Smart Vibrator Company To Pay $3.75 Million For Private Data Collection

from the masturbatory-metadata dept

Fri, Mar 17th 2017 6:37am — Karl Bode

Given the often-comedic "security" featured on "smart" tea kettles, televisions, refrigerators and light bulbs -- was there any question that your sex toys would suffer from the same problems plaguing other Internet of Things devices?

Last fall, a company named Standard Innovation was sued because its We-Vibe vibrator collected sensitive data about customer usage. Specifically, the device and its corresponding Bluetooth-tethered smartphone app collected data on how frequently (and for how long) users enjoyed the toy, the "selected vibration settings," the device's battery life, and even the vibrator's "temperature." All of this rather personal data was collected and sent off to the company's Canadian servers, where the company claims it's used to conduct research for future products and product updates.

Unlike many IoT products, Standard Innovation does fortunately encrypt this data in transit, but like most IoT companies, it failed to fully and clearly disclose the scope of data collection to customers, what was being done with that data, and how to opt out (or preferably, opt in).

The end result was a lawsuit by one of the device's users (pdf) claiming this improperly-disclosed data collection violated Illinois privacy laws. This week, Standard Innovation struck a $3.75 million settlement (pdf). Under the terms of the deal, Standard Innovation will designate $3 million of the total for customers who downloaded the app and used it with the We-Vibe device, each individual receiving about $10,000 each. The remaining $750,000 is then destined to be divided between customers who purchased the devices alone, with each individual in that instance receiving roughly $200 each.

The company tells the Chicago Tribune it had learned its lesson about the collection of masturbatory metadata:

"Standard Innovation denied any wrongdoing in the settlement, which spokesman Denny Alexander called "fair and reasonable." Some changes agreed to in the settlement have been in place since We-Vibe updated its We-Connect app and privacy notice in September, he said.

"At Standard Innovation we take customer privacy and data security seriously. We have enhanced our privacy notice, increased app security, provided customers more choice in the data they share, and we continue to work with leading privacy and security experts to improve the app," he said."

Of course the real lesson here continues to be: if you want to be smart about device security in the internet of broken things era, you're almost always better off with the dumb alternative.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: iot, privacy, security, smart vibrators
Companies: standard innovation

24 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Ninja (profile), 17 Mar 2017 @ 5:16am

Here's me hoping this is turned into some sci-fy porn parody.

Swordfish doesn't count.
[ link to this | view in chronology ]
Anonymous Coward, 17 Mar 2017 @ 6:41am

What, no embedded camera?
How are they supposed to "conduct research for future products and product updates" without video?
[ link to this | view in chronology ]
- I.T. Guy, 17 Mar 2017 @ 7:15am
  
  Re: What, no embedded camera?
  No Accelerometer? Pfft. And they call themselves innovative.
  [ link to this | view in chronology ]
Anonymous Coward, 17 Mar 2017 @ 6:55am

IoT: product in search of a market

ProTip: Stupid products do not have a sustainable market
[ link to this | view in chronology ]
- Anonymous Coward, 17 Mar 2017 @ 8:13am
  
  Re:
  "ProTip: Stupid products do not have a sustainable market"
  
  Huh? What is your address? 101 Under Rock trail?
  [ link to this | view in chronology ]
Anonymous Coward, 17 Mar 2017 @ 7:19am

Barrister Johnson, "Your Honor, I can prove that my client was NOT at the scene of the murder. She clearly was using her Iot vibrator for 7 hours and could not have been at the scene of the crime!"

Judge Smith, "Mr. Johnson, I am impressed with your attention to detail as well as your client's stamina. Case dismissed!"

Judge Smith, "Miss Jones, maybe we could go get a cup of coffee after dinner tonight?"
[ link to this | view in chronology ]
- Anonymous Coward, 18 Mar 2017 @ 1:50pm
  
  Re:
  But, was it her or someone else? That's why it needs the camera!
  [ link to this | view in chronology ]
Bergman (profile), 17 Mar 2017 @ 7:30am

You know...
...for an exhibitionist, that's not a bug. It's a feature!
[ link to this | view in chronology ]
Pixelation, 17 Mar 2017 @ 7:45am

$3.75 million? Well, they're fucked.
[ link to this | view in chronology ]
Anonymous Coward, 17 Mar 2017 @ 7:58am

How many of these companies decide to collect all the data that they can just because they can, and then try and figure out how to profit from it latter?
[ link to this | view in chronology ]
discordian_eris (profile), 17 Mar 2017 @ 8:00am

I guess that the company just learned that truth is a double headed dildo. With telemetry.
[ link to this | view in chronology ]
SteveMB (profile), 17 Mar 2017 @ 8:15am

I guess that the company just learned that truth is a double headed dildo. With telemetry.

But without lube.
[ link to this | view in chronology ]
Anonymous Coward, 17 Mar 2017 @ 9:23am

I like the phrase Internet of Broken Things...

This reminds me of how often we hear security advice about protecting our personal info from "bad guys".

I'm strongly inclined to think of regular companies and corporations as are part of those bad guys. I think they started all this by believing they could collect, use and sell user data as they please. Many, if not most, didn't even bother to protect the data from internal or external theft. How much credit card and identity theft came directly from this?

I remember routinely getting junk mail with my social on it. Or having school IDs with my social on it. Boooo!!
[ link to this | view in chronology ]
- OA (profile), 17 Mar 2017 @ 9:25am
  
  Re:
  Oops. That was me. I thought I was logged in.
  [ link to this | view in chronology ]
- Anonymous Coward, 17 Mar 2017 @ 3:03pm
  
  Re:
  I'm strongly inclined to think of regular companies and corporations as are part of those bad guys.
  
  Signs of a company I will avoid:
  1. Using Exact Target, Constant Contact, or other.
  2. Advertised on NPR or FOX (Not because of the network, just that I've noticed if it's on NPR or FOX, they are companies I'd prefer to avoid.)
  3. Has a "sucks" site they run
  4. Did you check the BBB and RipOff Report? Even if there are a lot of complaints, you have to see if they are reasonable or stupid complaints.
  5. Is a media "darling" in any way, shape or form. Because as much as I hate to say it, the common American is an utter, drooling idiot. They might be nice people - most are - but they aren't the sharpest tool in the box.
  6. Is Sony, Microsoft, AT&T, ComCast, Verizon, T-Moble, or sells product at Radio Shack.
  [ link to this | view in chronology ]
Roger Strong (profile), 17 Mar 2017 @ 11:43am

...and how to opt out (of data collection)

Given the lack of user controls, this is probably activated much like hidden features in games:

Up, Up, Down, Down, Left, Right, Left, Up....
[ link to this | view in chronology ]
Anonymous Coward, 17 Mar 2017 @ 2:24pm

Lots of companies collect lots of data. Where is the line?
[ link to this | view in chronology ]
Rekrul, 17 Mar 2017 @ 3:21pm

"Dear Miss Jones,

You smart vibrator has detected that you have the beginnings of a yeast infection. We recommend that you get that taken care of immediately."
[ link to this | view in chronology ]
- Wendy Cockcroft, 20 Mar 2017 @ 6:26am
  
  Re:
  That would actually be useful, but I daresay they'd follow it up with ads for Canestan everywhere she went online. Now imagine she's carrying out an online search at work. Awkward!
  [ link to this | view in chronology ]
Anonymous Coward, 17 Mar 2017 @ 5:11pm

My GF and I have one, and it's pretty fun. It would be more fun if it didn't constantly drop the connection. We were in a LDR for a while and when it worked properly, it was a ton of fun to be able to remotely control her vibe. She's since moved in with me, so we have less need for a remote control vibe. ;-)

As for the data collection... I'm not particularly bothered. Seems like usage stats. Did it need to be personally identifiable? No. But that seems more like somebody just didn't think through the implications of how they were collecting the data.
[ link to this | view in chronology ]
- Anonymous Coward, 18 Mar 2017 @ 1:56pm
  
  Re:
  > As for the data collection... I'm not particularly bothered.
  
  Cool. Please post your name, username and password along with a release so that we can all enjoy your data. I mean, if it doesn't bother you, then why not?
  [ link to this | view in chronology ]
  - Anonymous Coward, 19 Mar 2017 @ 12:43am
    
    Re: Re:
    We would also like to know if your girlfriend is happy with the dumb alternative or is she moving out?
    [ link to this | view in chronology ]
Anonymous Coward, 17 Mar 2017 @ 8:37pm

Life lessons
Lessons learned the hard way tend to stick to you.
[ link to this | view in chronology ]
Anonymous Coward, 18 Mar 2017 @ 4:11pm

Smart Vibrators
The product on many peoples lips :)
[ link to this | view in chronology ]