Popular Sex Toy Caught Sending Intimate Data To Manufacturer

In a world where thermostats, and smart locks can be hacked, and companies covertly record information, why should sex toys remain unaffected. Fusion is reporting that the We-Vibe 4 Plus, a popular vibrator sends a range of intimate data to its manufacturer. The sex toy uses a smartphone app, which lets a use control the vibration among other things. From the report: When the device is in use, the We-Vibe 4 Plus uses its internet connectivity to regularly send information back to its manufacturer, Standard Innovations Corporation. It sends the device's temperature every minute, and lets the manufacturer know each time a user changes the device's vibration level. The company could easily figure out some seriously intimate personal information like when you get off, how long it takes, and with what combinations of vibes. This was revealed on Friday at hacker conference Defcon in Las Vegas by two security researchers, who wish to be called only by their handles @gOldfisk and @rancidbacon. The two examined the app's code and the information being sent by the device over Bluetooth. In a statement sent by email, Standard Innovation Corporation's president Frank Ferrari confirmed that the company collects this information. [...]

This already happens

[Major+Blud]

" seriously intimate personal information like when you get off, how long it take"

Most Slashdotters already have information like this collected by their ISP ;-)

Re:This already happens

Or, maybe if they saw a common enough trend in the speed/intensity vibrations, they could make some automatic programs that could be run so that women could go through the cycle without having to make manual adjustments, just sit back and enjoy it?

Re:This already happens

[HumanWiki]

Also, if you think something like:

[0:00 to 0:34] Level 1, Speed 4
[0:34 to 1:17] Level 2, Speed 6
[1:17 to 2:01] Level 4, Speed 2
[2:01 to 3:45] Level 6, Speed 7

..is hot, then you're an idiot.

Actually, it's you that is the idiot.

Take a pornographic image of any kind and strip it down to the data layer (that means open it in a text editor of choice) and look at all that garbage text.

If you think that "s(:Ú÷Sòoè/$QÓ4dr£'XåÒúZúsUjÏpáåìa±‘2à¥n úÜê–¦G÷ájç4Íï`Ý^în&ä\ð}.Fú?x¥P. øòzóæ|w;¥Jt/6VÑTUýõ$mHôÿ ]}uóæ|/3àj½óTá`ümØ{*.?@8ÕG3àiå{üæò(#ÿ ñãWQÄÀ—€|åyð£ÎWÀü+‘\]r{25½öBÆaúvç+Ìø'3à~EX©5—ßÝ(ÊÆÛ]" is hot, then you're an idiot...

It's not the data in the raw that's the issue, but what the data in the raw represents.

You joke but..

If you can get over the fact it's about sex, it's actually a pretty good collection of metrics to collect when you're looking to get the best performance out of your product.

They'll take that data and use it to improve future products to better get you off /with science/

Also could provide pretty good data for legit scientific study - It can be hard to get funding to study taboo subjects.

Of course, this all needs to be clearly stated in a privacy policy and data should be anonymized.. That's the real fuck-up here.

Re:You joke but..

[Bruinwar]

Never joke about marketing. Anonymized data will somehow become non-anonymized once they see money being left on the table.

Re:Marketing is a four-letter word

[JustAnotherOldGuy]

Is nothing sacred anymore?

In a word, "no".

I'm the customer, not the product.

In this case, you're both.

Re:Not understanding the issue

[gurps_npc]

The real problem with your philosophy is that so much of that information is secretly personably identifiable.

It is like the extra data a browser gives - things like versions, addons, etc. There is enough variability that you can determine the exact person.

It may not be good enough in a court of law, but it is good enough for a private investigator.

Re:Not understanding the issue

[jenningsthecat]

Does it send the phone's device ID? I didn't see it in the summary.

The article also doesn't even mention the topic of personally identifiable information. That fact alone speaks volumes about the question, given that TFA quotes a rather lengthy statement from the company president, who didn't once take the opportunity to say that the device doesn't collect personally identifiable data.

So I'm genuinely not seeing what's inherently wrong with wanting to understand how products are used and could improve, especially in the burgeoning sexual-health industry.

Please note that "wanting to understand how products are used and could improve" is neither the ethical nor the logical equivalent of collecting private, intimate, real-time data without anywhere informing the purchaser that this is happening. Also, even if the data collected isn't personally identifiable now, it could become so later, and there are plenty of precedents for this.

Another note: when the president of the company says "our policy does disclose that we may collect data", that refers to their website policy; it IS NOT disclosed when the app is downloaded, according to TFA.

Do you see now "what's inherently wrong" with this picture?

Re:Not understanding the issue

[AmiMoJo]

Non-personally identifying data rarely is non-personally identifying. Also, they failed to mention it in their privacy policy, which means they probably broke the law in many EU countries where it is mandatory when data is collected this way.

It's okay if they ask and have an opt-in button, but just doing it on the sly is underhanded and wrong.