This paper addresses the “bystander privacy” problem arising from smart home devices (e.g., video doorbells, security cameras)—namely, the interdependent privacy risks faced by non-users (e.g., neighbors, passersby) inadvertently captured in shared physical spaces. Through systematic analysis of privacy policies from 20 mainstream devices—employing textual analysis, legal compliance assessment, and case-based reasoning—the study reveals that manufacturers routinely rely on disclaimers to evade accountability, offering no substantive protections for bystanders. As the first empirical study systematically examining bystander privacy in smart home contexts, it innovatively integrates interdependent privacy theory with dual technical–legal perspectives. The work proposes actionable policy-language refinements and privacy-enhancing system design principles aimed at achieving accountability balance, improving transparency, and informing evidence-based regulatory reform.

Smart home devices such as video doorbells and security cameras are becoming increasingly common in everyday life. While these devices offer convenience and safety, they also raise new privacy concerns: how these devices affect others, like neighbors, visitors, or people passing by. This issue is generally known as interdependent privacy, where one person's actions (or inaction) may impact the privacy of others, and, specifically, bystander privacy in the context of smart homes. Given lax data protection regulations in terms of shared physical spaces and amateur joint data controllers, we expect that the privacy policies of smart home products reflect the missing regulatory incentives. This paper presents a focused privacy policy analysis of 20 video doorbell and smart camera products, concentrating explicitly on the bystander aspect. We show that although some of the vendors acknowledge bystanders, they address it only to the extent of including disclaimers, shifting the ethical responsibility for collecting the data of non-users to the device owner. In addition, we identify and examine real-world cases related to bystander privacy, demonstrating how current deployments can impact non-users. Based on our findings, we analyze vendor privacy policies in light of existing legal frameworks and technical capabilities, and we provide practical recommendations for both policy language and system design to enhance transparency and empower both bystanders and device owners.