Reading:
We-Vibe data surveillance breaches the Data Protection Act
Share:
we-vibe claims

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

We-Vibe data surveillance breaches the Data Protection Act

We have been approached by a number of concerned individuals in the U.K. following the news that the company behind the “smart sex toy” We-Vibe is settling Group Action claims in the U.S. for collecting user data without proper consent.

We have now taken on a multitude of cases as we investigate the circumstances surrounding the collection of data without the consent of users here in the U.K., which we allege is a breach of the Data Protection Act.

The Canadian manufacturer of We-Vibe, Standard Innovation, was fined CAD $4 million (£2.4 million) after they were found to be collating and using their customers’ data without explicit consent.

Information that was collected and processed

The device is intended to keep couples connected over long distance, but connecting sex toys to the internet has proven to be riskier than anticipated.

The sex toys, which include the We-Vibe Classic and Rave by We-Vibe, are designed primarily for couples to use, allowing partners to control the devices via Bluetooth and a Smartphone app.

Researchers first discovered the data security breach and learned that the company was reportedly using the Smartphone app to gather data about how customers used the devices. According to reports and court documents, the app collected information such as the temperature of the device and the intensity during use, and how often the toy was used.

Claims in the U.S.

Though We-Vibe gave assurances to users that none of their data was maliciously hacked by an outsider, the company reportedly couldn’t guarantee that the data collection was used for lawful purposes. As a result, a number of concerned users filed a class action lawsuit against the company behind We-Vibe.

Given the significantly private nature of peoples’ sex lives and sexual preferences, the court allowed the users to litigate anonymously using initials.

The innovators of We-Vibe, Standard Innovation, believe that a “fair and reasonable” settlement has been reached in the U.S. In the settlement, users are compensated up to $10,000 (£8,000) if they can show that they used the app to control the toy, as well as providing their full name, phone number, and other details. For those who only purchased a We-Vibe connected device, up to $199 (£160) is being offered.

A spokesperson for Standard Innovation said:

“We are pleased to have reached a fair and reasonable settlement in this matter. At Standard innovation we take customer privacy and data security seriously. We have enhanced our privacy notice, increased app security, provided customers more choice in the data they share, and we continue to work with leading privacy and security experts to enhance the app.”

Privacy concern

One of the most worrying issues at hand is that most innovators don’t realise the serious risks of internet connected devices they sell, and their security vulnerabilities. This is detailed in our previous blog regarding smart fridges and smart locks, where manufacturers don’t pay enough attention to potential security flaws in our view, and instead just seek to push forward the innovation of the product.

Many of the security and privacy vulnerabilities of the We-Vibe toy were highlighted by hackers Goldfisk and Follower at the Defcon 24 conference in 2016. It’s a device that has evidently not properly secured their users’ private data, and hackers said that, very worryingly, the app could be hacked in to and allow a hacker to control the device themselves.

This is incredibly alarming.

The Data Leak Lawyers consider this a Data Breach Action

Though the company may suggest they collected user data for legitimate reasons – e.g. to improve their service – it’s private and most certainly intimate.

Ken Munro, a researcher from cybersecurity company Pentest Partners recognised this intimacy, stating:

“It’s one matter collecting data about your usage of a smart coffee machine. It’s a whole different matter gathering data about your sex toys.”

Many We-Vibe users have come forward to claim against the invasion of their privacy. In the U.K., companies that collect, use, and hold your personal information must do so in accordance with the Data Protection Act (DPA). It must be fairly and lawfully processed with explicit consent. As we believe that We-Vibe collected data and processed it without consent, we say that they are in breach of the Data Protection Act, and victims can claim with our specialist lawyers.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon