Sure - they _could_, but I've got lightbulbs and power switches that "helpfully" connect to some un branded Chinese "cloud" service - without any normal-user way to even know about it never mind turn it off.
I suspect some of it is so I've got the amazingly useful (nb: may not be useful at all) feature of being able to turn my lounge room lights on and off from my phone while not at home.
Cynical me suspects it's also probably a pretty good way to ensure forced just-put-of-warranty failures...
Pessimist-me assumes the Russians, the Chinese, Mossad, and some kid at the local hackerspace have all pwned the Chines cloud infrastructure and are using backdoor root shells on light globes subversive tshirt purchase history, and they're all cutting each other's throat price discounting as they sell it all as "business intelligence" to my car insurance company and the CBP...
