In this review we will go over Nanoleaf Elements ecosystem according to the Unwanted Cloud methodology to determine whether it is usable without giving away your data, and whether it respects your privacy.
Although our review will use the Nanoleaf Elements, this review also applies to most other light panels that Nanoleaf sells.
While the Nanoleaf is not perfect from a privacy perspective, it strikes a good balance between convenience and usability.
The Nanoleaf app is available on the Android and Apple play store. When launching the app for the first time, we are guided through the initial pairing process. While the app puts a big emphasis on creating a Nanoleaf account and logging in, it is possible to skip this step. The app does not force you to create any account to fully use the device, earning it an A grade.
The device only works connected to your WiFi network. Once the device is configured, you can control it locally, but not remotely (eg. when you’re on your 4G mobile connection), which is expected. Multiple users can have access to the same Nanoleaf device – each user has to go through the pairing procedure, however it is very fast since you don’t have to set up the WiFi every time. A big bonus is that you can pair via NFC, which is very convenient.
The app or website does not allow you to export your data. If you have a cloud account you can enable “Cloud sync” which syncs your rooms and light preset data, however if you do not use a cloud account you will have to set this up again if you ever reset your device.
The Nanoleaf can be controlled locally using a REST API without any cloud connection. See this thread and this Postman collection for information.
We observed that the Nanoleaf device does attempt to continuously communicate with online servers when it is running, but we did not check the contents of the communications. This is not possible to turn off. Considering that many devices in the Nanoleaf product line have a microphone and that WiFi is the only setup option, it is advised that you block the device from communicating with the internet. We confirmed that it was still possible to use the device locally even when it was blocked from communicating with the internet.
Tested on Android using version 1.0 of the Unwanted Cloud methodology.
Leave a Reply