The 70% who say they care — and the 8% who actually check
A 2026 survey of 2,435 U.S. adults found that 70% would switch their smart thermostat for a brand with better privacy. That sounds promising. But when the same researchers asked about actual behavior, only 8% of homeowners research privacy policies before buying, and 55% admit they don’t understand how their device collects data. I’d treat the 70% figure as an expression of intent, not a prediction of market behavior. The real story is the 8% who actually check what they’re signing up for.
The gap between stated concern and real action is not new. But for smart home security systems in 2026, it’s increasingly dangerous. The SafeHome.org survey (n=2,435, January–February 2026) found that only 7% of users switched providers in the past three years. Of those, just 12% cited privacy or data concerns as the reason. The top motives: better features (48%) and lower cost (39%). Privacy is a purchase differentiator only in the abstract — until something like Ring’s Search Party forces the issue.
Ring’s Search Party default-on: How a lost-pet feature became a surveillance controversy
In late 2025, Ring launched Search Party — a feature that uses AI to scan footage from eligible Ring cameras to find lost pets. It was turned on by default for all devices with cloud storage. A Super Bowl ad in February 2026 prompted a backlash so immediate that the Electronic Frontier Foundation published a detailed breakdown, and Senator Ed Markey posted on X that the feature “isn’t about dogs—it’s about massive surveillance.”
Here’s what Search Party does: when a neighbor reports a lost dog, Ring’s AI searches the saved footage of nearby cameras that have the feature enabled. The camera owner receives a notification and decides whether to share the clip. Ring says it reunites more than one dog a day with their families and that Search Party does not process human biometrics. The EFF counters that the effect is “massive neighborhood surveillance” by default. I think both statements can be true — but the problem is default-on.
Ring had claimed it ended direct law enforcement video requests in 2024. Yet by 2025–2026, it had partnered with Axon (the Taser and body-camera company) and Flock Safety (license-plate-recognition firm used by thousands of police departments). The Flock partnership was cancelled on February 13, 2026, after the backlash. But the Axon partnership remained intact as of this writing.
If you own a Ring camera, you need to turn it off manually, and the setting is per camera. That alone should tell you something about the company’s priorities.
The hidden costs: subscription lock-in and biometric liability
Cloud-only storage seems convenient, but it ties access to a recurring payment. The SafeHome.org survey found that 32% of security camera users rely solely on cloud storage. In early 2026, an Arizona family could not access recorded footage from their Ring cameras during a missing-person search because their subscription had lapsed. The footage still existed on Ring’s servers — they just could not retrieve it without paying. That is not a hypothetical risk. It is the direct result of a business model that ties access to recurring payment.
Meanwhile, Ring’s “Familiar Faces” feature uses facial recognition enabled by default on many cameras. States like Illinois, Washington, and Texas have biometric privacy laws that require explicit consent before collecting facial data. Illinois’ Biometric Information Privacy Act (BIPA) carries penalties of $1,000–$5,000 per violation. To disable Familiar Faces: Open Ring app → Menu → Control Center → Familiar Faces → toggle off. The company may be liable under state law; the user should at least know the setting exists.
Which brands actually protect your data? (Spoiler: not many)
Below is a side-by-side look at how the five largest smart home security brands handle your data. I’ve focused on dimensions that make a real difference to privacy: default data collection, local storage options, law enforcement access history, facial recognition, and two-factor authentication enforcement. The information comes from the EFF analysis, SafeHome.org market data, and product specifications as of June 2026. Where a claim could not be independently verified, I note the caveat.
| Brand | Default data collection | Local storage option | Law enforcement access history | Facial recognition | 2FA enforced |
|---|---|---|---|---|---|
| Ring (43% market share) | Search Party default-on; Familiar Faces on by default | Cloud-only; local option requires Ring Alarm Pro base station | Partnerships with Axon and Flock (Flock cancelled Feb 2026); FTC settlement 2023 | Familiar Faces runs locally, but enabled by default | Optional, not enforced |
| SimpliSafe | Minimal; no default AI scanning | Yes (base station with SD card; no cloud mandate) | No known law enforcement partnerships | None | Mandatory for all accounts (but rollout status unclear) |
| ADT | Standard cloud recording; no AI scanning by default | Some plans offer local backup, but core footage is cloud-only | Professional monitoring; law enforcement access via normal legal process | None | Optional |
| Abode | HomeKit support enables local processing; cloud optional | Yes (local base station; no subscription required for basic recording) | No law enforcement partnerships known | None | Optional |
| Eufy (Anker) | No default AI scanning; past controversy of unencrypted cloud uploads | Yes (local storage via HomeBase; subscription optional) | No law enforcement partnerships known | None | Optional |
SimpliSafe’s mandatory two-factor authentication is a positive step — but I want to know whether it is enforced for existing accounts or only new sign-ups. A policy that exists on paper but is not back-tested is less convincing. Similarly, Eufy’s local storage claims come with an asterisk: in 2022–2023, security researchers found that some Eufy cameras uploaded unencrypted thumbnails to the cloud despite advertising “end-to-end encrypted” local storage. The company fixed the issue, but it shows that marketing can outpace engineering.
For a more detailed look at how Ring’s settings work, see our Ring Camera Privacy and Data Retention Guide. For a broader overview of camera data retention policies across brands, check the Smart Home Camera Data Retention and Privacy Guide (2026).
What to do now
No major brand offers a perfect privacy solution. But the evidence is clear: default settings matter more than promises. If you want a system that respects your data today, the strongest option is Abode with Apple HomeKit for local processing, plus disable remote access and skip the cloud subscription. Even then, periodically verify that no firmware update has introduced a phone-home feature. The privacy landscape changes fast — this is not a one-time fix.
- If you own a Ring camera, immediately disable Search Party and Familiar Faces in the Control Center. The toggle path is the same for both: Menu → Control Center → toggle off per camera.
- Prefer a system with true local storage — one where recording continues without a subscription. Abode (with Apple HomeKit) and Eufy (verify that remote access is fully disabled) are the strongest options. See our HomeKit platform overview for why local processing via HomeKit matters.
- If you must use cloud storage, choose a hybrid system that keeps recordings on a base station and only sends clips to the cloud when triggered.
- Avoid systems that default to AI scanning and law enforcement partnerships. Ring’s current model, even after the Flock cancellation, remains the most privacy-hostile among major brands.
For a deeper look at how AI is reshaping the security market, read our Smart Home Security in 2026: AI Revolution Meets Privacy Backlash.
Policy Updates & Reader Notes
Privacy policies, monitoring plan prices, and security disclosures change frequently. Report new data retention terms, updated plan pricing, or new vulnerability disclosures below. For formal editorial corrections, use the contact page.
Comments
Join the discussion with an anonymous comment.