I think this page shows some of the disconnect between the people raising the privacy alarm and your average consumer.
The page looks to be targeted at consumers, with the 'creepy' meter that changes as you scroll. However the PS4 and Xbox are considered 'A little creepy' and a sous vide cooker is listed as 'Somewhat creepy'.
Despite the arguments made on the respective pages for why they are creepy (generally "Shares your information with 3rd parties for unexpected reasons") I don't think any consumer on the planet is going to consider any of those gifts even slightly creepy.
In my opinion it weakens the argument for the legitimately creepy products when such innocuous things are included in the list.
Perhaps, but I don't think the solution to the ever-increasing number of devices collecting and distributing ever-increasing amounts of personal data is to shrug and say "well, at least it's not as intrusive as my toaster. Now there's some Orwellian shit". I think it is useful in and of itself to make people aware of the sorts of data that is collected and shared by devices most people don't consider at all related to privacy.
Standard anecdata disclaimer but Nests are a pretty universally liked gift in my circle. It passes the bar of being cool, tasteful, useful, and unlikely that the recipient would purchase one for themselves.
We know there's a disconnect. That's exactly the problem.
Without discussing these things, the bar for 'normal' will simply continue moving.
Consider that in 2018 the term 'spyware' has essentially become meaningless because outside of FOSS products for power users and a few systems for enterprise _everything_ is doing it.
I won't buy my family products that spy on them and will recommend them against buying such. They need a moderating influence that understands the issues and doesn't have a vested interest in screwing them over like advertisers do.
Agreed. Just for starters, there are two tied bad practices here. One is that the "creepy mater" is based on "user ratings" apparently despite being a curated Mozilla branded list. That immediately opens it up too all the normal random masses using it as a medium for non-relevant opinions, trolling, etc. Further it means that they have a list with nothing at all that isn't "A little creepy" so even if someone thinks "well then what should I buy?" there is no answer, which invites a "well whatever" attitude in and of itself.
Further as you point to, a lot of the "creepiness" factor is a function of the delta between expectations and reality, ie. how surprising it is, and the extent to which it's perceived to be avoidable. That can be different then absolute measures of how objectionable something is. To take your example, an internet connected game console these days has some upfront expectation of data collection by virtue of the profile and social features that are right there front and center. Since it's also generally static in a fixed location and used only for a specific purpose, the surprise factor of most of its privacy issues is inherently lower, and the data collection less passive. A cooking tool though might be a lot more subject to surprise at what it's doing.
This list definitely feels very shallow and disconnected from any deeper reasoning about specific security practices, business models, whether a net connection is actually required or not, etc. It's a popularity poll at best, and the actionable advice is minimal. It's a bit disappointing coming from Mozilla, at least to the extent that it's a wasted opportunity on something that the public is growing more aware of.
[X] Can install extensions without my knowledge or consent that do not explain their functionality, and were added based on pressure from the marketing team. https://news.ycombinator.com/item?id=15956325
"This add-on was installed and set to ‘OFF’ and made no changes in the user experience unless it was explicitly turned on by a user, but it was added. Even when turned on no user data was collected or shared."
Edit: Also, the "no data was shared" is a lie or two inches short of one. It injected http headers on requests to NBC sites once activated. No one was logging that?
Mozilla is not allowed to get away with being a little bit shady because they ultimately have good intention.
There is a price to pay to be the "good guy". If Mozilla doesn't want to be good they don't have to be. They don't have to make the mistake Google did.
Thy are listing the PS4 and XBox as a "a little creepy"
They are listing Apple iPad, Apple Watch, Apple TV, Apple Air Pods, Roku, ChromeCast, and Kindle as "somewhat creepy".
I am concerned about my privacy and avoid "smart" speakers, appliances, etc, but do not find the devices I listed above "creepy".
Do you trust the xbox one to keep its microphone always off? I own one but do find it a little creepy. I keep the kinect turned around away from the room, and have the setting to make it turn fully off. This means annoying waits sometimes when it insists on a software update when turned on, but I think the setting is worth it.
I don't really get some of these ratings. They give a thumbs-down to fitbit and other gps watches because they track location and speed, etc. Yes that is the entire purpose of buying those products, so I don't really get the presenting of that as a negative feature. It's like rating an email app poorly because it processes your emails.
Let me condense that to the relevant bit. All emphasis is mine.
> How Information Is Shared
> We do not share your personal information except in the limited circumstances described below.
> For External Processing
> We transfer information to our corporate affiliates, service providers, and other partners (so, basically anybody) who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research (so we can ad target you), and surveys.
If I buy a gadget to track my personal exercise routine, it is definitely unexpected that my whereabouts are being monitored by advertising companies. Does Apple do the same with their fitness data on the watch?
Apple shares personal information with companies who provide services such as information processing, extending credit, fulfilling customer orders, delivering products to you, managing and enhancing customer data, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys. These companies are obligated to protect your information and may be located wherever Apple operates.
Since the software is proprietary, and you are not making an official announcement on behalf of fitbit, why should we believe you? What you say directly contradicts the privacy policy[0] on your employer's website, which certainly states that they have the freedom to share your information 'with others': "You may also authorize us to share your information with others" and "We transfer information to our corporate affiliates, service providers, and other partners who process it for us"
Who expects a fitness tracker to share information to 3rd parties at all? I bet if you asked any of fitbit's customers if they expected fitbit to share their information with <insert random 'data processing' company here>, they would not have expected that.
But a contractor working on your codebase (which is what I believe you were implying) isn't the same as providing user data to a third party (for processing or for advertising and so on).
Providing data to third parties for processing is clearly different (and as an ex-user of one of Fitbit's products I definitely wouldn't have expected that this is the case -- Fitbit's fitness tracking is so core to the company that I wouldn't expect the processing of said data to be outsourced.) Yeah, it's in your privacy policy but that's just a cop-out (by that metric, no product can unexpectedly send data to third-parties).
I think you're making assumptions about the kind of information that's shared. The kind of example to think of is when you buy from Fitbit and your information gets sent to a payment processor.
Here's the whole paragraph:
We transfer information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research, and surveys.
I'll spell this out since downvotes seem to indicate some people do not get it. "You may also authorize us to share your information with others" is not an unexpected reason for information to be shared. For example, if you install Strava and authorize Fitbit to share your information with Strava, the sharing is expected.
Tangential to this discussion, but given that you're a Fitbit employee...
Do you have any particular insight as to why Fitbit still doesn't support the Apple Watch at all?
I've made my choice of wearable (mostly due to forgetting to take my Charge HR off when going swimming) and don't particularly want to be in a fitness-tracker-akimbo situation again.
The primary value proposition of the Fitbit app (to me) is the social/competition aspect. MobileTrack clocks in anywhere between 2000-9000 steps/day short compared to my watch or my old Fitbit (as I don't carry my phone everywhere I go).
I guess this might not be totally tangential to the sibling thread that followed, as I guess the reason is my activity data isn't valuable enough to Fitbit as a business, which relies primarily on equipment sales?
Eitherway, I'd love to keep using the Fitbit app. The competitions, the badges, they're all great, and way better than the Apple Watch's social/competition functions. Unfortunately, the rest of the product lineup no longer appeals now that I have the AW.
I'm happy to share my personal opinions on a lot of topics. This one I don't know about and don't have any more insight than you. Your question kind of touches on future product direction, and in that area I'll keep quiet, not even saying what I do or don't know.
Tracking your location and speed is fine. What is creepy is sending that data off to fitbits servers where they do whatever they want with it. Fitbit have also been known to hand over your health data to police when requested.
There is literally no reason a fitness device could not do everything locally.
Gadgetbridge is an open source app that reverse engineers the protocols from many popular watches but the health page on the app is super basic. Could really do with a clean up and better charts
I don't see the purpose of this page. It's not a guide, it's a poll. Why would I base my decisions about personal privacy on the uninformed opinions of a bunch of random people?
I see this as nothing more than a fun poke by Mozilla at the overwhelming majority of the technology industry—those who treat privacy as a nuisance at best and as a non-event at worst. Mozilla are giving people like myself the fun of clicking on the Amazon Echo or Google Home and voting "Super creepy," chuckling to ourselves about our virtuousness before closing the tab in Firefox.
I doubt they expect this page to be used by many laypeople. Maybe a few techies will toss a link out to their families as a rough crowdsourced assessment of the degree to which some popular devices respect user privacy. The inclusion of several nearly-unknown high-privacy options seems to be a reminder that there are alternatives; probably more difficult to use or less capable, but alternatives to the mainstream data-harvesting devices you see routinely advertised.
I think it's lighthearted fun intended to illustrate Mozilla's mission of being advocates for privacy, to a degree that we have become unfamiliar as a society in the age of everything-as-a-service.
Yeah, there are probably some inaccuracies. But frankly, unless you're selling a device that allows you to run the services on your own host using open source software (the way Mozilla does [1]), it's fair game to say that it's possible you are not sufficiently respecting user privacy. How can we as users be sure if all we can measure is that, indeed, the device sends data off-network to the "cloud?"
If you genuinely respect user privacy, you should allow a user to wholly own the data in the most pure form possible: they never send it to you.
I think it's an important list, even if somewhat sloppy. It would be to everyone's advantage if product reviewers like Consumer Reports, various tech columnists, blogs and so on, got the message that privacy matters. They need to start including privacy as a component of their review.
Pressure for companies to go green has worked over time; pressure for companies to go "quiet" -- that is pro-privacy -- could have the same effect.
The most disturbing thing about the state of privacy is the households that purchase a multitude of devices that collect, link, and resell data about you.
As an example, Imagine the household that has multiple gmail accounts, multiple android phones, everyone uses google maps, Chrome on every desktop, google for search, they add a Nest thermostat, a few Dropcams, and for good measure they use 8.8.8.8 and 4.4.4.4 for all of their DNS queries.
You can live in nearly the same world with Amazon and others.
How is the Roku on this list? I have a pihole setup to do network level adblocking and telemetry disabling and the Roku is the absolute worst device. Thousands and "phone homes" per day that are not needed for the device to function properly. I can only assume it is feeding data back to the mothership at a very high rate.
The first time I saw an Elf on the Shelf in boxed form, and how heavy the box was, I assumed it had a surveillance camera in it. Apparently it doesn't, usually.
My favourite thing about these lists is that they're dominated by the views of mild paranoiacs. A normal person will open the page, see a frowny face next to an Xbox One, and decide that the list is bullshit.
Most privacy advocates are the strongest enemies of their own causes. They only accept purity and it encourages everyone to ignore them.
Good list! With the holidays coming up I have already started thinking about choosing gifts for my family and friends. I have already bought a tribal skull carved leather biker wallet (https://www.bikerringshop.com/products/tribal-skull-carved-l...) for my husband. Now I'm looking for the ideas for other people I want to present. So, thanks for sharing, I'll look through this list one more time and I'm sure I'll find something useful there. Thanks!
50 comments
[ 3.4 ms ] story [ 104 ms ] threadThe page looks to be targeted at consumers, with the 'creepy' meter that changes as you scroll. However the PS4 and Xbox are considered 'A little creepy' and a sous vide cooker is listed as 'Somewhat creepy'.
Despite the arguments made on the respective pages for why they are creepy (generally "Shares your information with 3rd parties for unexpected reasons") I don't think any consumer on the planet is going to consider any of those gifts even slightly creepy.
In my opinion it weakens the argument for the legitimately creepy products when such innocuous things are included in the list.
'has parental controls': can't determine
well, it's a blooming thermostat. You can lock the thing out.
That's more 'parental control' than any standard thermostat.
creepy meter? as a gift for a non-family member? yeah, that's weird.
Without discussing these things, the bar for 'normal' will simply continue moving.
Consider that in 2018 the term 'spyware' has essentially become meaningless because outside of FOSS products for power users and a few systems for enterprise _everything_ is doing it.
I won't buy my family products that spy on them and will recommend them against buying such. They need a moderating influence that understands the issues and doesn't have a vested interest in screwing them over like advertisers do.
Further as you point to, a lot of the "creepiness" factor is a function of the delta between expectations and reality, ie. how surprising it is, and the extent to which it's perceived to be avoidable. That can be different then absolute measures of how objectionable something is. To take your example, an internet connected game console these days has some upfront expectation of data collection by virtue of the profile and social features that are right there front and center. Since it's also generally static in a fixed location and used only for a specific purpose, the surprise factor of most of its privacy issues is inherently lower, and the data collection less passive. A cooking tool though might be a lot more subject to surprise at what it's doing.
This list definitely feels very shallow and disconnected from any deeper reasoning about specific security practices, business models, whether a net connection is actually required or not, etc. It's a popularity poll at best, and the actionable advice is minimal. It's a bit disappointing coming from Mozilla, at least to the extent that it's a wasted opportunity on something that the public is growing more aware of.
[X] Can install extensions without my knowledge or consent that do not explain their functionality, and were added based on pressure from the marketing team. https://news.ycombinator.com/item?id=15956325
Edit: Am I being unfair here?
"This add-on was installed and set to ‘OFF’ and made no changes in the user experience unless it was explicitly turned on by a user, but it was added. Even when turned on no user data was collected or shared."
Edit: Also, the "no data was shared" is a lie or two inches short of one. It injected http headers on requests to NBC sites once activated. No one was logging that?
There is a price to pay to be the "good guy". If Mozilla doesn't want to be good they don't have to be. They don't have to make the mistake Google did.
Thy are listing the PS4 and XBox as a "a little creepy" They are listing Apple iPad, Apple Watch, Apple TV, Apple Air Pods, Roku, ChromeCast, and Kindle as "somewhat creepy".
I am concerned about my privacy and avoid "smart" speakers, appliances, etc, but do not find the devices I listed above "creepy".
The guide says of Fitbit Versa, "Shares your information with 3rd parties for unexpected reasons: yes". This is false.
The rating may just be by vote, but there's no excuse for getting the facts wrong.
> How Information Is Shared
> We do not share your personal information except in the limited circumstances described below.
> For External Processing
> We transfer information to our corporate affiliates, service providers, and other partners (so, basically anybody) who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research (so we can ad target you), and surveys.
If I buy a gadget to track my personal exercise routine, it is definitely unexpected that my whereabouts are being monitored by advertising companies. Does Apple do the same with their fitness data on the watch?
You're free to speculate on the worst possible implications of their privacy policy too. Here's an excerpt from https://www.apple.com/legal/privacy/en-ww/
Service Providers
Apple shares personal information with companies who provide services such as information processing, extending credit, fulfilling customer orders, delivering products to you, managing and enhancing customer data, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys. These companies are obligated to protect your information and may be located wherever Apple operates.
Since the software is proprietary, and you are not making an official announcement on behalf of fitbit, why should we believe you? What you say directly contradicts the privacy policy[0] on your employer's website, which certainly states that they have the freedom to share your information 'with others': "You may also authorize us to share your information with others" and "We transfer information to our corporate affiliates, service providers, and other partners who process it for us"
0. https://www.fitbit.com/legal/privacy-policy#how-info-is-shar...
Providing data to third parties for processing is clearly different (and as an ex-user of one of Fitbit's products I definitely wouldn't have expected that this is the case -- Fitbit's fitness tracking is so core to the company that I wouldn't expect the processing of said data to be outsourced.) Yeah, it's in your privacy policy but that's just a cop-out (by that metric, no product can unexpectedly send data to third-parties).
Here's the whole paragraph:
We transfer information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research, and surveys.
Do you have any particular insight as to why Fitbit still doesn't support the Apple Watch at all?
I've made my choice of wearable (mostly due to forgetting to take my Charge HR off when going swimming) and don't particularly want to be in a fitness-tracker-akimbo situation again.
The primary value proposition of the Fitbit app (to me) is the social/competition aspect. MobileTrack clocks in anywhere between 2000-9000 steps/day short compared to my watch or my old Fitbit (as I don't carry my phone everywhere I go).
I guess this might not be totally tangential to the sibling thread that followed, as I guess the reason is my activity data isn't valuable enough to Fitbit as a business, which relies primarily on equipment sales?
Eitherway, I'd love to keep using the Fitbit app. The competitions, the badges, they're all great, and way better than the Apple Watch's social/competition functions. Unfortunately, the rest of the product lineup no longer appeals now that I have the AW.
There is literally no reason a fitness device could not do everything locally.
Would be interested in such a device if they were available.
> We created this guide to help you buy safe, secure products this holiday season.
Because "we created this poll so you can see what other people think is safe, secure products this holiday season" doesn't sound nearly as good.
So they made a guide, that's really a poll. What do you mean you can have your cake and eat it too?
I doubt they expect this page to be used by many laypeople. Maybe a few techies will toss a link out to their families as a rough crowdsourced assessment of the degree to which some popular devices respect user privacy. The inclusion of several nearly-unknown high-privacy options seems to be a reminder that there are alternatives; probably more difficult to use or less capable, but alternatives to the mainstream data-harvesting devices you see routinely advertised.
I think it's lighthearted fun intended to illustrate Mozilla's mission of being advocates for privacy, to a degree that we have become unfamiliar as a society in the age of everything-as-a-service.
Yeah, there are probably some inaccuracies. But frankly, unless you're selling a device that allows you to run the services on your own host using open source software (the way Mozilla does [1]), it's fair game to say that it's possible you are not sufficiently respecting user privacy. How can we as users be sure if all we can measure is that, indeed, the device sends data off-network to the "cloud?"
If you genuinely respect user privacy, you should allow a user to wholly own the data in the most pure form possible: they never send it to you.
[1] https://github.com/mozilla-services
Pressure for companies to go green has worked over time; pressure for companies to go "quiet" -- that is pro-privacy -- could have the same effect.
As an example, Imagine the household that has multiple gmail accounts, multiple android phones, everyone uses google maps, Chrome on every desktop, google for search, they add a Nest thermostat, a few Dropcams, and for good measure they use 8.8.8.8 and 4.4.4.4 for all of their DNS queries.
You can live in nearly the same world with Amazon and others.
Sigh.
1. Anonymous
2. Hard to game
3. User privacy
Pick two!
Most privacy advocates are the strongest enemies of their own causes. They only accept purity and it encourages everyone to ignore them.