SmartThings Security Approach - Abstract

It doesn’t hurt to ask. You won’t know until you ask. Since ST is charging you peanut for a hub. I wonder what are they doing with all the data. Selling them to China?

Unless you work for NSA you don’t really have that kind of control. Well maybe, if you unsubscribe from your internet service, don’t ever pick up the phone and always use cash when you buy things!

Sure, except you expect any manufacturer to come out and tell you?

Actually a lot do, it’s just buried in their T&C’s…

Benji, a few tinfoil hat moments is a good thing. Wish more people had concern. Of course, you undoubtedly swing open your front door when a service technician appears and invite them in to go through your drawers, examine your computer and all its files, maybe scan your tax returns and mail? Or do you just draw the line there but skip over reading terms of service and license agreements?

Not to steer the subject of this thread but of course I don’t expect an answer from the manufacturer but it’s good to have concern and bring it up. That’s what this community is for. :wink:

SBDOBRESCU: Obviously the level of data gathering and surveillance is unprecedented and, unfortunately, most of it is hidden and usually not secure.

I, for one, am not willing to bend over, grab my ankles, and hand any service provider a jar of Vaseline so they can have their way with me. My preference is to be aware, choose what I am willing and not willing to share, and do so with transparency.

Too often privacy and security takes a back seat to “customer convenience” and “it will help us improve the product and services we deliver to our customers.” Some of that is OK with me, but there is a reason I turn off location services on my phone for certain apps that I don’t want broadcasting my whereabouts to anyone who cares to look. When I load apps, and the operating system has a permissions prompt that allows ME to decide if I want my location broadcast, notifications and so on, then I have some level of control. That’s all I really expect…an ask…not just an assumption they can take anything and everything.

1 Like

No, I actually go and look at the data being transmitted as hinted :wink:

Just because I’m digging at your tin foil hat, doesn’t mean it’s something that doesn’t concern me, the difference being that I know that certain features depend on certain data and if I want them I have to agree to the data that is transmitted. Additionally I understand that most of the data that is transmitted isn’t actually that big of a deal :wink:

Like I said, I sincerely hope you don’t have any Google or Apple products, you pretty much cannot do anything these days without devices sharing data. You’ve just got to understand that individually you’re not that important.

1 Like

Seems entirely reasonable to me.

@sborsch I can mostly only point to our Privacy Policy:

And state that we are not selling your data. We are against the practice of using personally identifiable info for anything other than troubleshooting and improving the experience of using SmartThings.


The issue is If you want all the basic functionality and don’t want any outside connection why should you have to push data? If you do want a function that requires pushing data upstream then fine, but not all of us do. I’m retired old and creaky don’t get around well, which is why I am interested in this technology. I however go outside of my fence line maybe once a month for an hour to pay bills that’s it. I don’t have a cell phone don’t need one. I don’t want to let the world know when I wake up and don’t do social media. I do pay cash for every thing I buy I don’t have credit cards. I retired as a ethical hacker / security consultant I am well aware that a company can have the best privacey policy in the world and be sold and change it, I know what my network security is like I have no ideal what smartthings is like, so why should I trust any data to them? It’s not tinfoil hat it’s call due deligence. and proactive protection. I can so no technical reason for this at all unless your wanting to interact with social media and what not. Sure they may want to collect data for trouble shooting and stistcal anaylis.

In conculiion I like what the thing has to offer I really want to buy it but if I have to create and account to use it forget it not happen.


@dashoe - When we set out to build SmartThings, we recognized a significant shift in the opportunities for computing at scale afforded by the cloud, and that connecting everyday devices to the network will allow for entirely new applications and use-cases over time - especially with the vibrant developer community that has developed here.

Our vision is to provide our users with the easiest way to turn their home into a smart home, using whichever devices make sense for them. We still have a very long way to go as an industry to fully realize that promise, but one thing is very clear: no one standard will “win”, and no one company will manage all of the connected devices in the world.

With these two things in mind, we decided to build a connected product. We started with a cloud first approach in which the SmartThings Hub was mainly a radio-proxy to our cloud service, and we’ve made great advances with our recently released next generation Samsung SmartThings Hub that brings much of the message handling and event processing down to the Hub. This model allows many of our users’ automations to continue to run, even in the event of a temporary Internet service outage. It is, however, not intended to be used entirely as a disconnected device.

We recognize that this model isn’t for everybody, but we believe it is necessary to fulfill our vision of the truly connected home. There are other products out on the market that will operate in an entirely disconnected mode - and while they won’t bring the same benefits that SmartThings does, they may be more suitable for your use-case.