The popularity of internet connected devices continues to grow everyday. While cell phones and personal computers have become nearly ubiquitous in the U.S., internet-enabled smart devices like fitness trackers or home security systems continue to enter the market. According to a Business Insider Intelligence report, there will be more than 24 billion internet connected devices around the world by 2020. This network of connected devices is collectively known as the Internet of Things (IoT).

The IoT is generally used to describe devices that are internet connected and can communicate with one another through sensors. It includes devices used by businesses, governments, and individuals. This IoT ecosystem is diverse and can include anything from machine components used in manufacturing plants, to traffic sensors used in cities, to smart devices we use in our homes like refrigerators, washers and dryers or lamps, to wearable activity trackers. As Forbes contributor David Morgan explains, “if it has an on and off switch then chances are it can be a part of the IoT.”

Connected Devices Within the Home

Home automation and smart home devices are becoming increasingly popular and are part of this IoT ecosystem. More and more households are adopting smart home appliances like refrigerators, or installing smart home security systems and smart energy equipment like thermostats and lighting.

Amazon, Google, and Apple are just some of the industry leaders producing IoT devices for use in the home. Through product offerings like Google’s Nest, individuals can equip their homes with Wi-Fi enabled smoke detectors, thermostats, and home security systems. All of these devices can be monitored and controlled remotely through an app on their phone. Smart speakers like the Amazon Echo and Google Home respond to a user’s’ commands and then allows them to play music, order items online, or ask for information like the day’s forecast. These systems provide many obvious benefits in the home; they allow individuals to monitor their energy consumption, check on security cameras while they are out of town, and find out if they should pack an umbrella just by asking, “Alexa, what’s the weather like tomorrow?”

Amidst the many benefits of IoT in the home, there are still many security and privacy concerns associated with smart devices. The recent Distributed Denial Of Service attacks in October 2016 spotlighted the vulnerability of such devices to hackers. The attack, which shut down major portions of the internet on the east coast in the U.S. and in parts of Europe, was caused by hacking IoT devices commonly used in the home, like webcams and DVRs. Privacy of internet connected devices is also a concern. This past Christmas, toy maker Genesis came under fire for the privacy of toys that record and respond to children’s conversations. In 2015, it was revealed that Samsung’s Smart TV privacy policy allowed the device to not only record private home conversations and upload them to “third parties”, but that Samsung failed to encrypt the collected data. This security policy meant that individuals’ personal living room conversations were vulnerable to unauthorized access.

In a more recent case, an Arkansas murder trial has brought issues of IoT privacy under national scrutiny once again. Victim Victor Collins was found dead in the hot tub of James Bates on the morning of November 22, 2015. Following Bates’ investigation, police and a Benton County attorney requested access to audio data from the Amazon Echo in Bates’ home. The Echo, a voice activated smart speaker, has multiple microphones that record users and allow them to play music, ask for information like movie times, and make purchases via Amazon. The Terms of Use of the “always listening” device have come under scrutiny, but as proponents have stated, the device records and uploads audio only after the device is activated by a “wake word”–usually “Alexa.” Once the wake word is spoken, commands are recorded, analyzed to return information to the user, then stored on a server where they can be reviewed.

So far, Amazon has not granted access to the suspect’s Echo data and released a statement noting that the company “objects to overbroad or otherwise inappropriate demands.” The case has gained national attention in recent months and calls attention to the Terms of Use of such devices, our expectation of privacy, and the lack of clear legislation surrounding how this information is used and who has access to it. The Electronic Privacy Information Center (EPIC) highlighted this lack of regulation, as well as consumer privacy and security concerns, in a 2015 letter to the Justice Department.

Although many IoT companies state that they simply store information anonymously, there are many problems with anonymizing data. Several MIT studies have shown that only a few data points, like cell phone location, Twitter activity, and one financial transaction, are enough to uniquely identify a person.

How To Protect Yourself

Such privacy concerns and the lack of regulation for internet connected devices raises questions about our expectations for privacy online. 44% of American consumers state that they are concerned with their privacy and internet connected home devices. Where there is no clear protocol, personal information is made vulnerable to being leaked online. This could have dire impacts on your online reputation if you fall victim. Information regarding your daily schedule, what kind of music you listen to and private conversations you have in your home could be made public. While legislation and industry standards must still be formed, there are several proactive steps you can take to help protect yourself in the event that your private information becomes public:

Do your research. Be familiar with a company’s terms of use and privacy policies.

Become familiar with security policies. Learn how to encrypt your data and enhance your security with proper passwords and other safeguards.

Be proactive. Manage your online reputation continuously to help mitigate any negative consequences of leaked information or privacy breaches.