BlueScore wants to show you which devices are looking in

This story was first published in the Aug. 19 issue of my weekly newsletter. 

As consumers become more aware of how much data their devices take in and how often that data gets sold or shared with third parties, Maks Czuperski is hoping there’s a market for services that can expose the data-hungry devices in the vicinity. Czuperski is the co-founder of an app called BlueScore, which aims to use augmented reality and a database of devices to expose nearby microphones, cameras, and more.

The company was created in 2021 after Czuperski became concerned about the increasing number of ways people are tracked inside and outside of their homes. “The last place privacy will exist is between the four walls of the home,” Czuperski says. “I want to try to protect that before it’s gone.”

His solution was to develop a service and an app that lets a user scan a room and see different-colored bubbles pop up near any devices that can transmit data. He compares it to a Pokémon GO-style game for privacy. The bubbles are color-coded to indicate the device’s potential for harm, and grow in size based on their closeness to the scanner. Devices are picked up using triangulation of Wi-Fi and Bluetooth signals.

The most problematic bubbles appear red and generally indicate a device was manufactured by a vendor that has ties to governments on a U.S. watch list or known privacy problems. Grey bubbles indicate that the device has unknown identities; users can add the details of the device to the app to help others categorize them. Blue bubbles mean the device has good privacy policies. During a demo in which Czuperski scanned his apartment during a video call, his home was filled with grey bubbles of varying size.

Czuperski told me the app uses data from existing government watch lists and privacy policies to build its database of products. He would also like to work with other organizations, such as Mozilla or Consumer Reports, that track privacy policies, sensors, and device terms of service.

The app isn’t ready for casual testers, but organizations in the financial sector and government agencies are currently testing it.

As a journalist, I can see such a device coming in handy, allowing me to scan for microphones or cameras in coffee shops or buildings where I might be working. Any profession that deals with secrets — from lawyers to doctors — could find a use for such a product, especially as more people work from home or on the road. Notably, the U.S. Army already actively discourages teleworkers from having smart speakers or TVs in their offices.

Czuperski wants to charge companies for the app by the seat as well as provide a free version. Companies that pay for the app would be able to customize it for their needs. So a hospital that wanted to prevent doctors from taking teleconference calls in rooms with cameras or microphones could get BlueScore to highlight those devices, for example. Or military customers could get it to track devices that are made by foreign governments.

What I like about the idea is that it’s far easier to use AR and a phone to scan your home to catch devices that might represent a problem, as opposed to trying to review every privacy policy and figure out which sensors might be on a gadget.

I also like how Czuperski is thinking about user privacy. For example, when a company uses BlueScore, data from employees’ varied locations get aggregated and the employees get scored on a dashboard within the organization. The organization can’t see the devices an employee might own (medical devices or connected sex toys, for example), only that a team or group of people in the organization has one or more devices it would deem problematic. There’s also no way to tell which individual that might be.

The organization can then incentivize a team or cohort to get rid of “red-tagged” devices or raise their overall position with regard to security by offering perks such as a gift card for teams that improve their overall device privacy. Widespread use of such an app could also incentivize device makers to build more privacy-protecting devices or adopt better terms of service.

There are a few holes in this plan. The biggest one is that the quality of the service can only ever be as good as the database of devices and the privacy policies that BlueScore deems sufficient. For example, devices made by Chinese vendors on government watch lists such as those made by Huawei would likely to show up red in the app, despite their prevalence in many parts of the world.

There’s also a likelihood that people would see their potentially problematic devices and keep them anyway because they provide necessary or wanted functionality. (Think about Kevin’s debate last week over his Tesla.) Once something’s inside the home and set up, it’s almost too late to inform someone that it’s a data-sucking, privacy-invading problem.

But whatever the shortfalls, I applaud the creation of a fun, easy-to-digest way to see what’s hidden in the world around us so that we can take steps to preserve our privacy. I only hope Czuperski gets BlueScore out of development so more people can play with it.