This is the forum archive of Homey. For more information about Homey, visit the Official Homey website.

The Homey Community has been moved to https://community.athom.com.

This forum is now read-only for archive purposes.

Intensify Privacy

Hi,

One of the reason I like Athom is because they are one of the few who is concerned about it's users privacy. Well, that's what they communicating...

Can Athom exactly describe what data is send to 3-rd parties, like Google? Will there be OPT-in options available for users to make  a choice what data is collected and send to Athom and/or 3-rd parties?

Will there be a privacy notification in the Homey App-center or a way to block certain possible privacy breaches  inside an app?

The reason I'm asking this because I want to make a fundamental choice to use the Homey or not.

Comments

  • swtttswttt Member
    @Vonkenboer ;
    The appstore asks permissions for certain activities (speech etc)
    Every app is sandboxed and can only communicate with other apps trough an api, the apps also need aproval before submitted to the appstore.

    Not sure about collecting data, but i think they use the speech-input (that is only send when you say ok homey) to their servers to process it.
  • 1 - For better understanding I like to see which data is send and shared with 3rd parties, including Google (Like analytics because I really don't trust Google).
    2 -  It would be nice to have a choice to opt-out on certain services, with clear explanation what it does to certain functionalities and what it is used for.
    3 - It would also be nice to have an overview, which ports are used and which ip-ranges or domain names are needed, to secure my router.

    This just to be as transparent as necessary to avoid unnecessary security vulnerabilities and discussions. So that users have the feeling their in control and make their own choices what to enable or disable regarding security and privacy.

    Remember when a domotica controller is breached the consequences/impact could be huge.
  • VonkenboerVonkenboer Member
    edited August 2016
    I read your privacy statement and have a simple question:
    "If you do not wish to receive any cookies at all, you may set your browser to refuse cookies all together. Please note that in that case you may no longer be able to use all the functionalities of the Website or App."

    I blocked the use of Google analytics for the Website but how do I disable the use of Google analytics in the app?

  • Use an application firewall like a palo alto firewall (it's (very) expensive, I know, but you're privacy ain't free as well I presume..) and you are able to block applications (https://applipedia.paloaltonetworks.com/) even on non-standard ports..

  • There is no Google Analytics in the Homey web-app, is there? I don't see in in the source code. And that better not change: I don't want Athom to track when, where or how I log in to my Homey on my network on my PC. It's not Athoms business.
  • There is no Google Analytics in the Homey web-app, is there? I don't see in in the source code. And that better not change: I don't want Athom to track when, where or how I log in to my Homey on my network on my PC. It's not Athoms business.

    Athom knows everything you name without using Google Analytics ;)

    How else could the redirect you from My.Athom.com to your Local IP or the Cloud version?
    And did you checked my.athom.com for strange scripts? Or this forum/appstore/etc?
  • something I do not understand is that you buy the ultimate sniffing machine. Because with the built in microfone it is possible to list 24/7 and are afraid of Google getting your personal information? 

    Also I m surprised that nobody from has yet answered your questions 
  • VonkenboerVonkenboer Member
    edited August 2016
    something I do not understand is that you buy the ultimate sniffing machine. Because with the built in microfone it is possible to list 24/7 and are afraid of Google getting your personal information? 

    Also I m surprised that nobody from has yet answered your questions 
    You can disable the microphone, which I did, because that data is shared with 3rd parties.

    My goal is to do all communication by Telegram. jorden is already doing a hell of a job writing an Telegram app to do just that. When proofed working, I will block all other communications to the internet or do some extended testing which communication are used and is absolutely necessary.

    Off course I  would like to see some straight answers from Athom, which data is send (ports, ip-range, FQDN) and what services will not working when blocked.

    The best solution should be to add opt-in/out options to the homey itself.

    The privacy statement clearly describes a option to access/remove all data, which looks promising:
    "You can request access of the data that Athom processes about you at any time, and have these corrected or removed by sending a request to data@athom.com"

    I think their privacy statement and the intentions they communicate regarding privacy are giving me some trust. Lets see of Athom can live up to their promises.
  • VonkenboerVonkenboer Member
    edited August 2016
    MarcoF said:
    There is no Google Analytics in the Homey web-app, is there? I don't see in in the source code. And that better not change: I don't want Athom to track when, where or how I log in to my Homey on my network on my PC. It's not Athoms business.

    Athom knows everything you name without using Google Analytics

    How else could the redirect you from My.Athom.com to your Local IP or the Cloud version?
    And did you checked my.athom.com for strange scripts? Or this forum/appstore/etc?
    FYI: "To set-up and connect devices to your Homey, your name and all the user data of your Homey, including a log of commands, devices connected to Homey and their settings, installed Apps and their settings, the structure of your home and the scenarios you created for automating your home. All this data is stored ENCRYPTED as a back-up on our servers. This data is not used for anything else, and can only be decrypted with your password and not by us."
  • MarcoFMarcoF Member
    edited August 2016
    Everything made by human hands, can be broken by human hands.

    And saving user data != knowing what your user do where data comes from other sources.
    Or other know what you do....
    Appstore uses Analytics and(!) google's font API.

    Also my.athom.com uses different google(which dropped there don't be evil slogan) services. 
  • So, what you're saying, there is nothing to do about it?
  • So, what you're saying, there is nothing to do about it?
    Ofcourse you can stop using these services but honestly I think if this is what you want you could have used another solution.

    Why not Domoticz? You can host it yourself, it's opensource so you can check the code for privacy implications and it does most things Homey does. 
  • Thanks for your suggestion DieterKoblenz. When I have a bit spare time, I'll take a look at Domoticz. Sounds promising.

    But the suggestion I want to make is to Athom is to add options to opt-out services. Then we can make choice whether to use it or not.

    A official respond from Athom would be nice though...
  • @Emile any input?
Sign In or Register to comment.