When nestled all snug in our beds, have you ever wondered what visions dance in a privacy researcher’s head? Well, that’s private. But! The products we’re about to show you do hold a special place in our heads and hearts here at *Privacy Not Included. They’re not just not terrible at privacy. They treat your personal data with respect, and like it belongs to you. That means they protect it (by meeting our security standards), use it in ways you’d expect (mostly to provide you the service or improve it), and don’t try to cash in on it (by selling it) -- that’s something that way too many connected products do these days. And we’re pretty sure these good-at-privacy companies still manage to make money. It’s just that their profit comes from the products they sell and not the data they take. Pretty nifty.

Yes, we’re talking about the products we reviewed for our 2023 Holiday Buyer’s Guide that earn our Best Of distinction. Or, since we’re in a holiday mood, products that made our Nice List. And while nothing that connects to the internet can be 100% secure or private, these companies have pretty dang good privacy practices all things considered. So, we’re doing our best to make sure they get some attention. And because fewer brands than we’d like met that bar this year, we’re also talking about some products that are just OK at privacy.

Ecobee says, “You have invited us into your home, and we promise to keep earning your trust year after year.” Ah, Ecobee! It’s so easy for products that can record inside your home to border on creepy, especially when you combine that capability with a data-greedy company. So when Ecobee says they strive to earn our trust and seems to have solid privacy practices to back that up? That’s very refreshing to see in the often scary Smart Home space.

Like all Best Of products, Ecobee does more than just evade our privacy dings by not over-collecting, sharing, selling, and taking measures to protect your personal data. Here are a couple reasons they earned a thumbs up from us.

👍 Ecobee stood up to Amazon: They said no when that notoriously bad-at-privacy company asked for more information from Alexa-enabled thermostats.

👍Ecobee follows privacy-by-design best practices: They use on-device processing and end-to-end encryption. That helps keep their track record free of data breaches, hacks, and leaks.

👍Ecobee uses data for good: You can opt in to donate your anonymized thermostat data to scientists and public health researchers.

Ecobee’s Smart Camera and Smart Doorbell are also pretty good at privacy. The Blink Video Doorbell is OK too. So are Apple’s Homepod, Homepod Mini, and Apple TV 4K. Former Best Of members iRobot Roomba and Nvidia Shield TV are still pretty good.

Jabra and PocketBook are in the sound-delivering and book-reading businesses only. They collect and “use” the data they need to let you listen and read. The result? They barely collect any of your personal information at all! And that is really the best way to keep it safe. The thing about this category is that, unlike Smart Home and Health & Fitness products, they don’t usually need much personal information to do the thing you want them to -- like let you play games and music or find your stuff. It could all be so simple, but tech companies would rather make it hard. Anyway, back to the good news.

👍PocketBook doesn’t collect any personal information: If you download the Pocketbook Reader app, they’ll collect your email address. That’s IT!

👍Jabra stores your data locally: Jabra says they keep as much data stored on your device as they can to limit the collecting, storing and processing of it -- that’s much less risky than keeping it in the cloud.

Apple’s iPad, AirPods, AirTags are OK. So is the Chipolo ONE Spot and the original Chipolo ONE tracker.

Information about your period, sex life, heart rate, weight, fitness, stress… like Oura says in their privacy policy, “data does not get much more personal than this”! Having detailed information about your own health can help you better understand your body. Plus, it’s fun to check your sleep score, body battery, hydration level, and all those other charts and graphs that connected fitness products show us to make healthy livin’ feel a little bit like a video game.

But it can be embarrassing (at best) or dangerous (at worst) if that information gets into the wrong hands. Garmin and Oura do their best to keep your health information away from advertisers, law enforcement, and pretty much anyone aside from you. And like all Best Of honorees, both brands let users access and delete their super-personal information whenever they want. It is your personal information, after all. That’s something that long-time good-guy Garmin just added to their privacy policy since last year. Now, we’re not saying they did that because we suggested it to them by email… We are a little bit saying that though. But no matter the reason, we love when companies improve their privacy practices! Our DMs are open, as they say.

👍 Garmin made improvements to their already good privacy policy since the last time we reviewed them.

👍 Oura won’t share with law enforcement: they specifically say they “will oppose any request to provide legal authorities with access to user data for surveillance or prosecution purposes, and will notify users if we receive any such request.”

The Withings Thermo and Body Smart Scales are good at privacy too. And the Apple Watch and Whoop 4 are pretty OK as well.

Taking a digital page from Pocketbook, Tamagotchi Uni, iRobot Root, and Artie 3000 Coding Robot just don’t collect personal information on their young users or their parents. Phew! Again, such a great move. One that we’d love to see more grown-up gaming platforms do.

👍 Tamagotchi Uni even keeps your username private: so you can let your freak flag fly, Swiftie_Gorgon_69!

👍iRobot Root has an easy-to-read privacy policy: that clearly states they don’t “collect, store, or process personal information from any person.”

👍Artie 3000 doesn’t collect any data at all: and it even provides its own WiFi so that it doesn’t connect directly to the internet.

Dog-E is pretty good at privacy too.

Want more “nice” product options?

Agh! So do we. Stay tuned for our letter writing campaign. Dear Santa, please make privacy jail a thing… Seriously though, Mozillians (that’s what we call people who work at Mozilla) are working hard behind the scenes to try to raise the bar on privacy legislation in the United States and around the world.

In the meantime, here’s what you can do: The sideways thumb is looking better than ever these days. Products without the *Privacy Not Included warning label that don’t make the “Best Of” cut are generally OK (to different degrees -- read the reviews to know what you’re in for!). If you follow the tips to protect yourself in each review, that can help you preserve more of your privacy. In general, try to:

  • Avoid data-sharing: Don’t use social media accounts to login to new accounts -- like Facebook. Same goes for syncing apps and devices with each other, like your smart scale to a fitness app. When you do, you agree to that third-party’s privacy policies too. It’s messy, confusing, and can result in your sensitive data being exposed.
  • Beef up your cyber hygiene: Choose complex passwords and don’t reuse them. Use two-factor authentication (2FA) whenever you can. And always keep apps and software up-to-date.
  • Take a bit of time during set-up to take advantage of any controls you might have, like disabling locating sharing by default or opting out of targeted ads. Flipping some switches here and there could help you keep way more of your personal data private in the long run.
  • Ask the companies to delete all your personal data when you’re done with them. They won’t always honor that request but you might as well try.

Is there something on your wish list that you didn’t find in the Holiday Guide? Don’t forget, we take requests! Submit your suggestion here.

Jen Caltrider

Jen Caltrider

During a rather unplanned stint working on my Master’s degree in Artificial Intelligence, I quickly discovered I’m much better at telling stories than writing code. This discovery led to an interesting career as a journalist covering technology at CNN. My true passion in life has always been to leave the world a little better than I found it. Which is why I created and lead Mozilla's *Privacy Not Included work to fight for better privacy for us all.

Misha Rykov

Misha Rykov

Kyiv-native and Berlin-based, Misha worked in big tech and security consulting, before joining Mozilla's privacy effort. Misha loves investigative storytelling and hates messy privacy policies. Misha is an advocate for stronger and smarter privacy regulations, as well as for safer Internet.

Zoë MacDonald

Zoë MacDonald

Zoë is a writer and digital strategist based in Toronto, Canada. Before her passion for digital rights led her to Mozilla and *Privacy Not Included, she wrote about cybersecurity and e-commerce. When she’s not being a privacy nerd at work, she’s side-eyeing smart devices at home.

*Privacy Not Included