Great: Now your sex toys are used to spy on you and sell your private habits, too

Humorous concept for a DIY sex toy... also doubles as an excellet exfoliator and knee cap waxer.

The makers of an Internet-connected sex toy have settled to pay a small amount to some 300,000 owners of a vibrator which was used to spy on their sex habits, which the manufacturer collected as individually identifiable data. Additionally, the bluetooth-controlled sex toy device was utterly insecure, allowing remote anonymous administration. In the mess of IoT devices spying on us, we now need to add the bedroom.

In Las Vegas in 2016, at Defcon, hackers g0ldfisk and followr originally disclosed the We-Vibe vibrator vulnerability, observing that anybody in bluetooth range could take control of the device. As the duo noted during their presentation, such an intrusion would amount to sexual assault – meaning we can now add sexual assault to the list of possible consequences of unsecured IoT devices.

This vulnerability – along with a shockingly audacious and undisclosed data collection about its users’ sexual habits, like temperature and sexual intensity, collected insecurely as identifiable data connected to their e-mail addresses – has led up to the class action lawsuit, which has been settled now. The manufacturer, We-Vibe, will pay four million Canadian dollars – expecting this to result in maybe C$500 for a violated individual at best.

The lawyers for the anonymous plaintiffs contended that the app, “incredibly,” collected users’ email addresses, allowing the company “to link the usage information to specific customer accounts.” — US NPR

This is just the start of devices made by engineering morons who may understand their original field – sex toys – but have absolutely no clue about Internet-level security. They are not alone: corporations as large as the biggest banks enjoyed the comfort of having a private network up until just recently, and have had to wake up in a hurry to the fact that all input must be regarded as hostile until proven friendly. The engineering principle of “your code is the last piece of code standing” was something that woke Microsoft up as late as fifteen years ago, and they were late in the IT game, but that’s nothing compared to non-IT players wanting in on the Internet of Things and the Fun Profitable Apps who still haven’t learned.

We can add sexual assault to the list of possible consequences of insecure IoT devices.

Maybe the most egregious thing about all this is that the vibrator maker continues to collect the private data, just with a “clarified” privacy policy, where two things immediately stand out. First, the collection of sex habit data is opt-out, meaning that your sex life will be spied on unless you take active action to not have it be so (having this “opt-out” is strictly illegal in several parts of the world, and for good reason). Second, they reserve the right to sell such data to anyone they like, but dress it in language suggesting the opposite: “We will never sell your usage data to a third party … except for as specified in our policy”. That last part makes the first part completely useless; what this means is “we will sell your usage data to a third party as specified”.

Maybe the most egregious thing about this story is that the vibrator maker continues to collect the private data, just with an obscure-and-opt-out privacy policy saying so.

Your privacy indeed remains your own responsibility.

Syndicated Article
This article was previously published at Private Internet Access.

Rick Falkvinge

Rick is the founder of the first Pirate Party and a low-altitude motorcycle pilot. He works as Head of Privacy at the no-log VPN provider Private Internet Access; with his other 40 hours, he's developing an enterprise grade bitcoin wallet and HR system for activism.

Join the Discussion

Your email address will not be published.

Since I'm not a robot spammer I'm also answering this easy question:

Discussion

  1. geometry dash

    Maybe the most egregious thing about this story is that the vibrator maker continues to collect the private data, just with an obscure-and-opt-out privacy policy saying so. Yes, i agree with you idea

  2. xbox code generator

    Visit the website to get free xbox codes and also grab free membership for online live xbox gaming. These are wonderful and very real and the interface is best designed which suits the most, Its exciting to play xbox games here.

  3. DIMOJABE

    Dateline/SWFL USA:
    First, our news is now so censored here in SW Florida that no one here would ever learn about this event unless they regularly used internet news sources and were specifically interested in privacy and products that can abuse it.

    Second, we are sprayed daily with chemicals – primarily sulfur which is now at 1600 ppm in our rainwater – as wide field atmospheric and weather modification experiments continue daily and nightly over our heads.

    Third, our cell tower and airport tower density is one per half mile and our State legislators (Benacquisto and Fitzenhagen) voted to allow Smart Grid and 5G technology to finally kill us with electromagnetic radiation. (See Dr. Klinghardt on YT for details). People here can barely think most days of the week and it is not uncommon for auto accidents to top 10-20 per morning rush hour for a population of about 500,000.

    Exactly 5 years after the installation of the Smart Meters (2012), two massive cancer “warehouses” were built (one in S. Ft. Myers and one in N. Cape Coral) to harvest the cancer patients caused by the chemicals and electromagnetic radiation. Big development and Big medicine run out Board of County Commissioners. Calls are never returned. E-mails are not responded to. To describe our County Commissioners as unresponsive is an understatement. To oust them requires money. I am leaving for my health and sanity – but, I will try to manifest a return with a documentary filmmaker and a legal team. These Commissioners (and everyone else who has participated) need to reap what they have sown with all of this toxic pollution that they and their corporate owners have fostered here on this environmentally sensitive coast line populated by the health challenged elderly and the working poor.

    We residents of the Naples-Ft Myers, FL USA coastal corridor are living examples of the programmed and short-lived existence the corporations have installed.

arrow