Today’s story is about Philips Hue by Signify. They will soon start forcing accounts on all users and upload user data to their cloud. For now, Signify says you’ll still be able to control your Hue lights locally as you’re currently used to, but we don’t know if this may change in the future. The privacy policy allows them to store the data and share it with partners.
Last week I wrote how toying with the first Philips Hue hub and their local API led me to start Home Assistant back in 2013. They have played an important role in my smart home and they were a role model for our Open Home vision. Sure, they are expensive but they work reliably, have a local API, can be used completely offline, and you don’t have to share your data with the cloud.
But things are changing, for the worse. When you open the Philips Hue app you will now be prompted with a new message: Starting soon, you’ll need to be signed in.
Left: A new tip informs users that they soon need to login. Right: the screen shown when clicking learn more
When you create an account with Hue, you get the ability to control your lights while away from home using their mobile app. This feature works by uploading your data to the Hue cloud such that the mobile app can reach it. Their privacy policy allows them to store this data and share it with their partners.
Creating a Hue account has been an option for a long time, but it was always an option. Many Home Assistant users preferred not to create an account and remain private, and purchased Hue devices because it allowed this.
So today, you can choose to not share your information with Signify by not creating an account. But this choice will soon be taken away and all users need to share their data with Philips Hue.
Confirming the news
I didn’t want to cry wolf, so I decided to verify the above statement with Signify. They sadly confirmed:
Twitter conversation with Philips Hue (source: Twitter)
The policy they are referring to is their privacy policy (April 2023 edition, download version). It shows that user data will be stored for as long as the account remains active, and that it will be shared with partners. I was unable to find an inactive user policy.
WHAT TYPES OF DATA DO WE COLLECT ABOUT YOU?
[…]
If you connect a product, this will form part of your Philips Hue Account.
[…]
HOW LONG DO WE KEEP YOUR DATA?
[…]
Do you have an account with us? In this case, we will keep your data while your account is active or for as long as needed to provide the product functionalities to you.
When asked what drove this change, the answer is the usual: security. Well Signify, you know what keeps user data even more secure? Not uploading it all to your cloud. Just allow a smart home to talk to Hue using the local API or Matter.
Source: Twitter
It’s not too late
Currently Philips Hue is announcing this change in their app and users are not forced yet to turn over all their data. We have contacted Signify privately to bring this issue to their attention but they have not responded.
As a user, we encourage you to reach out to Signify support and voice your concern.
Dear Signify, please reconsider your decision and do not move forward with it. You’ve reversed bad decisions before. People care about privacy and forcing accounts will hurt the brand in the long term. The pain caused by this is not worth the gain.
This is a companion discussion topic for the original entry at https://www.home-assistant.io/blog/2023/09/22/philips-hue-force-users-upload-data-to-cloud/