Digital Diaries: Is Your Smart Sex Toy Collecting More Data Than You Realize?
Many of us have installed an app “just once”—simply to breeze through registration, dismiss pop-ups, and finally reach the button we need. But when it comes to gadgets controlled via a smartphone, such haste can come at a steep cost to privacy. Sex toys are no exception: as the market expands and increasingly embraces the “device + app” model, convenience rises in tandem with the risk that software will collect far more personal data than users expect.
Digital privacy experts warn that apps for sex toys can potentially capture extraordinarily sensitive information. This may include data about sexual behavior and usage patterns: which device is active, which functions are enabled, how often, in which modes, and at what intensity. If an app supports remote partner connections for “long-distance play,” information about a second person may also enter the data-collection orbit. Added to this are more familiar technical markers, such as IP addresses and location data.
Companies typically justify data collection as a means of “improving the product.” For example, if most users consistently select maximum intensity, that insight could influence future design choices. Another rationale is more prosaic: marketing. A representative of the brand Lelo has explicitly linked data collection to more precise targeting of ads and offers tailored to individual users.
There is, however, a far less palatable scenario: the data may be sold to data brokers if a company decides to monetize customer information for additional profit. Privacy advocates explain that brokers then resell these datasets to anyone willing to pay—from advertisers to private investigators and other curious parties. Worse still, brokers may “stitch” such data together with information from other sources, tying it to identifiers like email addresses, device IDs, IP addresses, or tracking cookies to refine targeting. Once a dataset enters this chain of intermediaries, users effectively lose control over where it ultimately ends up.
The ability to opt out of data sales—or even to learn that such sales are occurring—can depend heavily on where one lives. Disclosure requirements and opt-out rights vary across U.S. states and other regions. California is often cited as an example, where the law mandates transparency around the sale of personal information and grants users the right to refuse it.
Because many apps can be downloaded without purchasing the corresponding device, the author tested several programs to see exactly what they request. Particular attention was paid to Siri on the iPhone: although apps are not supposed to enable permissions unilaterally, many still prompt access via the “Learn from this app” feature. This does not mean Siri can see an app’s content, but it may allow the collection of indirect yet deeply personal patterns—for instance, when and how frequently a user interacts with a device. As an added privacy safeguard, users are advised to decline such requests when prompted.
Another simple step is to review an app’s privacy label in the app store before installation, looking for language that indicates the collection of personally identifiable data, including contact information. Wi-Fi–enabled devices represent a separate risk zone. The article recalls a case involving manufacturer Svakom: in 2015, the company sold the Siime Eye vibrator with a camera at its tip, protected by a default Wi-Fi password—“88888888”—which was publicly documented in the manual. If buyers failed to change it, anyone within Wi-Fi range could potentially connect and view the live feed. The model was later discontinued.
Svakom’s current approach to apps for its other “smart” products is described as noticeably more cautious. Users can create an account or operate in guest mode, with the privacy policy promising not to collect data from unregistered users while still granting full functionality. A similar guest-use option is reportedly available in the We-Vibe app. Satisfyer Connect goes further, allowing users to opt out of data collection before logging in and offering a clearer, more structured privacy policy written in plain language.
For those concerned about privacy, experts advise treating the app with the same scrutiny as the purchase itself: read reviews not only of the device but also of the software—on the App Store and Google Play, on YouTube, in forums, and even on product pages. After installation, disable permissions that seem unnecessary, such as access to the camera, Siri, contacts, and other phone features. One important caveat remains: even if access to the microphone, GPS, and contacts is denied, this does not guarantee that an app will refrain from collecting behavioral data internally—such as how often you log in, which buttons you press, or how you navigate the interface.
It is also emphasized that requesting permission does not in itself prove that data is being collected. Still, red flags arise when apps demand sensitive access “just to function.” Because privacy policies are often dense with legal jargon, cybersecurity experts recommend at least skimming them for vague phrases like “we may share data with trusted partners.” More reassuring signals include statements such as “no third-party sharing,” “end-to-end encryption,” and “data anonymization,” which suggest commitments to limit data distribution, encrypt information, or strip identifiers.
Data retention periods are another practical concern. Within the Lelo app, the author opened articles offering sexual advice, and everything read was stored in a history that could not be cleared—persisting from installation in August 2024 onward. When asked about retention, Lelo responded with general language, stating that data is kept “as long as necessary,” depending on data type and context. Notably, deleting the app does not remove data from the company’s servers; users must contact the company directly, using the phone number provided in the privacy policy, to request deletion. By contrast, Satisfyer Connect states that logs are deleted every 60 days.
The final takeaway is straightforward: if you want your private life to remain private—rather than becoming a set of advertising segments and tradable profiles—you must treat privacy policies and permission settings as part of the purchase itself. And if the goal is to erase your footprint entirely, uninstalling the app is not enough; you must delete your account and ensure your data is removed at the company’s end. Only then can you come close to the assurance that your “smart” gadget is not keeping an overly detailed diary.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
