New internet outrage: ‘Smart’ sex toy sent company details of its use | McClatchy Washington Bureau

In the annals of the invasive collection of private information via the internet, the story of the We-Vibe Rave may mark a milestone.

Customers have accused the sex toy of sending the manufacturer details of how the high-end vibrator was being used without the consent of the owner. That’s the charge in a federal class-action lawsuit filed in Illinois against Ottawa-based Standard Innovation.

An Illinois woman identified only as N.P. says she bought the device for $130 in May. She then downloaded an app, We-Connect, offered by Standard Innovation, and used it to pair her smartphone with her vibrator through a bluetooth connection.

Her We-Vibe Rave then went live, so to speak, even hackable.

The company advertised the online feature as a way to keep distant partners feeling close.

“Tease and please with custom vibes you create. Turn on your lover when you connect and play together from anywhere in the world,” an app advertisement embedded in the 18-page complaint says. “Build excitement with secure in-app voice, chat and video.”

Distant partners could use vibration modes labeled “pulse,” “wave,” “echo,” “tide,” “crest,” “peak” and “chachacha.”

“With the ‘connect lover’ feature, partners can exchange text messages, engage in video chats, and can control a paired We-Vibe device,” the complaint alleges.

Once partners employed the “connect lover” feature, a message would appear saying: “Create a secure connection between your smartphones.”

The complaint says the manufacturer “fails to notify or warn customers that We-Connect monitors and records, in real time, how they use the device. Nor does defendant disclose that it transmits the collected private usage information to its servers in Canada.”

It charges that the data transmittal amounts to a violation of federal wiretapping and Illinois eavesdropping statutes and results in “wholesale disregard for consumer privacy rights.”

The manufacturer obtains “date and time of each use, the vibration intensity level selected by the user, (and) the vibration mode or pattern selected by the user,” the suit says.

Since We-Vibe customers offer their email addresses when registering with the app, the lawsuit says the company could “link the usage information to specific customer accounts.”

The complaint charges that N.P. and other owners of the devices were subject to scrutiny of “intimate private details about their sexual behavior that they believed were confidential.”

Since the suit was filed in September, the company has taken steps to ensure the privacy of the device’s users, said Denny Alexander, marketing communications manager for Standard Innovation. In October, he said, Standard Innovation updated privacy settings so that “customers do not provide their name, email or phone number or other identifying information to use We-Connect.”

Court documents say the two sides attended a full-day mediation hearing Nov. 22 and concluded possible terms for settlement. The sides agreed to prepare settlement papers and submit them to the court before Jan. 27. Terms of the settlement were not known.

A lawyer for Standard Innovation declined to answer questions about the pending settlement. A lawyer for the plaintiff in San Francisco did not respond to a phone message.

We-Vibe vibrators, however, still may live on in hacker lore. One of the vibrators played a role last August at a major hackers’ convention in Las Vegas known as DefCon.

“Presenters conducted a demonstration involving a We-Vibe product. They indicated that they were able to control the product with a computer within short range distance,” Alexander said, adding that the vibrator could be controlled only within bluetooth range, or less than 35 feet.

Still, even at that short range, mischief makers might find certain capers irresistible.