Are Smart Sex Toys Safe? Hacking, Remote Recording Could Endanger Users' Privacy

Smart sex toys may be the craze currently, but the fact that these devices are connected to the internet can endanger users’ privacy. This was evidenced by the most recent case of a sex toy which was caught recording users because of what the company reportedly called a "bug" in the software.

An app used to control a vibrator made by Hong Kong-based sex toy company, Lovense, was found recording sounds made by a consumer while using it. The user later found a six-minute audio file stored in the app’s local folder. Many users later reported similar issues with the device.

A Reddit user claiming to be the company’s representative later said in the thread titled, “Lovense remote control vibrator app recording ‘private’ sessions without express permission," that what was happening was due to a minor bug in the software.

This is not the first instance of a sex toy being caught recording users. Canadian sex toy manufacturer We-Vibe was accused last year of failure to protect consumers' privacy. In that instance, the sex toys made by the company were also collecting “highly intimate and sensitive data" while promising a secure connection between the smartphone and the sex toy. We-Vibe ultimately had to settle a class-action lawsuit in Canada and had to pay the aggrieved users $5 million Canadian dollars (around $4 million).

Another sex toy, Svakom Siime Eye, a Wi-Fi enabled vibrator with a built in camera designed for private live streaming, was found to be easily hackable earlier this year.

These instances beg the question — are such sex toys even safe? Is to better to use regular sex toys instead?

To understand the issues behind smart sex toys, one needs to know about the technology involved in making one. Smart sex toys use technologies such as Bluetooth Low Energy and Wi-Fi which makes them vulnerable to hacking — your privacy is still at stake, even if the company doesn’t have a vested interest in collecting your data.

Such devices can be easily hacked using a technique called "screwdriving," according to Alex Lomas of cybersecurity firm Pentest Partners.

You are most at risk if your sex toy has a Wi-Fi enabled camera. Such cameras are put into place so that a user can record a video of himself/herself, and share it only if he/she wants to. However, these cameras can be remotely activated to start recording without the users' consent, according to research done by Pentest Partners.

The larger problem with connected sex toys is that the communication between these devices and your smartphone is not encrypted — a hacker who can reverse engineer the connection between a smart sex toy and a user’s device, to route it to his/her device can easily get access to all the data transferred between the two.

Until these security concerns are addressed, you are better off using a regular sex toy instead of a connected one.