Smart Vibrator Company To Pay $3.75 Million For Private Data Collection

from the masturbatory-metadata dept

Given the often-comedic “security” featured on “smart” tea kettles, televisions, refrigerators and light bulbs — was there any question that your sex toys would suffer from the same problems plaguing other Internet of Things devices?

Last fall, a company named Standard Innovation was sued because its We-Vibe vibrator collected sensitive data about customer usage. Specifically, the device and its corresponding Bluetooth-tethered smartphone app collected data on how frequently (and for how long) users enjoyed the toy, the “selected vibration settings,” the device’s battery life, and even the vibrator’s “temperature.” All of this rather personal data was collected and sent off to the company’s Canadian servers, where the company claims it’s used to conduct research for future products and product updates.

Unlike many IoT products, Standard Innovation does fortunately encrypt this data in transit, but like most IoT companies, it failed to fully and clearly disclose the scope of data collection to customers, what was being done with that data, and how to opt out (or preferably, opt in).

The end result was a lawsuit by one of the device’s users (pdf) claiming this improperly-disclosed data collection violated Illinois privacy laws. This week, Standard Innovation struck a $3.75 million settlement (pdf). Under the terms of the deal, Standard Innovation will designate $3 million of the total for customers who downloaded the app and used it with the We-Vibe device, each individual receiving about $10,000 each. The remaining $750,000 is then destined to be divided between customers who purchased the devices alone, with each individual in that instance receiving roughly $200 each.

The company tells the Chicago Tribune it had learned its lesson about the collection of masturbatory metadata:

“Standard Innovation denied any wrongdoing in the settlement, which spokesman Denny Alexander called “fair and reasonable.” Some changes agreed to in the settlement have been in place since We-Vibe updated its We-Connect app and privacy notice in September, he said.

“At Standard Innovation we take customer privacy and data security seriously. We have enhanced our privacy notice, increased app security, provided customers more choice in the data they share, and we continue to work with leading privacy and security experts to improve the app,” he said.”

Of course the real lesson here continues to be: if you want to be smart about device security in the internet of broken things era, you’re almost always better off with the dumb alternative.

Filed Under: , , ,
Companies: standard innovation

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Smart Vibrator Company To Pay $3.75 Million For Private Data Collection”

Subscribe: RSS Leave a comment
24 Comments
Anonymous Coward says:

Barrister Johnson, “Your Honor, I can prove that my client was NOT at the scene of the murder. She clearly was using her Iot vibrator for 7 hours and could not have been at the scene of the crime!”

Judge Smith, “Mr. Johnson, I am impressed with your attention to detail as well as your client’s stamina. Case dismissed!”

Judge Smith, “Miss Jones, maybe we could go get a cup of coffee after dinner tonight?”

Anonymous Coward says:

I like the phrase Internet of Broken Things…

This reminds me of how often we hear security advice about protecting our personal info from "bad guys".

I’m strongly inclined to think of regular companies and corporations as are part of those bad guys. I think they started all this by believing they could collect, use and sell user data as they please. Many, if not most, didn’t even bother to protect the data from internal or external theft. How much credit card and identity theft came directly from this?

I remember routinely getting junk mail with my social on it. Or having school IDs with my social on it. Boooo!!

Anonymous Coward says:

Re: Re:

I’m strongly inclined to think of regular companies and corporations as are part of those bad guys.

Signs of a company I will avoid:

  1. Using Exact Target, Constant Contact, or other.
  2. Advertised on NPR or FOX (Not because of the network, just that I’ve noticed if it’s on NPR or FOX, they are companies I’d prefer to avoid.)
  3. Has a "sucks" site they run
  4. Did you check the BBB and RipOff Report? Even if there are a lot of complaints, you have to see if they are reasonable or stupid complaints.
  5. Is a media "darling" in any way, shape or form. Because as much as I hate to say it, the common American is an utter, drooling idiot. They might be nice people – most are – but they aren’t the sharpest tool in the box.
  6. Is Sony, Microsoft, AT&T, ComCast, Verizon, T-Moble, or sells product at Radio Shack.
Anonymous Coward says:

My GF and I have one, and it’s pretty fun. It would be more fun if it didn’t constantly drop the connection. We were in a LDR for a while and when it worked properly, it was a ton of fun to be able to remotely control her vibe. She’s since moved in with me, so we have less need for a remote control vibe. ๐Ÿ˜‰

As for the data collection… I’m not particularly bothered. Seems like usage stats. Did it need to be personally identifiable? No. But that seems more like somebody just didn’t think through the implications of how they were collecting the data.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop ยป

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...