Annual *Privacy Not Included holiday buyers guide reveals just one product — the Meta Quest Pro — entails reading 14 documents and 37,700 words
These obscure, exceedingly lengthy policies get users ‘consent’ for invasive data practices
That’s because the privacy policies of connected gadgets made by big tech companies like Meta, Amazon, and Verizon have become so labyrinthine in recent years that some require opening over a dozen documents and reading tens of thousands of words, according to Mozilla’s 2022 *Privacy Not Included holiday buyers guide.
Indeed, to read all the privacy documents associated with just the Meta Quest Pro, you would need to open at least 14 browser tabs to make sense of documents amassing 37,700 words. That’s actually about 6,747 words longer than A Christmas Carol and it would account for four hours and fifty minutes of reading.
According to Jen Caltrider, lead researcher for *Privacy Not Included, other popular products like the Amazon Echo Dot and the Google Pixel Watch now also come with multiple privacy policies for the hardware, apps, and companies they share data with.
Says Caltrider: “It feels like a Rube Goldberg experiment trying to navigate the privacy documentation companies throw at consumers. If I’m struggling to understand this as a privacy researcher, consumers are far worse off. That’s not right.”
It feels like a Rube Goldberg experiment trying to navigate the privacy documentation companies throw at consumers. If I’m struggling to understand this as a privacy researcher, consumers are far worse off. That’s not right
Jen Caltrider, Mozilla
*Privacy Not Included is a buyer's guide focused on privacy rather than price or performance. Launched in 2017, the guide has reviewed hundreds of products and apps. It arms shoppers with the information they need to choose gifts that protect the privacy of their friends and family, while also spurring the tech industry to do more to safeguard consumers.
Compounding this issue is the sheer number of connected products now on the market. This year’s *Privacy Not Included investigates products across six categories, including Smart Home, Toys & Games, and Wearables.
Says Misha Rykov, Mozilla privacy researcher: “We’re living through an unprecedented explosion of connected products. There are now children’s toys, litter boxes, sunglasses, and vacuums that connect to the internet — and then scoop up and share precious personal information.”
Currently, the 2022 holiday edition of *Privacy Not Included reviews over 75 popular gifts, like the Apple Watch, Nintendo Switch, Amazon Echo, Garmin fitness trackers, Google Chromecast, Steam Deck, and the Meta Quest Pro. The guide will add additional product reviews throughout the holiday season. Mozilla researchers spend on average eight hours researching each product in the guide.
Key findings include:
- Acquisitions are bad for privacy. Twitter’s purchase by Elon Musk has pushed other acquisitions out of the spotlight. Big tech companies — which are often some of the worst privacy offenders — are gobbling up smaller companies that previously had better privacy practices. For example, iRobot — whose products previously received “Best Of” marks from Mozilla — is pending sale to Amazon. And Google will soon start requiring Google accounts for Fitbit users, following their acquisition of Fitbit in 2021. Meanwhile, products from Amazon, Meta, Samsung, and Verizon have all received Mozilla’s *PNI warning label.
- More gadgets are targeting kids — especially smart watches. Smart watches aimed at children ages five to 12 are becoming more popular, and include GPS tracking, cameras, and microphones. All four of these devices in this year’s guide received Mozilla’s *Privacy Not Included warning. Especially problematic is the Verizon GizmoWatch, which can collect your child’s name, age, gender, email address, and audio and text messages. While parents may find them useful for keeping a watchful eye on their youngsters, these devices collect a lot of kids’ personal data — and normalize children to surveillance at a young age.
- There are lots of creepy products. This year’s guide features several products that stand out for especially poor privacy and security practices. The Meta Quest Pro brings 16 cameras into your house — and on your body! — courtesy of a company known for betraying users’ trust and privacy. The Barnes & Noble Nook tracks your location and shares it with third parties. The Samsung Galaxy SmartTag knows wherever you go — and can target you with ads based on that information. And the Amazon Echo Dot Kids Edition can personalize buying recommendations to children.
- There are some trustworthy products. Smart watches and fitness trackers by Garmin have privacy features turned on by default. And Sonos has developed its own privacy-friendly voice assistant for their smart speakers that processes all your voice requests right on the device, no data sharing required.
North America | Helena Dea Bala, [email protected]
Europe and Africa | Tracy Kariuki, [email protected]