Privacy: My Smart Home, my data

Krista Aumüller
3rd November 2016 in Know How

The privacy topic is frequently debated in the media. Google and Facebook have access to vast amounts of personal data and they use these data actively. The user is increasingly turning into a transparent consumer.

The media buzz around the smart home industry has also picked up pace. Criticism surrounding smart home technology has mostly centered around concerns over privacy and data protection, with many calling for more stringent regulations to prevent major companies from accessing personal information about their customers and potential customers. Here we’re talking about smart home devices from different manufacturers. These are connected with the internet and controlled via different apps. Many IoT and smart home solutions process and store information in ‘the cloud’. This means that a person’s private information – including when they’re at home and what they’re doing whilst at home, is processed on external servers, leaving it vulnerable to attack.

These kinds of smart home gadgets promise a seamless user experience via a connection to the cloud, however, the functionality of these devices is severely limited and incomparable to a professional smart home installation. Nonetheless, the simplicity of these gadgets is often what makes them such a draw for the media.

We are often asked by our customers what happens to their data. In this blog, we want to shed light on this ‘dark’ topic of data privacy in the smart home.

Loxone Smart Home

The principal of Loxone: my smart home, my data

From the beginning of Loxone we’ve decided consciously to keep the data of our customers private. In short: Your data never leaves the Loxone Smart Home!

All data is saved and processed on one central device, the Loxone Miniserver

In the Loxone Smart Home everything is controlled centrally by one device, the Loxone Miniserver. It’s the intelligent heart and handles the control of shading, heating, alarm, music and much more. Each of these functions are controlled offline via the Miniserver, and do not require an Internet connection to work. The Miniserver also takes care of the communication with external devices like your smartphone – both at home and remotely. The Loxone Miniserver stores all customer data directly on its SD card. There’s no matching or analysis of data in the cloud, as is common for other systems. Sensitive data like the number of residents, motion, video recordings, state of the security system and more remain within your own four walls.

Authentication happens via Miniserver

The login to the Miniserver is solely done through the Miniserver itself. This is why the Loxone web account (e.g. for the login to our webshop) is not able to access the Loxone Miniserver directly. This is different for smart home devices with a cloud solution. Here, the login is typically managed centrally via a page of the manufacturer. This login may be a weak point. The Loxone system is working without a central point of attack, which could be hacked to get access to the Miniserver. Each Loxone Smart Home system is protected by the security mechanisms of the Miniserver and the general networking security (is in the hands of the user).

Accessing your data securely

The basis of your data’s security lies in you choosing a username combined with a strong password. The password should contain different characters and special characters that are kept secret. If the password is “gone with the wind”, all aspirations are gone for a higher level of security. The remote access for example via our Loxone DNS service isn’t possible with standard user data. When using our configuration software or app, at several stages we point out to not use the standard user data and to inform about the security risk.

The Loxone Smart Home can also work without internet connection

Technically there is no need for an internet connection to enjoy the full benefits of a Loxone Smart Home. The Loxone Miniserver sits on the local network. There are some features, like remote access, e-mail notifications, online weather data and push notifications that are not available without an Internet connection, of course, however, should you wish for your home to remain offline, this is certainly possible.

We communicate only the most necessary data

We offer a lot of additional services which expand the set of features and simplify the overall user experience. The use of these service is optional. If you use one of our additional services, only the most necessary data are communicated to our server, e.g. the serial number of the devices (for mailer and caller services) or the IP address (for the DNS Service). Therefore no data about the user’s habits or statistics are saved.

Smart Home works also without a data cloud

The Loxone Smart Home proves that intelligent control of a home can work perfectly without a data cloud, without restrictions to functionality or control. Unlike many standalone or ‘island’ IoT devices, Loxone offers a holistic, centrally managed solution that takes care of your entire home. It offers an affordable option for those looking for a professional, reliable and secure smart home solution that will stand the test of time.

We don’t like to rest on our laurels, however. We continually strengthen our solution with regular, free software updates. We always recommend that Partners and customers download the most current version of our software and ensure passwords are complex and kept confidential.