Warning: *Privacy Not Included with this product
Sixteen body measurements! That's how many things Eufy's high end P2 Pro WiFi and Bluetooth connected smart scale tracks about you. Everything from weight to heart rate, to BMI, to bone mass, muscle mass, and even your scary sounding visceral and subcutaneous fat measurements. Download the EufyLife app and connect your phone to the scale to see all your measurements and get charts and graphs and a full body report. There's even a baby mode and pet mode to record how fast your furry or not-so-furry kids are growing. Eufy also makes some lower end scales that track similar things. They all use the Eufy Life app that can share your (very) personal data with Fitbit, Google Fit, or Apple Health if you connect the app to those services. Eufy does raise a few red flags for us on the privacy front, so here's hoping all your visceral fat data stays private!
What could happen if something goes wrong?
According to Eufy’s privacy policy, they do say they can collect a good deal of personal information on you -- things like name, email, gender, birth date, location, device information, and of course this device collects health data like heart rate, weight, and BMI. And while Eufy says they don’t sell your personal information -- which is good -- they say they can use some of that information to show you ads from them and third party advertisers, which isn’t so good (but also pretty standard on the internet these days).
They also say they can collect personal information on you from third parties who provide it to them, such as law enforcement authorities. This worries us a bit because the way that line in their privacy policy is written is rather vague and seems like it could leave open the possibility they could collect information on users from a variety of third parties, for example, data brokers. And finally, Eufy says they can use your personal information to profile you for the purpose of offering you personalized promotions and discounts. So if you get offered a screaming discount for that weight loss plan and your buddy doesn’t, it could be because Eufy knows more about you than you might want them to know.
It’s great we found no known security breaches of Eufy’s smart scales. Unfortunately, Eufy has had some significant security vulnerabilities with their security cameras. In June 2022, security experts found three security vulnerabilities in Eufy's Homebase 2 video storage and management device that could have allowed hackers to take control of the hub, control it remotely, or steal video footage. Eufy/Anker developed fixes for these security vulnerabilities and released them to users in a timely manner. And in May 2021, Eufy was forced to apologize for a bug that exposed the camera feeds of 712 users to strangers. Eufy said the glitch happened during a software update and “users were able to access video feeds from other users’ cameras.” Eufy said in a statement the glitch was fixed an hour after it was discovered. So, the bad news is, Eufy’s security cameras have had some serious security issues. The good news is, Eufy seems to have stepped up and immediately fixed these bugs and to get them out to their users quickly.
So, the bad news is, Eufy’s security cameras have had some serious security issues. The good news is, Eufy as a company seems to have stepped up and immediately fixed these bugs and to get the updates out to their users quickly. While these security oopsies happened to their video cameras, not their smart scale, it’s a good reminder that bugs happen and software updates can go wrong, which wouldn’t be good for your smart scale (although, you’re probably less vulnerable to a bug in your smart scale than your security camera or smart lock).
What’s the worst that could happen? Well, nobody wants those sixteen body measurements -- including your visceral fat -- shared out to the world. You probably also don’t want to be profiled by the data this smart scale could collect to offer you discounts and promotions. It would suck to be working hard to get back in shape, put on some pounds of muscle, Eufy sees those extra pounds and you start seing ads for discounts on weight loss supplements and that makes you feel bad about gaining weight when you’re really just getting strong and gaining muscle. OK, that might not happen. But, who knows maybe it’s not that far fetched either.
One last thing, if you chose to share data from your Eufy smart scale with a third-party like Fitbit, Google Fit or Apple Health, then you must rely on those companies to keep your personal information secure too. That means more privacy policies to read and more places your data could be vulnerable to leaks or breaches.
Tips to protect yourself
- Be very careful what third party companies you consent to share you health data with. If you do decided to share your health data with another company, read their privacy policy to see how they protect, secure, and share or sell your data.
- Do not sign up with third-party accounts. Better just log in with email and strong password.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
- Keep your app regularly updated
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
- When starting a sign-up, do not agree to tracking of your data if possible.
Can it snoop on me?
Camera
Device: No
App: Yes
Microphone
Device: No
App: No
Tracks location
Device: No
App: Yes
What can be used to sign up?
Yes
Phone
No
Third-party account
No
What data does the company collect?
Personal
Name, email address, gender, age
Body related
Weight, body mass index, body fat, visceral fat, heart rate, and more
Social
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In June 2022, three security vulnerabilities were found in Eufy's Homebase 2 video storage and management device that could have allowed hackers to take control of the hub, control it remotely, or steal video footage. Eufy/Anker developed fixes for these secruity vulnerabilities and released them to users in a timely manner.
In May 2021, Eufy was forced to apologize for a bug that exposed the camera feeds of 712 users to strangers. Eufy said the glitch happened during a software update and “users were able to access video feeds from other users’ cameras.” Eufy said in a statement the glitch was fixed an hour after it was discovered.
Child Privacy Information
Can this product be used offline?
User-friendly privacy information?
Links to privacy information
Does this product meet our Minimum Security Standards?
Encryption
Strong password
Security updates
Manages vulnerabilities
Privacy policy
Dive Deeper
-
Anker’s Eufy division pledges to bolster security following privacy snafu, apologizes againTechHive
-
Huge Eufy privacy breach shows live and recorded cam feeds to strangers9to5Mac
-
Eufy security cameras hit with bug giving access to users feedsPoc Network
Comments
Got a comment? Let us hear it.