Nest X Yale Lock
"Hey Google, let me in!" Get this WiFi smart lock (well, you have to get a Nest Connect or Nest Guard too) and you can unlock your door, check to see if you door in locked, and know if someone has come or gone, from anywhere. Create passcodes to share with the plumber or that friend from high school so they can come and go until you don't want them to anymore. This lock is WiFi only, which means you don't need to worry about a Bluetooth vulnerability leaving you, well, vulnerable.
What could happen if something goes wrong?
Smart locks are one of those connected devices that seem to worry lots of people. The pros: They offer a lot of convenience with multiple ways to unlock the door to your home, a way to track who comes and goes from your home, they can allow you give out a keypad number to people like a babysitter and then revoke that when they no longer need access, and they can help you make sure you locked your front door when your anxiety kicks in on vacation. The cons: They can be vulnerable to any number of things such as power outages, lost or compromised phones, ransomware attacks on the company who made your lock, product security vulnerabilities, WiFi and/or Bluetooth vulnerabilities, home hub vulnerabilities, bad software updates, data leaks, and more.
With all that said, how does Google’s Nest x Yale smart lock stack up? This smart lock doesn’t come with WiFi built-in, meaning it doesn’t connect directly with the internet. Users will need Nest Connect or Nest Guard to connect it to their WiFi and the Nest app. Without that WiFi connection, users can still open the lock using the keypad. We found no known security breaches of Google's smart lock. Overall, Google seems to do a good job with security, with very few security breaches reported over the past three years, but they also aren’t perfect. Still, it’s always good to take precautions like changing pre-existing passcodes and setting up two-factor authentication.
On the privacy side of things, Google is Google. They are a huge ad company that needs your data to sell ads. Google promises that your Google Assistant voice recordings won’t be used to send you personalized ads, but they admit transcripts of your voice interactions with your may. So, when you say, “Hey Google, lock my door” to your smart speaker, the voice transcripts could help Google know things about you and then target you with ads.. Google uses your personal information to show you ads all over the place like in your Gmail, in your favorite Solitaire app, on partner websites, and on YouTube.
What’s the worst that could happen? Well, it’s entirely possible you are always asking Google to unlock your door at 8pm, right after you’ve asked Google to order you a ham and pineapple pizza. Based on that, Google decides you don’t have a life and keeps showing you ads for dating apps. You get depressed because you’re actually happily married and those ads remind you of the horrors of dating. Absolutely nobody needs that!
What can be used to sign up?
What data does the company collect?
Name, email, phone number, address
Voice recordings (if you use Google Assistant)
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In August 2019, the company admitted that partners who work to analyze voice snippets from the Assistant leaked the voice snippets of some Dutch users. More than 1,000 private conversations were sent to a Belgian news outlet, some of the messages reportedly revealed sensitive information such as medical conditions and customer addresses.
Can this product be used offline?
User-friendly privacy information?
Google provides a page with privacy information about Nest.
Links to privacy information
Does this product meet our Minimum Security Standards?
Encryption in transit and at rest.
Google has a Security Rewards program. Link: https://www.google.com/about/appsecurity/programs-home/
Google publishes academic papers about its AI research (https://ai.google/) and makes several tools available via open source. https://ai.google/tools/
Is this AI untrustworthy?
What kind of decisions does the AI make about you or for you?
If you use Google Assistant, Google uses natural language processing to understand you and to generate answers to your requests.
Is the company transparent about how the AI works?
Does the user have control over the AI features?
Got a comment? Let us hear it.