Contents
Chapter 1 — What Robot Vacuums Really Collect

Cameras, microphones, 3D floor plans: far more than dust

Modern robot vacuums are equipped with sensors that go far beyond picking up dust. The data collected falls into six categories: map data (2D and 3D floor plans including room dimensions, furniture outlines, doors and windows), image data (photos and videos of obstacles and rooms), audio data (voice commands and ambient sounds), network data (Wi-Fi SSID, IP addresses), usage data (cleaning times, movement profiles, error codes) and account data (email addresses, serial numbers, MAC addresses).

"Floor plans reveal a great deal about social status through the size of the property. Photos of furniture give clues about age, the presence of children or the physical condition of residents. Even the cleaning schedule reveals a household's daily rhythm." — Dr. Rebecca Balebako, privacy researcher, ZHAW

Cameras

Cameras are now built into most premium models. The iRobot Roomba j7/j9 uses a front camera for PrecisionVision obstacle detection and, according to former CEO Colin Angle, identifies over 80 different object types — from pet waste to shoes. The Ecovacs Deebot X1/X2/T8–T30 series includes cameras with AIVI technology (AI Visual Interpretation) and offers live video monitoring via the app. Roborock's S6 MaxV, S7 MaxV and the Saros Z70 feature dual-camera systems (ReactiveAI). The Dreame L20 Ultra and X50 Ultra also use camera navigation — security researcher Dennis Giese found an "AI Server" folder and image upload functions in the firmware.

Microphones

Microphones are found mainly in Ecovacs devices: the Deebot X1 family, T10, T20 and T30 have built-in microphones for the YIKO voice assistant, including two-way audio. Users who consent to the "voice interaction improvement programme" have their recordings sent to an Ecovacs server in China.

Local vs. cloud — what manufacturers claim and what is true

Roborock claims maps are stored exclusively on the device — however, an update to its privacy policy in July 2025 revealed that Korean customer data "may be processed in China". iRobot states that navigation images are stored only on the robot. Ecovacs, by contrast, stores maps both locally and in the cloud. Xiaomi offers a "local mode" — but it is not enabled by default.

Chapter 2 — Server Locations

Where does the data go? Manufacturers at a glance

Manufacturer Headquarters Server locations Rating Notes
Vorwerk Kobold Germany 🇩🇪 EU servers ★★★ Excellent AV-TEST 3/3, Stiftung Warentest top rating, minimal data collection
iRobot / Roomba USA (→ China*) AWS (AES-256AES-256Advanced Encryption Standard with a 256-bit key — an encryption method considered unbreakable and used by militaries and banks. Protects data in transit.) ★★☆ Good *Bankruptcy Dec. 2025, acquisition by Chinese Picea Robotics for $190M
Roborock Beijing 🇨🇳 China, DE, RU, USA ★★☆ Improved Data sharing with Tuya Smart (Tencent-funded, Hangzhou)
Ecovacs Deebot Suzhou 🇨🇳 AWS (USA) + Alibaba Cloud (CN) ★☆☆ Problematic Multiple hacks, data explicitly in CN, CCPA: "sells" personal data
Dreame Suzhou 🇨🇳 Not disclosed ★★☆ Acceptable AI features disabled by default; T&Cs governed by Chinese law
Xiaomi Beijing 🇨🇳 NL, IN, SG, RU ★☆☆ Poor AV-TEST 1/3, "constant data stream to Chinese manufacturer" (AV-TEST)
SharkNinja USA 🇺🇸 US-based ★★☆ Good Consumer Reports: "Good" — states it does not sell data
DJI Romo Shenzhen 🇨🇳 China (plaintext) ★☆☆ Very poor 6,700 devices accidentally public, data unencrypted
⚠️
Discount robot vacuums (Aldi, Lidl, Action) frequently use the Chinese Tuya platform. Lidl claims to use Microsoft Azure in Europe — but internally it contains a Tuya Zigbee module. An ESET researcher warned: "It is hard to imagine that Tuya is willing to deploy IoT devices securely and robustly at scale."
Chapter 3 — Chronicle of Incidents

From toilet photos to robot armies: 2022–2026

Dec. 2022
● Critical
iRobot Roomba — toilet photo on Facebook. MIT Technology Review revealed: development versions of the Roomba J7 had captured intimate photos — including a woman on the toilet and a child. The images were sent to Scale AIData annotationA US company that prepares training data for AI. Human workers label images (e.g. "this is a chair") so the AI can learn. The Roomba's toilet photos ended up with such workers., where Venezuelan gig workers used them for AI data annotation and subsequently shared screenshots in Facebook groups. 95% of the AI training data came from real private homes.
May 2024
● Critical
Ecovacs Deebot X2 — racist abuse in US homes. Ecovacs robots were hacked in Minnesota, Los Angeles and El Paso. Lawyer Daniel Swenson: his robot blared racist abuse through its speakers — in front of his 13-year-old son. In Los Angeles, a hacked Deebot chased a dog around the house.
Aug. 2024
DEF CON 32
● Critical
Ecovacs — Bluetooth takeover from 130 metres. Researchers Dennis Giese and Braelynn Luedtke demonstrated at DEF CONDEF CONThe world's largest hacker conference, held in Las Vegas. Security researchers publicly demonstrate vulnerabilities in products — often with devastating results for the affected manufacturers.: Ecovacs robots could be fully taken over via Bluetooth from up to 130 metres away — in under a second. The PIN protection for camera feeds was only checked client-side. No hardware indicator when camera/microphone was active. Ecovacs had known since December 2023. Response: users "need not worry excessively." Affected: 11 product lines including Deebot X1, X2, T8–T10, N8–N10 and the Goat G1 lawn mower robot.
Oct. 2024
● High
Ecovacs — AI training with home photos without genuine consent. ABC News Australia exposed: Ecovacs collected photos, videos and audio recordings via the Deebot X2 for AI training. Users who "consented" received only vague details — a promised information link did not exist.
2025
● Critical
Giese takes control of ~7,000 Ecovacs devices worldwide. Dennis Giese discovered a cloud authentication error that theoretically allowed control over around 7,000 Ecovacs devices across multiple countries — including camera, microphone and map access. CISACISACybersecurity and Infrastructure Security Agency — the US cybersecurity authority. When CISA publishes an advisory, the vulnerability is serious enough to be classified as a national threat. issued a formal advisory. CVE-2025-30199CVE / CVSSCommon Vulnerabilities and Exposures — a public database of security vulnerabilities. CVSS 8.6 means "highly critical" on a scale of 0–10. This flaw allowed injection of malicious code via manipulated firmware updates. (CVSS 8.6): injection of malicious code via manipulated firmwareFirmwareThe built-in software of a device — the robot vacuum's "operating system". Firmware updates can close security gaps but can also introduce new functions or backdoors. possible.
2025
● Critical
iLife A11 — backdoor, plaintext data and remote kill switch. Engineer Harishankar Narayanan discovered: his iLife A11 was running with an unauthenticated Android Debug BridgeADBA developer tool for Android devices. If left unsecured and enabled, anyone on the network has full access to the device — reading files, installing software, remote control., contained "rtty" remote access software and was continuously sending data to China. When he blocked the telemetry, the manufacturer sent a remote kill command — the device was rendered unusable. The same hardware platform (3irobotix CRL-200S) is also found in devices from Xiaomi, Wyze, Viomi and Proscenic.
Sep. 2025
● High
KISA test: Dreame, Narwal, Ecovacs failed. South Korea's security agency tested 6 brands across 40 parameters. Dreame X50 Ultra: remote camera activation possible. Narwal Freo Z Ultra and Ecovacs Deebot X8 Pro Omni: inadequate app authentication, third parties could access cleaning photos. Only Samsung and LG received top marks.
Feb. 2026
● Critical
DJI Romo — accidental robot army from 24 countries. AI strategist Sammy Azdoufal in Spain reverse-engineered the MQTTMQTTMessage Queuing Telemetry Transport — a communication protocol for IoT devices. Connects robot vacuums to cloud servers. When poorly secured, outsiders can send commands to thousands of devices simultaneously. protocol of his DJI Romo. Within 9 minutes, ~6,700 DJI Romo robots from 24 countries had responded. He had access to live camera feeds, microphone audio, 2D floor plans, battery levels, serial numbers and IP addresses. The data was stored in plaintext on the servers. DJI claimed the problem had been fixed — Azdoufal disproved this 30 minutes later.
Chapter 4 — Data as a Business Model

AI training, ad profiling and the floor plan that nearly got sold

The question of whether manufacturers sell map data is central. Direct, confirmed sales of floor plan data to third parties have not been documented so far — but clear intent and indirect monetisation have.

In July 2017 iRobot CEO Colin Angle told Reuters that iRobot "could strike a deal to sell its maps to Amazon, Apple or Google". Following public outcry, he backtracked. Nevertheless, iRobot's privacy policy collected: age, date of birth, gender, salary, leisure interests, number of children and pets — data not required for a vacuum cleaner.

Ecovacs goes further: its US privacy policy permits sharing personal data for "advertising and analytics". Under the California CCPACCPACalifornia Consumer Privacy Act — California's data protection law. Gives consumers the right to know what data is collected and to opt out of the sale of their data., Ecovacs acknowledges that it "sells" personal information in the regulatory sense — unless users opt out.

What Amazon's planned acquisition of iRobot would have meant

The planned $1.7 billion Amazon acquisition would have given Amazon access to the most detailed home data in the world. The Roomba J7 series had identified over 43 million objects in private homes and classified 80 types. Combined with Alexa, Ring and Blink: a comprehensive domestic surveillance network. Senator Elizabeth Warren wrote to the FTC that Amazon would thereby gain "eyes and ears inside the home". The European Commission blocked the deal in January 2024.

🔄
The irony of regulation: The EU blocked Amazon on privacy grounds. iRobot subsequently went bankrupt — and is now being acquired by Chinese firm Picea Robotics for $190M. The iRobot data from millions of homes could soon be in Chinese hands.

LidarPhone: vacuum cleaner as laser microphone

Academic research demonstrates the potential for misuse: researchers from the University of Maryland and the National University of Singapore demonstrated the "LidarPhone" attack in 2020 — the LiDARLiDARLight Detection and Ranging — a laser sensor that maps the surroundings in 3D. Creates precise floor plans of the home. Researchers showed it can even be repurposed as a microphone (the LidarPhone attack). sensor of a robot vacuum was repurposed as a laser microphone to eavesdrop on conversations. Accuracy in recognising spoken digits: over 90 per cent. A forensic analysis of the Amazon iRobot Roomba cloud (ScienceDirect, 2023) uncovered undocumented APIs that enabled extraction of the entire cleaning history and all detected objects.

Chapter 5 — Regulation

Law lags behind — what authorities say

0
Formal GDPR fines against robot vacuum manufacturers to date
42%
Of Germans know that smart home devices can be infected with malware (BSI 2024)
2027
From Dec. 2027: EU Cyber Resilience Act — binding security standards for robot vacuums

The BSIBSIBundesamt für Sicherheit in der Informationstechnik — Germany's federal cybersecurity authority. Warns against robot vacuums with cameras/microphones and recommends network isolation. (Germany's Federal Office for Information Security) has published a dedicated page on robot vacuums and warns of 3D environment mapping, camera/microphone data collection and the permanent internet connection as an attack surface. The Bundesnetzagentur has warned against smart devices with hidden camera and microphone functions — under §90 TKG§90 TKGGerman Telecommunications Act §90: prohibits devices in Germany that can covertly capture images or audio. Hidden cameras and microphones in everyday objects are therefore illegal., such devices are illegal in Germany. The LfDI Baden-Württemberg put it plainly: "Spy in your own home — robot vacuum cleaners as data sieves."

Chinese intelligence law

China's National Intelligence Law (2017) states in Article 7: "All organisations and citizens shall, in accordance with the law, support, cooperate with and collaborate in national intelligence work." The Data Security Law (2021) and Counter-Espionage Law (2023) extend these obligations. All leading robot vacuum manufacturers — Ecovacs, Roborock, Dreame and Xiaomi — are headquartered in China and subject to these laws.

🇪🇺
The Dutch think tank Clingendael, in a report with KPMG, warned of a "Huawei-like development" and concluded: "European legislation is currently insufficient to protect European data collected by foreign companies in Europe." The EU Cyber Resilience ActCRAAn EU law entering into force from December 2027 that mandates binding security standards for all connected devices — including robot vacuums. Manufacturers must report security vulnerabilities within 24 hours. applies to robot vacuums from 11 December 2027. From September 2026, a 24-hour mandatory reporting requirement for security vulnerabilities applies. Fines: up to €15M or 2.5% of global annual turnover.
Chapter 6 — Protective Measures

From guest Wi-Fi to cloud liberation: how to protect yourself

1
Minimal effort — app settings
Easy

In the manufacturer's app, cloud map synchronisation, camera/AI features and usage data sharing can usually be disabled. Ecovacs offers a physical lens cover. On Dreame devices, AI obstacle recognition, voice control and the live camera are disabled by default — check that this remains the case.

Kaspersky recommends: "Only run the robot when no family members are present" (for camera-equipped models) and setting up virtual wall barriers for sensitive rooms such as bedrooms or bathrooms.

2
Network isolation — guest Wi-Fi and Pi-hole
Intermediate

The BSI explicitly recommends operating smart devices on a separate network (guest Wi-Fi). This prevents a compromised robot vacuum from accessing computers, NAS devices or other equipment on the main network. Most consumer routers (Fritz!Box, TP-Link, ASUS) offer guest networks with device isolation.

In addition, a Pi-holePi-holeA network-wide ad blocker running on a Raspberry Pi. Blocks connections to tracking and telemetry servers at DNS level — not just in the browser but for all devices on the network. or AdGuard Home blocks telemetryTelemetryUsage data automatically sent to the manufacturer: cleaning times, map data, error logs, network info. Runs permanently in the background, often without the user noticing. at DNS level. For Xiaomi devices, dedicated blocklists exist on GitHub that filter domains such as a.stat.xiaomi.com, api.ad.xiaomi.com and data.mistat.xiaomi.com.

Advanced users can set up dedicated IoT VLANsVLANVirtual Local Area Network — a virtual network within your router that completely separates smart home devices from computers and phones. Even if the robot vacuum is hacked, the attacker cannot reach other devices. with granular firewall rules via UniFi or OpenWrt.

3
Valetudo — complete cloud liberation
Advanced

ValetudoValetudoAn open-source firmware replacement for robot vacuums that completely removes cloud connectivity. All functions are retained, but no data packet ever leaves the local network. Requires technical knowledge to install. is open-source software that replaces cloud access entirely with local control. Developed by German developer Sören Beye, it runs as a "brain parasite" on the original firmware and replaces only the cloud connectivity. All features (navigation, mapping, cleaning) are retained — but not a single data packet leaves the local network.

Supported models: Dreame (D9, L10 Pro, L10s Ultra, L20 Ultra, X40 Ultra), Roborock (S5–S8, Q7 Max, Q Revo), Xiaomi, Eureka. Integration into Home Assistant via MQTT. Installation on Dreame devices requires a 3.3V UART adapter and the "Dreame Breakout PCB" — on older Roborock models it can be done wirelessly via the OTA method.

→ valetudo.cloud
4
Completely offline — Wi-Fi-free models
Maximum privacy

Anyone wanting maximum privacy can choose a robot vacuum without Wi-Fi. Models such as the Eufy RoboVac 11S MAX, Medion MD 18510 or ZACO V5s Pro operate exclusively via remote control — without any network connection. The trade-off: no app, no intelligent room management.

But also: zero data collection, zero cloud dependency, zero privacy risk. For anyone who values security over convenience, this is the most consistent solution.

A special tip: the Miele Scout RX3 has a physically removable Wi-Fi module — a unique privacy feature in a premium model.

Chapter 7 — Conclusion

🤖 The privacy cost of convenience

The incidents between 2022 and 2026 — from intimate toilet photos on Facebook to racist abuse shouted from hacked robots to an accidentally controllable robot army from 24 countries — are not isolated cases. They are symptoms of an industry that consistently prioritises functionality over security.

Three findings stand out. First, the claim that "data stays local" is often misleading — even Roborock, which markets this most heavily, shares user data with Chinese IoT provider Tuya Smart. Second, the iRobot case illustrates the irony of failed regulation: the EU blocked Amazon on privacy grounds, whereupon iRobot went bankrupt — and is now being acquired by a Chinese company. Third, with Valetudo, network isolation and Wi-Fi-free models, viable alternatives exist that demonstrate: thorough cleaning and data protection are not mutually exclusive — they simply require more conscious purchasing decisions.

Virtually all leading brands are now Chinese and subject to laws that can compel them to cooperate with intelligence services. Anyone buying a robot vacuum should be aware of this.

Sources & Evidence
[1]
MIT Technology Review: iRobot Roomba photo leak (December 2022)
Exposé of the Roomba J7 photo leak: intimate household photos with Venezuelan gig workers on Facebook. 95% of training data from real homes.
technologyreview.com/2022/12/19/1065306/roomba-irobot-robot-vacuums-artificial-intelligence-training-data-privacy/
[2]
ABC News Australia: Ecovacs AI data collection (October 2024)
Ecovacs Deebot X2 collected photos, videos and audio for AI training without transparent consent. The promised information link did not exist.
abc.net.au/news/science/2024-10-04/robot-vacuums-are-photographing-people-in-their-homes/104430236
[3]
The Guardian / TechCrunch: Ecovacs hacks in US cities (May 2024)
Deebot X2 robots hacked in Minnesota, Los Angeles and El Paso — racist abuse from speakers, camera feeds taken over.
theguardian.com/technology/2024/oct/04/robot-vacuum-cleaner-hack-deebot-x2
[4]
DEF CON 32: Dennis Giese & Braelynn Luedtke — Ecovacs security analysis (August 2024)
Full Ecovacs takeover via Bluetooth from 130 m. 11 product lines affected. Ecovacs had known since December 2023 — and did not respond.
media.defcon.org/DEF CON 32/presentations/Giese-Braelynn-Hacking-Ecovacs.pdf
[5]
CISA Advisory: Ecovacs CVE-2025-30199 (2025)
Formal advisory from US cybersecurity authority CISA on Ecovacs vulnerabilities. CVSS 8.6: injection of malicious code via manipulated firmware updates.
cisa.gov/news-events/cybersecurity-advisories
[6]
Sammy Azdoufal: DJI Romo MQTT analysis — accidental robot army (February 2026)
Reverse-engineering of the MQTT protocol: ~6,700 DJI Romo robots from 24 countries accessible, data in plaintext on servers.
sammy.link/romo
[7]
Harishankar Narayanan: iLife A11 backdoor and kill switch (2025)
Open ADB interface, rtty remote access, data stream to China and remote kill command after telemetry blocking. Same platform in Xiaomi, Wyze, Viomi, Proscenic.
linkedin.com/posts/harishankar-narayanan/ (primary documentation)
[8]
BSI: Security guidance on robot vacuums
Official BSI warning on 3D mapping, camera/microphone data collection and recommendation to use guest Wi-Fi for smart home devices.
bsi.bund.de/DE/Themen/Verbraucher/Internet-der-Dinge/Saugroboter/
[9]
AV-TEST: Security and privacy ratings for robot vacuums
Independent tests: Vorwerk 3/3 stars, Xiaomi/Roborock S55 with successful man-in-the-middle attacks on TLS connections. Xiaomi: constant data stream to manufacturer.
av-test.org/de/sicherheit/smart-home/staubsaugerroboter/
[10]
Mozilla Foundation: *Privacy Not Included* — robot vacuum ratings
Ratings of Ecovacs (data sharing with third parties for marketing), Wyze (sells personal data) and other manufacturers.
foundation.mozilla.org/de/privacynotincluded/categories/robot-vacuums/
[11]
LidarPhone: attack on LiDAR sensors (2020) — University of Maryland & NUS
LiDAR sensor repurposed as a laser microphone: >90% accuracy in recognising spoken digits from intercepted conversations. Demonstrated on an Ecovacs robot.
arxiv.org/abs/2005.00100
[12]
EU Cyber Resilience Act (December 2024)
In force since December 2024. Binding cybersecurity requirements for robot vacuums from 11 December 2027. Mandatory reporting of vulnerabilities from September 2026.
eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32024R2847
[13]
Valetudo — open-source cloud replacement for robot vacuums
Developed by Sören Beye, based on Dennis Giese's security research. Replaces cloud connectivity with local control. Supports Dreame, Roborock, Xiaomi and others.
valetudo.cloud
[14]
Carnegie Endowment: Chinese intelligence law and tech companies (January 2025)
Analysis of the legal cooperation obligations of Chinese companies with intelligence authorities. Affects all robot vacuum manufacturers headquartered in China.
carnegieendowment.org/research/2025/01/chinas-tech-companies-and-national-security