When nestled all snug in our beds, have you ever wondered what visions dance in a privacy researcher’s head? Well, that’s private. But! The products we’re about to show you do hold a special place in our heads and hearts here at *Privacy Not Included. They’re not just not terrible at privacy. They treat your personal data with respect, and like it belongs to you. That means they protect it (by meeting our security standards), use it in ways you’d expect (mostly to provide you the service or improve it), and don’t try to cash in on it (by selling it) -- that’s something that way too many connected products do these days. And we’re pretty sure these good-at-privacy companies still manage to make money. It’s just that their profit comes from the products they sell and not the data they take. Pretty nifty.

Yes, we’re talking about the products we reviewed for our 2023 Holiday Buyer’s Guide that earn our Best Of distinction. Or, since we’re in a holiday mood, products that made our Nice List. And while nothing that connects to the internet can be 100% secure or private, these companies have pretty dang good privacy practices all things considered. So, we’re doing our best to make sure they get some attention. And because fewer brands than we’d like met that bar this year, we’re also talking about some products that are just OK at privacy.

Ecobee says, “You have invited us into your home, and we promise to keep earning your trust year after year.” Ah, Ecobee! It’s so easy for products that can record inside your home to border on creepy, especially when you combine that capability with a data-greedy company. So when Ecobee says they strive to earn our trust and seems to have solid privacy practices to back that up? That’s very refreshing to see in the often scary Smart Home space.

Like all Best Of products, Ecobee does more than just evade our privacy dings by not over-collecting, sharing, selling, and taking measures to protect your personal data. Here are a couple reasons they earned a thumbs up from us.

👍 Ecobee stood up to Amazon: They said no when that notoriously bad-at-privacy company asked for more information from Alexa-enabled thermostats.

👍Ecobee follows privacy-by-design best practices: They use on-device processing and end-to-end encryption. That helps keep their track record free of data breaches, hacks, and leaks.

👍Ecobee uses data for good: You can opt in to donate your anonymized thermostat data to scientists and public health researchers.

Ecobee’s Smart Camera and Smart Doorbell are also pretty good at privacy. The Blink Video Doorbell is OK too. So are Apple’s Homepod, Homepod Mini, and Apple TV 4K. Former Best Of members iRobot Roomba and Nvidia Shield TV are still pretty good.

Jabra and PocketBook are in the sound-delivering and book-reading businesses only. They collect and “use” the data they need to let you listen and read. The result? They barely collect any of your personal information at all! And that is really the best way to keep it safe. The thing about this category is that, unlike Smart Home and Health & Fitness products, they don’t usually need much personal information to do the thing you want them to -- like let you play games and music or find your stuff. It could all be so simple, but tech companies would rather make it hard. Anyway, back to the good news.

👍PocketBook doesn’t collect any personal information: If you download the Pocketbook Reader app, they’ll collect your email address. That’s IT!

👍Jabra stores your data locally: Jabra says they keep as much data stored on your device as they can to limit the collecting, storing and processing of it -- that’s much less risky than keeping it in the cloud.

Apple’s iPad, AirPods, AirTags are OK. So is the Chipolo ONE Spot and the original Chipolo ONE tracker.

Information about your period, sex life, heart rate, weight, fitness, stress… like Oura says in their privacy policy, “data does not get much more personal than this”! Having detailed information about your own health can help you better understand your body. Plus, it’s fun to check your sleep score, body battery, hydration level, and all those other charts and graphs that connected fitness products show us to make healthy livin’ feel a little bit like a video game.

But it can be embarrassing (at best) or dangerous (at worst) if that information gets into the wrong hands. Garmin and Oura do their best to keep your health information away from advertisers, law enforcement, and pretty much anyone aside from you. And like all Best Of honorees, both brands let users access and delete their super-personal information whenever they want. It is your personal information, after all. That’s something that long-time good-guy Garmin just added to their privacy policy since last year. Now, we’re not saying they did that because we suggested it to them by email… We are a little bit saying that though. But no matter the reason, we love when companies improve their privacy practices! Our DMs are open, as they say.

👍 Garmin made improvements to their already good privacy policy since the last time we reviewed them.

👍 Oura won’t share with law enforcement: they specifically say they “will oppose any request to provide legal authorities with access to user data for surveillance or prosecution purposes, and will notify users if we receive any such request.”

The Withings Thermo and Body Smart Scales are good at privacy too. And the Apple Watch and Whoop 4 are pretty OK as well.

Taking a digital page from Pocketbook, Tamagotchi Uni, iRobot Root, and Artie 3000 Coding Robot just don’t collect personal information on their young users or their parents. Phew! Again, such a great move. One that we’d love to see more grown-up gaming platforms do.

👍 Tamagotchi Uni even keeps your username private: so you can let your freak flag fly, Swiftie_Gorgon_69!

👍iRobot Root has an easy-to-read privacy policy: that clearly states they don’t “collect, store, or process personal information from any person.”

👍Artie 3000 doesn’t collect any data at all: and it even provides its own WiFi so that it doesn’t connect directly to the internet.

Dog-E is pretty good at privacy too.

Want more “nice” product options?

Agh! So do we. Stay tuned for our letter writing campaign. Dear Santa, please make privacy jail a thing… Seriously though, Mozillians (that’s what we call people who work at Mozilla) are working hard behind the scenes to try to raise the bar on privacy legislation in the United States and around the world.

In the meantime, here’s what you can do: The sideways thumb is looking better than ever these days. Products without the *Privacy Not Included warning label that don’t make the “Best Of” cut are generally OK (to different degrees -- read the reviews to know what you’re in for!). If you follow the tips to protect yourself in each review, that can help you preserve more of your privacy. In general, try to:

  • Avoid data-sharing: Don’t use social media accounts to login to new accounts -- like Facebook. Same goes for syncing apps and devices with each other, like your smart scale to a fitness app. When you do, you agree to that third-party’s privacy policies too. It’s messy, confusing, and can result in your sensitive data being exposed.
  • Beef up your cyber hygiene: Choose complex passwords and don’t reuse them. Use two-factor authentication (2FA) whenever you can. And always keep apps and software up-to-date.
  • Take a bit of time during set-up to take advantage of any controls you might have, like disabling locating sharing by default or opting out of targeted ads. Flipping some switches here and there could help you keep way more of your personal data private in the long run.
  • Ask the companies to delete all your personal data when you’re done with them. They won’t always honor that request but you might as well try.

Is there something on your wish list that you didn’t find in the Holiday Guide? Don’t forget, we take requests! Submit your suggestion here.

Jen Caltrider

Jen Caltrider

Lors d’une période de relative improvisation pendant laquelle elle travaillait sur son diplôme de Master en Intelligence Artificielle, Jen a découvert qu’elle était davantage douée pour raconter des histoires que pour écrire du code. Cette prise de conscience a par la suite donné lieu à une carrière intéressante en tant que journaliste spécialisée dans les questions technologiques chez CNN. Mais sa véritable passion dans la vie a toujours été de laisser le monde un peu meilleur qu’elle ne l’avait trouvé. C’est pourquoi elle a créé et dirige encore aujourd’hui l’initiative *Confidentialité non incluse de Mozilla, pour défendre le droit à la vie privée du plus grand nombre.

Misha Rykov

Misha Rykov

Originaire de Kiev et aujourd’hui basé à Berlin, Misha a travaillé dans de grandes entreprises technologiques et de conseil en sécurité avant de rejoindre les équipes en charge des questions de confidentialité chez Mozilla. Il adore les enquêtes journalistiques et déteste par-dessus tout les politiques de confidentialité confuses. Misha prône un cadre réglementaire plus fort et plus intelligent en matière de confidentialité, ainsi qu’un Internet plus sûr.

Zoë MacDonald

Zoë MacDonald

Zoë est rédactrice et stratège spécialisée dans le numérique à Toronto, au Canada. Avant que sa passion pour les droits numériques ne la conduise chez Mozilla et plus particulièrement dans l’équipe de *Confidentialité non incluse, Zoë écrivait sur la cybersécurité et le commerce électronique. Lorsqu’elle n’est pas occupée à enquêter sur des sujets de confidentialité dans le cadre de son travail, elle surveille étroitement les appareils intelligents chez elle.

*confidentialité non incluse