Smart sex toys have a single core idea: Take one of the most personal and private parts of a someone's life and hook it up to a network designed for blasting information out for all the world to see. Back in August, it came to light that one wired-up Canadian dildo maker had violated its user's privacy, and now it has to pay up, big time.
When it comes to gadgets, few bonds are more sacred than the one shared by a sex toy and its user. Sadly, one Illinois woman claims her smartphone-connected vibrator betrayed that love, sending (extremely) personal data to Canadian dildo maker Standard Innovation.
Standard Innovation, makers of We-Vibe, settled a lawsuit in federal court last week, and it has agreed to pay its customers up to $US10,000 ($13,191) each for its clandestine collection of intimate data. MarketWatch reports:
According to the lawsuit filed in the North District of Illinois Eastern Division District Court, the We-Connect app was transmitting information including dates and times of use as well as vibration mode and pattern to the company's servers along with personally-identifiable email addresses without notifying customers.
Standard Innovation, which is based in Ontario, Canada, will pay $4 million Canadian dollars ($2.9 million [$AU4 million]) and is now required to collect only non-identifiable information in aggregate form and inform customers it is doing so. Customers who used the app to control the We-Vibe device before Sept. 26, 2016 are eligible for up to $10,000 in fees whereas those who simply bought a device are eligible to receive up to $199 each.
The fact that We-Vibe was collecting user's data was initially revealed by hackers at last year's Def-Con. They showed that the smartphone app-enabled devices were transmitting real-time measurements of things like heat level and vibration intensity to its parent company's servers. That information was stored alongside the customer's email address, creating a ripe trove of data for anyone who might want to put it to nefarious use. All the while, users were in the dark.
Standard Innovation released a statement following the court settlement saying:
At Standard Innovation we take customer privacy and data security seriously. We have enhanced our privacy notice, increased app security, provided customers more choice in the data they share, and we continue to work with leading privacy and security experts to enhance the app. With this settlement, Standard Innovation can continue to focus on making new, innovative products for our customers.
The fact is, the internet of things is well-known to be insecure as hell, and users put their data at risk when using these devices. Even if a company is totally upfront about what data they collect, it's up to the customer to decide if they want to risk that information being available to anyone with the wherewithal to get it. They also must decide if they want a corporation having that data at all.
Don't take pledges from private industry and updated terms of service as reassurance. As the Wikileaks dump of alleged CIA hacking techniques clearly demonstrated, an app's security is only as secure as the phone it's installed on.
Personal embarrassment and blackmail are just two of the potential problems that could arise from this info falling into the wrong hands. If you're the type of person who couldn't care less if anyone knows what you do in the sack, then by all means, buy that smart condom that dubiously claims it can detect STI's. If that type of potential is worrisome to you, maybe stick to the old-fashioned sex toys until this industry gets it together.