Data Privacy and Cybersecurity

How Your Holiday Tech Gift Could Compromise Other People's Privacy

Consumer privacy advocacy groups and other tech companies want to inform shoppers on how gadget gifts may compromise user security.

How Your Holiday Tech Gift Could Compromise Other People's Privacy
Getty Images / Chip Somodevilla
SMS

Gadgets make popular holiday gifts, but recently gadget-makers like GoogleAmazon and Facebook have struggled with data and privacy issues. Experts have reinforced a message to shoppers: if you buy smart technology for anyone, make sure you know how it might affect their privacy.

Devices like smart speakers or fitness trackers are part of the "internet of things," which, unlike phones or laptops, often transmit data without prompting from a human. These devices often contain data recorders or GPS connectivity, and they're everywhere — research firm Gartner predicts by 2020, there will be an estimated 20 billion connected devices in use.

Privacy researchers say these devices often can't guarantee privacy or data security. It's difficult to tell what information they collect, and who it might be shared with. Experts also say even where the tech exists to make devices more secure and data transparent, there's little political, economic or social incentive for companies to do so.

To help consumers know what they're getting, several privacy advocacy groups have launched warning campaigns for potentially insecure devices. Mozilla has a "Privacy Not Included" guide, which rates and aggregates privacy news on dozens of popular holiday gift gadgets. 

62 of the products on the list met Mozilla's minimum security standards: they do things like encrypt their data, and update their software automatically. But eight devices fell short — including three of Amazon's Ring products. Those cameras were shown to be risky recently, when hackers gained access and used them to speak directly to users. 

So, before you buy a new device for yourself or for others, researchers say it's a good idea to look into the company behind it, for potential privacy or security issues.