” profile for each user which it can then use to pick advertising that would specifically relate to the individual. Furthermore, in addition to the wifi connectivity, Roomba can pair with other smart tech such as Amazon’s “Alexa” in order to cross-device track and create an even more comprehensive “anonymous” profile. Now each corporation has the capability to collect even more data on a user than they would have had access to previously. While this type of advertising could be useful, it has the potential to breach serious privacy concerns for individuals. For example, what happens when a person sells their home to another? This user data that has been collected by these products does not change or disappear when an owner sells their home. Now, the company, and any other third parties who they have sold this information to, will have data on the square footage of the home. These new homeowners have not consented to this data breach and may not even be aware of the fact that this information exists in a company database.

The Supreme Court has upheld the reasonable expectation of privacy in one’s home against governmental searches, but what happens when the search is conducted by a company to which you purchased a product as a consumer in the stream of commerce? In Katz, the Court ruled that, “what a person knowingly exposes to the public, even in his own home or office, is not a subject of Fourth Amendment protection. But what he seeks to preserve as private, even in an area accessible to the public, may be constitutionally protected.” Katz v. United States, 389 U.S. 347, 351. Under this logic, when a person knowingly brings smart technology into their homes, they are opening themselves up to a breach of privacy within that space. Since the courts are highly unlikely to find a Fourth Amendment violation in regards to technology in commerce, unless the government somehow becomes involved in the sale of information from these sources, legislative action from the Federal Trade Commission is most likely to bring about change in this arena.

At this point in time, the most realistic solution to this problem would be for the FTC to begin sending cease and desist letters to companies who are utilizing this type of mass data collection. However, this could only happen if the FTC felt that the company violated section five of the Federal Trade Commission Act by using unfair or deceptive means for data collection. The practice would be found unfair or deceptive if the company does not disclose data collection practices to their consumers or the company does not allow the consumer to opt out of this practice. Further, companies must be clear about their ability to cross-device track to prevent misleading consumers into a false sense of safety by only opting into data collection for some, but not all, of their devices. Recently, the FTC started this fight against companies by bringing suits against Epic Marketplace, ScanScout, and Chitika for violations of these practices. Additionally, the FTC is able to administer rules and statutes in order to protect consumers and spur competition. However, according to the FTC Rule Making Agenda for 2017, the only action to be taken by the commission in 2017 will be for the protection of consumer information in respect to financial corporations.

If companies want to access this data from their consumers, then they must be completely honest and transparent about their practices. While this new innovation in marketing allows companies to work together in new ways and to boost sales to those using the internet, it cannot do so at the expense of those who put their faith in the company’s misleading disclosures for their products. In conclusion, consumers must be sure to check the product’s data collection disclosures to be sure of exactly what type of information they are willing to give to these companies. As you have purchased the product and the disclosure is put into the packaging, you have effectively lost any sense of privacy that you may feel entitled to within your home once you enable this data collection to occur.

Bio: Jennifer Bourne, Suffolk University Law School JD Candidate 2019. She holds a B.A. in Political Science from Boston University.

Disclaimer: The views expressed in this blog are the views of the author alone and do not represent the views of JHTL or Suffolk University Law School.