The Future We Deserve: Your App-Enabled Dildo Or Butt Plug Could Be Spying On You

Modern times come with modern problems, undoubtedly. 

And look no further for proof of that than a recent C|Net write up detailing how some internet enabled sex toy manufacturers may not be taking privacy as seriously as one might like – especially given the sensitive nature of the types of data it is collecting.

And enabled sex toys are big business. In November of last year, we highlighted how one Nevada brothel was using sex robots and internet-enabled toys to help “satisfy” its customers. 

Sex was on full display at the CES in Las Vegas last week, with all types of internet enabled toys on display. Almost all of these toys connect to apps, which then, in turn, collect data. There are apps that monitor orgasms, save vibration patterns and let you connect with your long-distance partner’s toy. 

And while some in the industry are taking security seriously, the rest of the products are “all over the map”, according to Nicole Schwartz, a researcher for Internet of Dongs (yes, that is actually her company’s name). 

She said: “Two out of three of these companies are not conscientious about security. The ones you are going to see at CES are obviously a little more tech-minded, so you’re seeing a particularly biased section of the market.” 

Back in 2016, when the industry was still budding, Brad Haines founded Internet of Dongs after discovering just how bad security was for sex-toy apps. “It was rather terrifying at the beginning, just how bad it was, This was an industry that never had to deal with connectivity before. There’s no one around to say, ‘That doesn’t seem like a good idea,'” he said.

The device isn’t so much the issue – the app software is where compromises are “more likely” to happen, he notes.

And it isn’t just software that can be compromised that users have to worry about, it’s companies’ misuse of their data. One company, Hong Kong-based Hytto, was accused of “secretly stor[ing] and monitor[ing] the personal data of users of its Lush vibrator — including the time and date of use — without their consent.”

The company’s chief marketing officer responded: “We don’t sell our users’ data, and we only use it for customer service issues, and we wipe those logs regularly.”

We bet you do. 

Soum Rakshit, CEO of another internet enabled sex toy company, MysteryVibe said: “We have no profiles, because we strongly believe nothing is unhackable. A lot of people spend months debating the color of a product. If we can give security the same level of design importance, then we won’t have to worry about it later. The biggest selling point is it saves you time and money if you do it in the beginning.” 

Internet of Dongs researcher Schwartz offered several things you can do if you’re in the market for a toy and want to do your research: “Check their website and see — do they require you to create an account? Do they talk about security? Are they specific at all — do they say things like ‘We encrypt everything’?” 

The consequences of playing it fast and loose (no pun intended) with data are real. They led sex tech company We-Vibe into a lawsuit that ultimately cost them $3.75 million in 2016. 

And this isn’t the only risk that internet-enabled sex toy owners take on. Last September, we also wrote about criminals were hacking these devices and sexually assaulting people using them.

Welcome to the future we all deserve.