A New Year’s Resolution For Your New Devices
Still thinking about your New Year’s resolutions? If so, the Future of Privacy Forum has a practical suggestion: Get to know the privacy implications of your new electronics. Early in the New Year, take a few moments to set up privacy features so you can be comfortable with how your personal data is collected, used and shared.
Here are some of this year’s hot electronics, the information they collect and what you can do to exert some control over how they use your data.
SMART TVS – Understand how to limit sharing data about what you watch.
Smart TVs connect to the Internet to allow users to access streaming video services (such as Netflix or Hulu), or other online media or entertainment, such as music, on-demand video, and web browsers. Almost all TVs on the market today are “smart” – and other devices can be purchased, at relatively small cost, to connect to a regular TV and enable certain video streaming services.
Smart TVs collect a lot of data about your viewing habits, and that information may be shared with companies other than the device manufacturer or connected apps. For example, some advertising companies buy viewing data and add it to detailed profiles that also include offline data, like spending patterns. The information in that profile may determine what ads you are served on your TV, or on other devices, like your phone.
- Tip: Some TVs prompt you to make privacy choices when you first set them up. Other TVs ask for permissions when you try to use specific features that collect data. Either way, you should be able to visit the settings menu at any time to review or change your preferences.
- Tip: If you have the option to set up automatic software updates, do it. That will increase your security and improve the performance of the TV.
- More Information: Check out FPF’s 2017 review of the privacy implications of Smart TVs. Consumer Reports also conducted helpful consumer reviews of Smart TVs in 2018.
VOICE ASSISTANTS – Learn how to manage audio recordings.
Voice assistants, often called smart speakers, offer an amazing amount of information; your wish is its command. They also record a lot of information. Most of these devices are voice or speech-enabled, meaning that they use microphones to detect a certain “wake phrase,” but do not activate and begin recording (and sending information) until they hear that phrase. Most devices keep audio recordings of your commands so they can get better at recognizing your voice over time.
- Tip: You can delete recordings of your voice commands or searches by logging into your account and managing your data history.
- Tip: If you want the device to be responsive at all times, then it will probably pick up snippets of other noises in the room. Some devices may even occasionally activate by accident – for instance, if the device thought something you said was the “wake phrase.” Having a particularly sensitive conversation? Many voice assistants have a hard “mute” switch to turn it off.
- More Information: check out FPF’s 2015 report on microphones in the home: Always On: Privacy Implications of Microphone-Enabled Devices, and 2017 Infographic.
WEARABLE TECH – Understand whether the app shares your health or location data.
Whether it’s a smart watch, a health monitor or an item of clothing, wearable tech is increasingly popular. Lots of wearable tech monitors your health or fitness, but unless it was prescribed by a health professional, it’s probably not covered by the strict privacy rules under the Health Insurance Portability and Accountability Act (HIPAA). Most wearables connect with an app, some of which share user information in unexpected ways. For example, some track a user’s location all the time and share that information with third parties.
- Tip: You should check the app’s privacy practices and use the settings menu on your device to change default settings that you don’t like. It should only take a couple of clicks to prevent an app from collecting location data. Of course, if you want access to that data yourself, you have to let the app collect it – but you may be able to control privacy settings to prevent other uses or sharing.
- More Information: FPF published a guide for companies who provide wearable technology, Best Practices for Consumer Wearables and Wellness Apps & Devices.
CONSUMER GENETIC TESTS – Check the company’s privacy practices before you buy.
Genetic tests provide families with fascinating information about their heritage, and they also involve very sensitive personal information. Genetic data can be used to identify risk for future medical conditions, contain unexpected information that could be unsettling, or reveal sensitive information about the test taker’s family members.
- Tip: Learn how a genetic testing company will protect or use your information before you buy.
Companies in the consumer genetic testing industry worked with the Future of Privacy to develop privacy and data principles. Here are some of the promises made by companies that endorsed FPF’s best practices:
- The company should always obtain your consent before sharing your personal genetic data with any third parties.
- The company should tell you how long it will keep your genetic data, and whether it will destroy your biological sample if you choose.
- The company should tell you if it requires a court order or subpoena before sharing genetic data with the government.
- The company should tell you whether it will limit marketing based on your genetic data, and how.
Read the full report, Privacy Best Practices for Consumer Genetic Testing Services.
CONNECTED TOYS – Be aware of the data they may collect.
If you’ve got kids, they may have new connected toys that respond to voice commands, link to an app, or have to be set up using an online account. Although electronics and data processing can create great experiences for kids, toys that connect to the Internet raise concerns about what kind of data is collected from children, how that data is handled, and whether the device itself is secure.
- Tip: Know whether the toy connects to the Internet. Many “smart toys” can perform sophisticated tasks using hardware on the toy but are not connected to the internet. If the toy is connected, it is usually through an app. Be sure to check the privacy settings on the app as well as the device.
- Tip: If the toy gives you an option to reset the default password for accessing the toy via the app, do it. If you keep the default password – or there is no password – anyone in the vicinity of the toy can control it.
- Tip: Toys that connect to the internet are regulated strictly by the Children’s Online Privacy Protection Act (COPPA), which means they require parental consent before any data can be shared.
- More information: Read FPF’s report, Kids & The Connected Home: Privacy in the Age of Connected Dolls, Talking Dinosaurs, and Battling Robots.
New Year’s Day is a great time to invest a few minutes with your new device’s privacy settings. If you do, you’re less likely to experience a data use disappointment in the future.