If you're running Home Assistant, you probably consider yourself part of the self-hosting elite. You've wrestled with Docker containers, configured YAML files, and proudly disconnected from cloud services. But here's the uncomfortable truth: your notification data might be sitting on Google's servers right now, completely unencrypted. And you probably had no idea.
Back in late 2024, a quiet documentation update sent shockwaves through the Home Assistant community. The official companion app documentation finally acknowledged what some privacy-conscious users had suspected: notification content passes through Google Firebase in plain text. For a community built on privacy and local control, this revelation felt like a betrayal of core principles.
In this deep dive, we'll explore exactly what this means for your smart home privacy, why it matters even if you think "it's just notifications," and most importantly—what you can do about it. By the end, you'll understand the trade-offs, know your options, and be able to make informed decisions about your notification strategy in 2026.
The Self-Hosting Illusion: When Local Isn't Really Local
Let's start with the psychology here. When you install Home Assistant, you're making a conscious choice to keep your data local. You're opting out of Google Home, Amazon Alexa, and Apple HomeKit specifically because you don't want your private moments—when you're home, when you're away, what devices you use—sitting on corporate servers. The entire appeal is control.
But notifications create a weird loophole. Your Home Assistant instance runs locally on your Raspberry Pi or NUC. Your automations trigger locally. But when you want to push a notification to your phone—"Front door opened at 2:37 AM" or "Basement temperature critical"—that message needs to reach your mobile device. And that's where the system breaks down.
The Home Assistant companion apps for iOS and Android use Firebase Cloud Messaging (FCM) as their delivery mechanism. This is Google's push notification service, the same infrastructure that delivers notifications from Gmail, WhatsApp, and thousands of other apps. When your Home Assistant sends a notification, it doesn't go directly to your phone—it goes to Google's servers first, then Google pushes it to your device.
Now, here's the crucial part: the notification content itself—the actual text—isn't encrypted during this transit. The documentation states this plainly: "Notification content might be read/processed by iOS/Android OS as well." That "might be" is doing a lot of heavy lifting. In practice, it means Google's systems can see exactly what your Home Assistant is telling you.
What's Actually Exposed? Beyond Just "Notification Text"
When people hear "notification content," they often think "just the message text." But in Home Assistant's context, this can include surprisingly sensitive information. Let me give you some real examples from my own setup—and from what I've seen in community forums.
First, there are the obvious privacy concerns: security alerts. "Motion detected in backyard at 11:23 PM" or "Front door unlocked while away"—these notifications literally tell anyone with access to the Firebase data when your home might be vulnerable. But it goes deeper than that.
Many users create notifications for health monitoring: "Blood pressure reading high: 145/92" or "Medication reminder: take heart medication at 8 PM." Others use notifications for financial tracking: "Electricity usage exceeded daily budget" or "Bank balance below threshold." Some even get creative with personal tracking: "Habit tracker: Missed daily exercise" or "Mood log entry recorded."
Then there's the metadata. While the documentation focuses on content, the notification structure reveals patterns. Frequency of notifications tells Google how active your smart home is. Timing patterns reveal your sleep schedule (those 3 AM "basement freezer temperature normal" checks add up). Device names in notifications—"Master Bedroom AC," "Kids' Room Light"—paint a picture of your home layout and family structure.
And here's something most people don't consider: notification IDs and entity names. When your notification says "Living Room Motion Sensor triggered," that entity name travels through Firebase too. Over time, Google builds a profile not just of what's happening, but of how your smart home is organized.
Why This Architecture Exists: The Practical Reality
Before we get too deep into outrage, let's understand why Home Assistant uses this architecture. It's not because the developers don't care about privacy—quite the opposite. The Home Assistant project has been remarkably principled about local control. So why Firebase?
First, battery life. Direct communication between your phone and your Home Assistant server would require your phone to maintain a constant connection. This murders battery life. Firebase Cloud Messaging allows your phone to receive notifications while sleeping efficiently, waking only when needed.
Second, network complexity. Most home networks use Carrier-Grade NAT, dynamic IPs, and firewalls. Having your phone connect directly to your Home Assistant instance when you're away from home requires complex networking setup: VPNs, reverse proxies, dynamic DNS. For the average user, this is a massive barrier to entry.
Third, reliability. Google's infrastructure has absurd uptime. Your self-hosted Home Assistant instance might go down during a power outage or maintenance. Firebase ensures notifications still get through when your server is temporarily unavailable.
Fourth, platform requirements. Both iOS and Android heavily optimize for their respective push notification services. Alternative approaches often get deprioritized by the operating system, leading to delayed or missed notifications.
The developers faced a classic engineering trade-off: perfect privacy versus practical usability. They chose the path that would work for most users, most of the time. But for the privacy-focused segment of their user base—which is arguably their core audience—this compromise feels significant.
The OS Layer: Your Phone Already Knows Everything Anyway
Here's the counter-argument that comes up constantly in discussions: "Your phone's operating system already sees all notifications anyway. What's the difference if Google sees them too?"
It's a fair point, but it misses some important distinctions. When iOS or Android processes notifications locally on your device, that data stays on your device (in theory, at least). The processing happens locally for features like notification summarization, priority sorting, or voice readouts.
When that same data goes through Firebase, it's on Google's servers. Now it's subject to Google's data retention policies, available to Google's algorithms, and potentially accessible to Google employees under certain circumstances. It also becomes part of your broader Google profile if you're using Android with a Google account.
But more importantly—and this is what really bothers the self-hosting crowd—it represents a loss of control. You chose Home Assistant specifically to avoid this kind of external dependency. You might accept that Apple sees your notifications if you use an iPhone, but adding Google to the mix feels like unnecessary exposure.
There's also the principle of data minimization. Even if you trust Google (and that's a big "if" for many in this community), good security practice says you shouldn't share data unnecessarily. If there's a way to deliver notifications without exposing content to third parties, shouldn't that be the default for a privacy-focused platform?
Alternative Notification Methods: Your Privacy Options
Okay, so Firebase makes you uncomfortable. What are your actual alternatives in 2026? Fortunately, the Home Assistant ecosystem has evolved significantly, and you've got several options depending on your technical comfort level.
1. The Fully Local Approach: Nabu Casa's New Encrypted Channel
In early 2025, Nabu Casa (the company behind Home Assistant) introduced an optional encrypted notification channel for subscribers. This uses end-to-end encryption between your Home Assistant instance and their relay servers. The notification content is encrypted before it leaves your network and only decrypted on your device. It's not fully self-hosted (it still uses Nabu Casa infrastructure), but it removes Google from the equation. At $6.50/month, it's the easiest privacy upgrade.
2. Matrix/Element Notifications
If you're already running a Matrix server (or are willing to), this is arguably the most elegant solution. The Matrix integration allows Home Assistant to send notifications to any Matrix room. Since you can self-host both ends—Home Assistant and your Matrix server—you maintain complete control. The notification travels through your own infrastructure. The downside? You need to keep the Matrix/Element app running on your phone, which uses more battery than native push notifications.
3. Gotify or Apprise
These are dedicated notification servers you can self-host. Gotify is beautifully simple—just a server and mobile apps that maintain WebSocket connections. Apprise is more flexible, supporting dozens of notification services. Both require your phone to maintain a persistent connection to your server, which brings us back to the battery life trade-off. They work best when you're on Wi-Fi, but can struggle with mobile networks.
4. Email or SMS Fallbacks
For critical notifications only, consider using email or SMS. These aren't suitable for high-frequency notifications (imagine getting a text every time a light turns on), but for security alerts or system warnings, they work reliably. The privacy trade-off here is giving your telecom provider or email host the notification content instead of Google.
5. VPN + Direct Connection
The purist's approach: set up a VPN on your home network, connect your phone to it, and have Home Assistant send notifications directly. This is technically the most private option—everything stays on your network. But it requires significant networking knowledge, and your phone needs to maintain a VPN connection constantly, which impacts battery and sometimes breaks when switching between Wi-Fi and cellular.
Implementing Secure Notifications: A Practical Guide
Let's get hands-on. If you've decided to move away from Firebase notifications, here's how to implement a more private solution. I'll focus on the Matrix approach since it offers a good balance of privacy, reliability, and self-hosting.
First, you'll need a Matrix server. Synapse is the reference implementation, but Dendrite is lighter and easier to run. If you're already using Docker, the setup is straightforward. Create a dedicated user for Home Assistant on your Matrix server—don't use your personal account.
In Home Assistant, install the Matrix integration via HACS (Home Assistant Community Store). You'll need to configure it with your server URL, username, and password. Create a dedicated room for notifications, and invite your Home Assistant bot user.
Now, replace your notification calls. Instead of:
service: notify.mobile_app_your_phone
data:
message: "Front door opened"
title: "Security Alert"You'll use:
service: notify.matrix
data:
message: "Front door opened"
target: "!yourRoomId:your.server.com"On your phone, install the Element app (or any Matrix client). Join the notification room, and configure it to send persistent notifications. The key here is setting notification priority to "high" so they break through Do Not Disturb if needed.
Pro tip: Create automations that use different notification methods based on urgency. Critical security alerts? Use Matrix. Routine status updates? Maybe those can stay on Firebase if you're comfortable with the trade-off. This hybrid approach gives you privacy where it matters most without sacrificing convenience everywhere.
Common Questions and Misconceptions
"Does this affect all Home Assistant notifications?"
No. Only notifications sent through the official companion apps' notification service use Firebase. Notifications sent through other integrations (Telegram, Discord, email) use their respective channels.
"What about iOS vs Android?"
Both use Firebase Cloud Messaging. Apple actually uses FCM for push notifications on iOS too, though they route it through Apple's servers first. The privacy implications are similar across platforms.
"Can Google read my notifications if they're encrypted in transit?"
Standard FCM notifications are encrypted between Google's servers and your device, but Google has the keys. The content is accessible to Google's systems. True end-to-end encryption means only the sender and receiver have the keys.
"What about notification images?"
Images in notifications are particularly problematic. They're often stored on Firebase Storage temporarily, creating another point of exposure. Security camera snapshots sent as notifications definitely pass through Google's infrastructure.
"Is this a backdoor or intentional surveillance?"
Almost certainly not. This is just how modern push notification services work. The privacy issue is a side effect of choosing convenience and reliability over absolute control. Google isn't "spying" on your Home Assistant notifications—they're just processing them as they do for every app using FCM.
The Future: Where Do We Go From Here?
As we move through 2026, I'm seeing positive developments. The Home Assistant community's reaction to this revelation has pushed privacy higher on the priority list. The encrypted Nabu Casa channel shows that solutions exist when there's demand.
I'm particularly excited about emerging standards like WebPush with end-to-end encryption. The W3C is working on standards that would allow browsers and apps to receive encrypted push notifications without exposing content to the push service. When these mature, Home Assistant could implement them for truly private notifications without the battery life trade-offs.
There's also growing interest in decentralized push notification networks. Imagine a peer-to-peer system where Home Assistant instances could relay notifications for each other, creating a mesh network that doesn't depend on Google or Apple. It's technically challenging, but the self-hosting community loves challenges.
In the meantime, my recommendation is this: audit your notifications. Which ones contain truly sensitive information? Start by securing those. Use a hybrid approach that balances privacy with practicality. And most importantly—stay informed. The landscape changes quickly, and better solutions are always emerging.
Making Your Choice: Privacy vs Convenience in 2026
Here's the bottom line: every notification method involves trade-offs. Firebase offers incredible reliability and battery efficiency at the cost of exposing content to Google. Fully local methods preserve privacy but require more setup and impact battery life. Encrypted cloud services like Nabu Casa's new offering sit somewhere in between.
Your choice depends on your threat model. If you're avoiding Google on principle, you'll want fully local notifications. If you're mostly concerned about sensitive data exposure, encrypt your critical notifications and accept Firebase for routine alerts. If you just want things to work reliably with minimal fuss, the standard Firebase approach might be acceptable—as long as you go in with eyes open.
The real issue wasn't that Home Assistant uses Firebase—it's that many users didn't know. Now you do. You understand the architecture, the alternatives, and the trade-offs. That knowledge lets you make intentional choices about your smart home's privacy boundaries.
Check your notification automations today. Look at what data you're sending through Firebase. Ask yourself: "Would I be comfortable with a Google employee reading this?" If the answer is no, you've got work to do. The beautiful thing about Home Assistant is that you control the system. You get to decide where to draw the privacy line.
