There’s something deeply troubling happening in the Australian robotic vacuum market, and it goes well beyond which Chinese brand is currently top of the pile.

Let’s start with the lies. This month, Dreame boldly declared itself the number one robotic vacuum brand in Australia, citing research from IDC, a globally respected market analysis firm. There’s just one problem: IDC doesn’t collect local Australian appliance data. Not a skerrick of it. The claim was pure fabrication, a marketing stunt dressed up in the borrowed credibility of a legitimate research house. Retailers will tell you the actual story: Roborock holds that top position.

This isn’t an isolated incident. Just months earlier, Ecovacs was making the same number one claim, despite mounting and very public evidence that their products were failing Australian consumers in far more serious ways than inflated market share figures.

Because while these brands squabble over who gets to print “#1” on their packaging, they are staying conspicuously silent about something consumers genuinely need to know: their products may be surveillance devices operating inside your home.

The ABC’s investigation into Ecovacs laid this bare. Hackers exploited Bluetooth chipsets in Ecovacs Deebot vacuums to gain root access, bypass camera PIN codes, and remotely take control of onboard cameras, microphones and speakers. The result? Strangers could silently watch inside Australian homes and broadcast audio through the machine sitting in the corner of the living room.

It is, by any measure, a serious and unacceptable breach.

Security researchers have long described camera-equipped robot vacuums as potential microphones on wheels, and that description has proven chillingly accurate. These devices combine Wi-Fi connectivity, night-vision webcams and smartphone-controlled navigation into a package that, when compromised, becomes a ready-made home surveillance kit for bad actors.

Country Manager for Ecovacs Karen Powell has not responded to our emails or calls.

It gets worse. Researchers at the National University of Singapore demonstrated what they called a LidarPhone attack, showing that even vacuums without microphones could be used to eavesdrop. By analysing how sound vibrations affect LiDAR sensor readings, they were able to recover spoken words with disturbing accuracy. Your robot vacuum doesn’t even need a microphone to listen to you.

A South Korean government inspection of Ecovacs and Dreame products found the Deebot X8 Pro Omni lacked proper app authentication, allowing cleaning images to be accessed by unauthorised third parties. And security analysts have flagged that because many of these brands store data on Chinese cloud infrastructure, including Alibaba and Baidu servers, Australian users’ personal data may be sitting offshore, subject to Chinese data laws rather than our own.

Ecovacs’ response to all of this has been telling. They restructured their Australian operation, installed new Chinese management, and quietly replaced their local PR firm with a Chinese national based here. That is not the behaviour of a company that has addressed a problem. It looks far more like one that is managing a narrative.

The broader issue is this: Australian consumers are being sold products by brands that are more focused on winning a fabricated market share war than on being honest about the risks their devices pose. They are spending hundreds, sometimes over a thousand dollars, on appliances that could be turned against them.

Regulatory scrutiny is increasing, and rightly so. But scrutiny alone is not enough. Consumers deserve straight answers before they buy, not after a television investigation forces them out.

Until these brands demonstrate genuine security accountability and stop manufacturing false credibility with phantom research, Australians would be wise to think very carefully about what they are actually letting through their front door.