Category: Real Estate Privacy Risks

Top 5 Real Estate Privacy Risks for 2023: What American Landlords and Property Managers Should Know – Guest Post


Real Estate Privacy Risks

Landlords and property managers have access to a big sum of information and data. Personal data should be protected at its fullest potential. In the United States, there are certain regulations to organize the safety norms between landlords and tenants. Although landlords need to have information about who they are letting live on their property, there are limits to what information they have the right to access.

These are the essential privacy risks that American landlords and property managers need to know about to take precautions.

1.  Security

Landlords and property managers are legally required to protect the tenants’ private data. Any confidential information that a property owner can access must be secure. This includes information that tenants put in their applications, like security numbers, criminal information, source of income, etc.

Any basic information can be used by criminals for identity theft. Since the landlords have all the data, they must safeguard it. According to the California Privacy Rights Act, every Californian individual has a right to privacy. Therefore, if a landlord ends up sharing the private information of a tenant in any manner, the tenant has a right to sue.

2.  Internet of Things

The Internet of Things, also known as IoT, stands for technologies such as smart locks and other devices that can be controlled with the network. The Internet of Things and the Internet of Real Estate can increase the value of a property, therefore your property manager might advise you to use it. However, they will also advise you to be extra careful while safeguarding the smart key.

If a smart key is read by someone other than a trusted person, you might face a big safety problem. Since the landlord can enter the property at any time, there are only several circumstances under which they are allowed to do so. The landlord can only use the smart key and their information about the lock if there are emergencies. There are important repairs that need to be made (with the tenant’s knowledge) and showcase the property to new tenants if the old ones are moving out.

3.  Privacy Notices

GDPR is General Data Protection Regulation. GDPR sets legal requirements for landlords to protect tenants’ privacy. Before the tenancy agreement is finalized, the property owners are obliged to send the tenants a privacy notice that sets out the landlord’s privacy policy.

The privacy notice should contain the landlord’s name and contact details. The notice is necessary to clear the air, therefore, it should include information about why the tenants should give their personal information to the property owner, what it might be used for, and for how long. The privacy notice must follow the guidelines of GDPR. Therefore, it’s recommended that the landlords read about the norm and get familiar with it before creating a privacy notice.

A landlord can be addressed as a data controller, any individual or group that has a right to determine how and why a tenant’s information can be processed. The data controller is legally obliged to protect all of the personal details in their hands.

4.  Data Rights

Tenants have a right to their data privacy that a property owner and property managers must protect. As a landlord, the law restrains you from using the information regarding the tenants’ usage of utilities and internet service.

According to The New York City Council, the property owner is prohibited from “misusing the smart access system to track the frequency and time of use of the system to harass or evict a tenant”.

The tenants are provided a right to take action if their privacy is violated. Therefore, if the landlord decides to sell the data collected unlawfully through the smart access system, the tenant can sue.

5.  Vendor Management

The landlords must oversee the vendors and participate in their management or hire a good property manager to take matters into their own hands. State privacy laws legally require companies to include specific minimum data protection terms in their vendor contracts. There must be certain restrictions to using private data. The tenants’ personal information should not be floated.

The procurement departments must also have a privacy consul to educate them about the usage of personal information. The minimum privacy requirements must be protected by the landlords according to the law. It’s the property owner’s responsibility to see to the tenants’ information security.


There are some details that property owners and managers must pay close attention to while handling the private data of a tenant. The most essential action a property owner can take is to go through the law in detail. It’s important to learn your state’s legal system and requirements to fully protect and secure the personal information a tenant gives you. The landlord is obliged to keep the tenant’s trust, build a better relationship, and make sure that any private data is safe.