Mozilla Releases Annual Gift Guide: Privacy Concerns

Mozilla has released its annual 2022 edition of Privacy Not Included buyer’s guide which contains privacy reviews of more than 75 popular consumer electronics gifts, which will be continuously updated throughout the giving season.

Among the potential gifts in the guide so far are the Apple Watch, Nintendo Switch, Amazon Echo, Garmin fitness trackers, Google Chromecast, Steam Deck, and the Meta Quest Pro.

According to Mozilla researchers, the latter can be particularly challenging for privacy seekers. To get the full scoop on privacy for the gadget, a buyer would need to open at least 14 browser tabs to make sense of privacy documents totaling 37,700 words.

The researchers noted that products like the Amazon Echo Dot and the Google Pixel Watch also come with multiple privacy policies for the hardware, apps, and companies they share data with.

Privacy researchers admit they themselves are struggling to understand all this, and consumers are far worse off.

The purpose of privacy policies is to inform users on how their information will be used and for what purposes so they can make informed decisions, asserted Javvad Malik, a security awareness advocate.  When policies are so complex and prohibitive to read, the majority of people will simply click through in order to use the app or service they need.

This puts them at risk as they may be consenting to having their information used in ways they are not aware of or comfortable with. Complex privacy policies make it more difficult than necessary for end users to fully grasp the privacy they should expect from a company and their rights as a user.

However, Daniel Castro, vice president of the Information Technology & Innovation Foundation, Washington, D.C., pointed out that privacy policies are often complex because digital products and services are complex. The companies making these products face regulators not only in 50 states but all over the world and the enormous penalties for any errors or omissions, so it is not surprising that the lawyers have taken over writing these terms.

Malik countered that while privacy policies are important to legally protect organizations that use customer data, they should be done in a transparent and easy-to-understand manner so that people can make the decisions that are right for them. Tech companies are so concerned about privacy-related litigation with their products or services, they are inclined to write complex privacy documents that often protect their own interests at the expense of the consumer.

Tech companies should be required to write more simplistic privacy documents that consumers can understand. Apple’s privacy policies, for example, are often written in easy-to-understand language.

The Mozilla researchers noted putting together their privacy guide has become harder than ever due to  an unprecedented explosion of connected products in the market. Children’s toys, litter boxes, sunglasses, and vacuums that connect to the internet and then scoop up and share precious personal information.

Consumers should realize that every connection from a device to the internet opens an entry point into their homes and couple that with the apps they need to control these devices, apps that control microphones and cameras and can access contacts and location information. All this raises a lot of questions about privacy.

It’s possible to prevent unwanted tracking by disabling Wi-Fi connections on devices that don’t require it for core functionality, such as a smart TV. Not connecting the TV to the network can prevent the manufacturer from collecting tracking data or from injecting ads into the interface, but the trade-off is you might not get any firmware updates that may introduce additional features or fix known issues.

Consumers should be especially wary of cheap no-name devices equipped with microphones or cameras as there have been numerous instances of manufacturers recording and sending all sensor data back to foreign servers without the user’s consent or knowledge. It can be challenging to thoroughly understand the privacy implications for any given product. There are too many legal loopholes that can be built into complex privacy agreements, as well as few good ways for the average person to confirm whether the manufacturer is living up to their end of the agreement.