I think this is the wrong mental model (attempt to articulate threats from a specific information leakage). The problem I have with this approach is that it ignores "sensor fusion" by treating each leak as independent and defining threats as "things i can picture happening".

I think the correct mental model for this is "leaking bits". Leaking bits is bad, it doesn't take many bits to uniquely identify you and you're also not able to anticipate how those bits might be used in future or correlated with other bits.

Just stop leaking bits when you can avoid it. Then you don't have to mentally model every threat you come across

In a scenario, where the US and China go to an actual shooting war, moving a couple million high-energy-density devices near the most flammable object in a houshold and purposefully setting the device on fire would be an interesting new variety of shock and awe. Not too new actually, thinking about the mossad pager attack.

The concern - for you, maybe nothing. However, the new company could say "turn on microphone for all vacuums in the DC area and send transcripts to us" (trying to capture private conversations of politicians. Or it could do the same for vacuums located new military bases or corporate headquarters. With transcription software and AI, it could simply record and transcribe every conversation it hears and look for important information or mentions of key phrases.

Do you think the Chinese government would ever have reasons to "ask the company forcefully" to take pictures and/or record audio inside specific offices and homes?

Your current device won’t do it but Wi-Fi can now identify people, and because it’s able to penetrate flesh it can identify people by skeleton so that it can’t be hidden by clothing. That’s separate from WhoFi being hard to identify peeler from gestures.[1]

This could be a future where your home devices sell what you look like to data harvesters who can then see you appear in shops which run the same scanners, even through walls where there’s no cameras, connecting back to the person who lives in your house near your future-vacuum cleaner. Even if you leave your phone and devices behind and pay in cash.

The historic privacy we had by virtue of things being physical started to fall slightly with writing and post which the government might intercept, further with telephone calls which the phone company could intercept, further with radio which could be hidden in one room listening, further with CCTV to CRT screen banks and no recording, further to purchases by credit card, then suddenly in the 90s to cellphone tracking and mass internet use, then the 2000s with Bluetooth beacon scanning and CCTV recording to disk and online purchases and unencrypted chat programs, faster in the 2010s where so many people upload their photo streams to Facebook which does face recognition on who is in photos and who is attending events, location tracking apps (all of them asking for that permission), to smartphones tracking location for live traffic and live store busyness ratings, and Hey Siri and Alexa and all the fitness tracker apps, and Ubers and video calling proxies through Microsoft and Google servers, cheap IoT CCTV left open to the world, car license plate tracking cameras…

“What is the concern” - is there really no concern?

[1] https://www.techspot.com/news/109975-wi-fi-can-accurately-id...

What do you mean by "worry a lot about privacy"?

If it is a practical view of privacy, like the "I don't want others to know I have foot fetish" kind, or even typical operational security like not letting others know you own something valuable, then the concern is most likely minor. In fact, it may be a good thing that the data goes to China instead of in your own country, because there is a border somewhat protecting you.

If you take a more general approach of just making less data available about you on the internet, for things like targeted ads, AI, etc... Then US or China shouldn't change much and you should avoid connecting your robot to the internet in the first place, most work without it for the simple "clean" function.

Now if you are a US citizen and a patriot, then yeah, it matters.

I’m curious about this too. I’d worry about a local burglar having this information, but what can a Chinese tech company do with this data that I should be concerned about?

It is extremely difficult, if not impossible, to predict what new information can be derived from the combination of different datasets collected from your devices.

Especially as the N of datasets grows.

I know we have older models for upstairs and down, and saw a newer one with camera at a thrift store. It could have been a different brand, but I saw camera facing up at about 30 degrees and thought to myself, nope. There are reports of it sending revealing pictures I read, and am quite happy that the bump and go ones keep down dust and fur overall. Most of my wifi gadgets have cameras not moving on their own.

... and my floor plan is available online through public records

With that being said, I specifically got a roborock device with only LiDAR and no camera just in case.

device on your network is not concerning to you? I'm not going to explain it to you only because I'd like to see the outcome.