Reply to post: re: why a manufacturer thought it would be fine to store details of the use of its products

Long-distance dildo devotee deploys ding-dong over data deceit

Donn Bly

re: why a manufacturer thought it would be fine to store details of the use of its products

There can be any number of legitimate purposes for collecting the data -- but they need to be spelled out in the privacy and data retention policies. None of the product's users would have read the policies anyway and the company would have had legal coverage. However, associating the data to a clear-text email address (if that is in fact what they were doing) instead of something like a serial number is a poor technical decision. Whomever made THAT decision should be job-shifted to "product testing".

Still, I am unsure if wiretapping is the correct legal category for this. Control of the device is through a cloud-based control system so the manufacturer IS a party to the "conversation". The users cannot connect directly, so user A sends a control message the cloud, which in turn tells user B. Presumably user B sends a message back via the same channels to user A that the control message was received and was accepted. Ignoring the salacious nature of the product, logging the fact that a message of a given type was processed is pretty much standard on any of these IOT devices: Light On. Light Off, Set Temperature to 71°F, doorbell contact triggered, pump relay activated, etc.

For any given email message, my mail server logs show the sending and recipient email addresses as well as the subject line and the date and time the message was received. Could the judge consider that "wiretapping" as well? I realize that this is just a preliminary hearing, but my worry with cases like this are the unintended consequences that impact seemingly unrelated things.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon