Security Smart Home

How Could the GDPR Affect Smart Home Devices? 2 Examples of Downed Services

Ian Buckley 11-06-2018

Everyone’s being flooded with emails about privacy policy updates thanks to a new data protection law (GDPR) that went into effect in late May 2018.


The GDPR has affected almost every business that exists online, even those that mainly operate outside of the EU. While it’s still unclear how large the ramifications of the GDPR will truly be, services like Klout have already closed down instead of adapting to the new legislation Klout Shuts Down and Your Klout Score Is No More Klout is shutting down, and your Klout Score is disappearing with it. And you're either just learning Klout still exists, or are scratching your head in confusion right now. Read More .

Are smart home devices and the Internet of Things (IoT) the first thing that comes to mind after the GDPR? Probably not. But will they also be impacted? You bet. Here’s everything you need to know about how the GDPR could affect your smart home.

What Exactly Is the GDPR?

The GDPR is an EU regulation designed to protect the data of EU citizens. While it is EU legislation, it affects any business working within an EU country, and any business that processes data from EU citizens.

In short, it is incredibly wide-reaching. While the GDPR gives more power to new privacy protecting apps 5 New Privacy Protecting Apps You Should Install Immediately To counter the assault on your privacy, you need to install or apply these new apps that promise some protections. These five apps promise that security. Read More , many small businesses worry it will destroy the networks they worked so hard to create and build.

The law has been put in place to regulate the data collected from you by companies. This data can be as simple as your name, or as complex as your political beliefs and sexual orientation.


The GDPR is designed to replace the now outdated EU Data Protection Directive. This old legislation came into law in 1995 when the internet was a completely different place. With high profile data breaches Equihax: One of the Most Calamitous Breaches of All Time The Equifax breach is the most dangerous, and embarrassing, security breach of all time. But do you know all the facts? Have you been affected? What can you do about it? Find out here. Read More becoming front-page news, it was time for updated legislation.

How the GDPR Affects the Internet of Things

Most smart home devices operate on a local Wi-Fi connection or using Bluetooth and infrared remotes (IR). At first glance, none of these things appear to fall foul of the new legislation. But problems arise when manufacturers use their own infrastructure to control devices.

An example of this is the Philips Hue Range How to Set Up and Use the Philips Hue Starter Kit Everything you need to know about setting up the Philips Hue starter kit smart lights and using them in your home. Read More . As one of the first smart lighting kits to hit the market, the Hue was an early success in mainstream smart home accessories. One popular feature is the ability to control your lights from anywhere using the Philips Hue App. Philips adapted to the GDPR by requiring users to re-login to their service.

How Could the GDPR Affect Smart Home Devices? 2 Examples of Downed Services phillips hue message 670


Of the many smart lighting solutions out there, so far only one of them has been hit hard by the GDPR.

Yeelights: Service Unavailable in Europe

Yeelights, manufactured by the ever dominant Android phone and tablet manufacturer Xiaomi, offers a range with similar functionality to the Hue home set, and comes with a companion app to control their lights. The day the new legislation came in, users of the service opened the app to find this message:

How Could the GDPR Affect Smart Home Devices? 2 Examples of Downed Services internet of blur 670

The fairly curt message greeted all EU users of the app. Some reported being shown an updated privacy policy, only to still get the same message after accepting it. Yeelight responded to the unannounced shutdown through a forum post titled “European server service will be restored within a week”.


How Could the GDPR Affect Smart Home Devices? 2 Examples of Downed Services yeelights forum post 670

Later in the same thread, a Yeelights employee coasterli shed more light on the situation:

“Actually, we have been working on GDPR compliance for months. But unfortunately, we found a potential risk that might not fully compliant [sic] with GDPR requirement in the last minute.”

There has been no official announcement as to whether European customers can use the app again as yet, but if you have been affected, there is a workaround. In a Reddit thread, user njitramlieu discovered a way to side-step the issue:

How Could the GDPR Affect Smart Home Devices? 2 Examples of Downed Services reddit njitramlieu 670


What made this issue worse than it could have been was an apparent lack of communication from Yeelights until after the problem had affected their European customers.

So far this appears to be the only smart home system affected to this scale, though among the other websites affected by GDPR there is one that may indirectly affect your setup.

Instapaper: Questionable Data Collection

Instapaper allows users to clip articles to read later on a device of their choice. The service was acquired by Pinterest, who made its premium service free to all users in 2016.

At the time of writing, the Instapaper homepage redirects to a statement about GDPR:

As @smithsam (the Twitter user who shared the image) states, this does prompt some questions as to what a service like Instapaper is doing with its users’ information. Given the two year window to prepare for GDPR, it seems unlikely the dev team was taken by surprise.

This only affects smart home users if you have Instapaper as part of your home automation setup—for example, using Google Home to listen to your favorited articles. IFTTT itself is not affected, as outlined by a recent post on their website. Users will be able to choose in each case if they wish to share their data with the parties involved.

GDPR and the Future

So far the answer to whether GDPR will affect your smart home is No—unless you are affected by these two specific cases. Up until now, all other smart home and IoT projects seem to have dealt with the new regulation well.

As for the future? With more and more services using our information 6 Surprising Ways Your Data Is Being Collected You know that your data is being collected, mainly by your ISP and the surveillance apparatus of the NSA and GCHQ. But who else is mining cash out of your privacy? Read More as part of the service they provide, and the lucrative industry that is user data, it seems likely there will be more turmoil on the horizon.

Related topics: GDPR, Smart Home.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *