back to article Long-distance dildo devotee deploys ding-dong over data deceit

A class-action lawsuit against a Chinese sex toy company accused of storing intimate data from its internet-connected dildo can move ahead, a California judge has decided. Lovense was sued [PDF] in January 2018 in America by unhappy customer "S.D." after she discovered that the company was storing not just the time and date …

  1. T. F. M. Reader Silver badge
    Coat

    Advancements in AI

    @article: You do have to wonder why a sex toy manufacturer thought it would be fine to store details of the use of its products, especially connecting it to individual accounts.

    For Deep Learning, obviously.

    1. Phil O'Sophical Silver badge
      Coat

      Re: Advancements in AI

      Penetration testing?

      1. BebopWeBop
        Joke

        Re: Advancements in AI

        well lads, very fine, can I assume those macs are filthy?

      2. Swarthy Silver badge

        Re: Advancements in AI

        Debuggering?

    2. MyffyW Silver badge

      Re: Advancements in AI

      You had me at "C-shaped" ....

  2. Anonymous Coward
    Anonymous Coward

    I believe the appropriate word has already been coined:

    "Teledildonics"

    1. Simon Harris
      Coat

      Re: I believe the appropriate word has already been coined:

      Long distance masturbation devices really should be called The Telerubbies.

      "Are you sure that's where Noonoo's nose is supposed to go?"

    2. David 132 Silver badge
      Coat

      Re: I believe the appropriate word has already been coined:

      Internet Cervix Provider?

      (edit: went with "software-as-a-cervix" originally but I think this works better...)

      1. Player Piano

        Re: I believe the appropriate word has already been coined:

        Certified Ovary Public

  3. Donn Bly

    re: why a manufacturer thought it would be fine to store details of the use of its products

    There can be any number of legitimate purposes for collecting the data -- but they need to be spelled out in the privacy and data retention policies. None of the product's users would have read the policies anyway and the company would have had legal coverage. However, associating the data to a clear-text email address (if that is in fact what they were doing) instead of something like a serial number is a poor technical decision. Whomever made THAT decision should be job-shifted to "product testing".

    Still, I am unsure if wiretapping is the correct legal category for this. Control of the device is through a cloud-based control system so the manufacturer IS a party to the "conversation". The users cannot connect directly, so user A sends a control message the cloud, which in turn tells user B. Presumably user B sends a message back via the same channels to user A that the control message was received and was accepted. Ignoring the salacious nature of the product, logging the fact that a message of a given type was processed is pretty much standard on any of these IOT devices: Light On. Light Off, Set Temperature to 71°F, doorbell contact triggered, pump relay activated, etc.

    For any given email message, my mail server logs show the sending and recipient email addresses as well as the subject line and the date and time the message was received. Could the judge consider that "wiretapping" as well? I realize that this is just a preliminary hearing, but my worry with cases like this are the unintended consequences that impact seemingly unrelated things.

    1. Wellyboot Silver badge
      Happy

      Re: re: why a manufacturer thought it would be fine to store details of the use of its products

      >>>doorbell contact triggered<<< - would that be the 'Ring' IOT doorbell?

      The postman always rings twice!

    2. jmch Silver badge

      Re: re: why a manufacturer thought it would be fine to store details of the use of its products

      Logging vs wiretapping -

      I certainly would not consider this wiretapping, as you say C&C instructions are sent through the cloud and logged. However there's no reason to be keeping all that data indefinitely. If needed for support can be deleted after a few days, and if needed for long-term performance analysis etc, should be anonymised

    3. thosrtanner

      Re: re: why a manufacturer thought it would be fine to store details of the use of its products

      This sounds a bit like saying the post office is party to the contents of a letter or parcel you sent.

      No it isn't.

      All it is party to is the receivers address in the case of a letter. A bit more in the case of a parcel but even their they don't need to know the senders address. Even if it's recorded they give you a tag so you can check and they don't take your address.

      At no point to they have any idea of the content or log it.

      So why should these people think they should have any access to the content of the message sent between the app and device, beyond that needed to ensure the data that is received is what was sent?

      1. Dog11

        Re: re: why a manufacturer thought it would be fine to store details of the use of its products

        Maybe that's all your post office logs. In the "land of the nominally free", they keep images of all the sides for both letters and parcels. Whether those images are OCR'd and the data sent to your permanent file is not specified.

    4. Ben1892

      Re: re: why a manufacturer thought it would be fine to store details of the use of its products

      Google trawling your email content to sell you stuff is different how? People will gladly sign-up to T&Cs that share more personally sensitive info, via their email conversations, than intimate massage habits

    5. Velv
      Paris Hilton

      Re: re: why a manufacturer thought it would be fine to store details of the use of its products

      Whomever made THAT decision should be job-shifted to "product testing"

      They’d probably consider that promotion, and I don’t mean in a Peter Principle way.

  4. Anonymous Coward
    Anonymous Coward

    "Press 1 for Yes; 2 for No; and 3 for..."

    Does it go to eleven? Just askieeeEEENNNNN!!!

    1. TRT Silver badge

      Re: "Press 1 for Yes; 2 for No; and 3 for..."

      Good evening.

      Now, let's move on to something ruder.

      Wankel Rotary Engine.

      Well... ha ha ha.

      Now it's time for 'A Book at Bedtime'. Alan Hutchinson reads another extract from a series of bedside books.

      Number 32. 'The lady lies with her left leg planted firmly on the ground and the right hand waiting. The gentleman with the melon switches on the battery and places his left thigh on the edge of the swivel table, keeping the neck of...

    2. Anonymous Coward
      Anonymous Coward

      Re: "Press 1 for Yes; 2 for No; and 3 for..."

      And here’s the video of that! - NSFW https://m.youtube.com/watch?v=bVeDapSy4Yg

      1. cb7

        Re: "Press 1 for Yes; 2 for No; and 3 for..."

        Is there a male version?

        1. Anonymous Coward
          Anonymous Coward

          Re: "Press 1 for Yes; 2 for No; and 3 for..."

          Yes, think vibrating fleshlight with a pump, controlled by someone else. *grins* great fun

  5. Blockchain commentard
    Facepalm

    Well, I be buggered !!!

  6. Anonymous Coward
    Anonymous Coward

    Wait till the penetration testers get hold of one, I'm sure they will find a back door as well.

  7. Nick Kew

    Medice, cura te ipsum

    Does "S D" stand for Sexual Dysfunction? Disease? Dalliance? ???

    For someone in Europe to take action on such data collection would seem entirely consistent with GDPR. But in a US court? Pot, Kettle!

    1. Big_Boomer

      Re: Medice, cura te ipsum

      Yes, but it's a Chinese company so they are a prime target in the fight against the new enemy., and as such are already guilty whether they did it or not.

      1. fidodogbreath Silver badge

        Re: Medice, cura te ipsum

        it's a Chinese company

        If Lovense uses Huawei routers internally, it's also a national security issue...

    2. A.P. Veening Silver badge

      Re: Medice, cura te ipsum

      For someone in Europe to take action on such data collection would seem entirely consistent with GDPR. But in a US court? Pot, Kettle!

      California is the only US state to take privacy even the least bit serious and California has GDPR like legislation pending.

    3. Francis Boyle

      Re: Medice, cura te ipsum

      I briefly considered that she might have the same initial as Captain Kirk but of course that shouldn't apply in this case.

  8. Crisp
    Coat

    An app in the hand is worth beating about the bush.

    Unless you lose your bluetooth connection every few minutes.

    1. TRT Silver badge

      Re: An app in the hand is worth beating about the bush.

      Hands free?

      1. Anonymous Coward
        Anonymous Coward

        Re: An app in the hand is worth beating about the bush.

        A hand in the bird is worth two in the bush

  9. Simon Harris
    Coffee/keyboard

    Does it have to be cloud based?

    Couldn't they just set up a direct link between two devices without a server?

    A kind of Peer - to - Pee-er network?

    1. TRT Silver badge

      Re: Does it have to be cloud based?

      She wouldn't bother if he had a long enough cable.

  10. Anonymous Coward
    Anonymous Coward

    Is there an option for a physical connection?

    Maybe a butt plug?

    1. fidodogbreath Silver badge
      Big Brother

      Re: Is there an option for a physical connection?

      Maybe a butt plug?

      It's been done.

    2. Simon Harris

      Re: Is there an option for a physical connection?

      Make sure to follow the correct unplugging procedure though or you might cause a core-dump.

  11. werdsmith Silver badge

    Long Distance

    Long distance dildo.

    Barge pole.

  12. Anonymous Coward
    Anonymous Coward

    more seriously

    In case you are not up to doing the research yourself.

    The devices themselves, both the male and female versions work rather well, the missus and I have tested them very thoroughly. The software, the Bluetooth stability, etc, is very less than optimal.

    I have considered writing a 3rd party app for it, but the testing can be distracting.

    1. Anonymous Coward
      Anonymous Coward

      Re: more seriously

      About 15 years ago I had a go at this and made a couple of controllers based on a DTFM decoder and a PIC, and hacked some Ann Summers devices to make male and female versions. All they needed was a phone at each end (even a land-line phone would do) to control them without any data collection happening in the middle.

      Quite fun, but back when feature phones were still the norm (the iPhone was still a couple of years in the future back then), trying to remember which numeric keypad button corresponded to a particular fun-toy function (and, yes, they could do way more than the standard Ann Summers toys they were based on) was hard when your brain wasn't entirely in your head.

      1. astounded1

        Re: more seriously

        How 'hard' was it?

    2. TRT Silver badge

      Re: more seriously

      It needs to be more secure really. If they followed the Wide Area Network Key Interchange Negotiation Guidelines protocol, they could manage a mutual Transfer Over Secure System and achieve the status of Online Remote General Access Secure Messaging.

  13. oiseau Silver badge
    WTF?

    Downright stupid

    Call me antiquated if you will, but whoever is stupid enough to buy an internet-connected dildo really deserves to get shafted.

    Yes, pun intended.

    ... using this system from opposite ends of the globe as well as sat at a restaurant table.

    I said stupid?

    Maybe we're actually looking at certified idiots.

    O.

    1. Mark 85 Silver badge
      Paris Hilton

      Re: Downright stupid

      Well, it is a product obviously for the "connected generation" where actual human-to-human contact isn't done. We've all seen the photos of "parties" where everyone is sitting around playing with their phones. Sad world we're living in.

      Icon: Paris because she represents... err.... forgot what I going to say. Anyway, she represents it.

  14. Anonymous Coward
    Gimp

    OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!!!!!!

    When is the court case due to reach its climax??

  15. Stuart Halliday

    Bluetooth is probably one of the least reliable wireless protocols around. It's so easily swamped by WiFi or close proximity to a smartphone.

    1. Simon Harris

      Is this the same company's devices that were susceptible to drive-by blue-jacking?

  16. Che van der Showa

    I wonder if S.D. has a middle initial.

  17. astounded1

    We Want To Collect All The Data In The World! We Don't Know Why...Love, China

    The Chinese always seem to be trying to figure out the point of what they're doing.

  18. Anonymous Coward
    Anonymous Coward

    Hmm - timestamped logs of activity could produce some friction in a family if a partner was not sending the commands. Reminds me of that scene from "Get Carter".

  19. Claverhouse Silver badge

    Although all this is the epitome of modernist trivia, I hope the Chinese Dildo People get off; but really, cases like this were made to be heard by the sacred monsters of Supreme Courts past. I should value the comments of old busters like Salmon P. Chase, Oliver Wendell Homes jr., and William Taft on this affair.

    1. Anonymous Coward
      Anonymous Coward

      What on earth is a digital watch?

      "Finally, I will produce in this court, a receipt for my clients Deluxe model inflatable woman - whatever that is"

      [Judge] The deluxe is the one with the real hair......

  20. allthegoodnamesweretaken
    Trollface

    I like to imagine life as the people in these stories...

    As a judge, how do you face the court with a straight face? You have to sit in your judge office at the back there and pour over the details of the case. Does it include photos? What sort of evidence are we talking here? Is it possible to look sternly at people collecting dildo data while telling them to knock it off?

    Who is the lawyer that had to present the sentence, "Well technically it's not wiretapping because it's a bluetooth dildo, so..." and what sort of thought processes were involved in coming up with that argument? What do they say when their families ask "How was work?"

    Can you imagine the dev life in that company? Like do they have meetings where the product testers give feedback to the dev team? What do the minutes of those meetings look like? Who pours over all that collected data? Are they thinking, "Hmmm, quite a few people like it supermaxed. Maybe we need to add a superdupermax-extreme speed" *writes product manager an email*.

    So many questions... Personally, I think this article focused on all the wrong issues.

  21. Mark Solaris

    Definitely the type of article El Reg loves to stick their fingers into.

    The ending was a bit dissatisfying though.

  22. Anonymous Coward
    Anonymous Coward

    Why email?

    The real question is why does the app require an email address at all?!!!

    There is no technical reason - those Plug'n'play home video cameras work perfectly well by just using the serial number of the device to connect (usually by scanning a QR code) - no information about the user at all.

    Anyone providing their email address to a dildo app in the first place is not thinking straight. It is obvious that their real purpose of collecting that information is for some other monetisation.

    We used to call that blackmail.

  23. Potemkine! Silver badge

    When a company says that it "takes its customers privacy very seriously", the aforementioned customers can be assured their privacy is deeply screwed (too)

  24. Fruit and Nutcase Silver badge
    Facepalm

    Location, Location, Location???

    Depending on version, Android forces location services to be turned on to use Bluetooth...

    https://www.theregister.co.uk/2017/11/01/google_fast_pair_bluetooth/

    Even if this device does not implement "Fast Pair", if using an Android 6.0 or later, what are the chances if some of the device (and location) information has hit Google servers? After all, we get to hear of "careless" software engineers slurping data almost every other week.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022