In the whirlwind season of Black Friday and Cyber Monday sales and general Christmas shopping mayhem, it can be hard to resist the ridiculous savings on the latest Amazon Ring cameras or various home assistants.
Wait a second before you click to buy, though. There are plenty of articles online (and on our blog) that point out products and services that spy, leak, or eavesdrop on user data. In Part One of this guide below, we want to highlight which products are actually good for user privacy and security.
Jump to:
Part 1: High-tech gifts that boost privacy
Part 2: Low-tech gifts that protect privacy
Part 3: Gifts to avoid for privacy and security concerns
Part 1: High-tech gifts that boost privacy
1. For the gamers (if they don’t have it yet): Nintendo Switch
A perennial Christmas wishlist topper is the Nintendo Switch gaming console, which not only encrypts all your data in transit and at rest, but also has a very user-friendly privacy policy that says it won’t share your Switch data with third parties for commercial or marketing purposes. There may be games that do, though, so stay vigilant.
There is an infrared camera that’s used for a few games and can, within the very limited range of the console, track the Joy-Con controllers’ locations, but it doesn’t have GPS tracking (much to the chagrin of those who have had the misfortune of losing theirs).
[Want more privacy-related content? Subscribe to the Blog Newsletter.]
More alarming though, is that the Switch did experience a data breach this year, affecting 300,000 customers who did not have Two-Factor Authentication (2FA) on their accounts. Nintendo could have definitely made this security feature more publicly known and accessible to customers (maybe adding it as a step during account setup?), but it does now have a guide to enable 2FA.
2. For the audiophiles: Sonos One SL
Nothing has been able to knock Sonos out of its spot as the best privacy-minded speaker. While Sonos’s growing range of speakers has long featured AI voice assistant functions, the company recently released a speaker without that function in the Sonos One SL. Controlled over Wi-Fi instead of Bluetooth, the One SL encrypts the device and all its communications with other devices. There’s no built-in mic, so you can rest assured no one will be able to eavesdrop on you.
3. For the health-conscious: Withings Thermo
Health and well-being has come into sharp focus this year with the Covid-19 pandemic prompting unprecedented changes into how we negotiate individual privacy and public health. Large-scale solutions varying from contact tracing apps to new surveillance measures have also triggered distrust among many.
If you have a health- and privacy-conscious techie in your life, Mozilla rates the Withings Thermo as a “not creepy” smart thermometer. There is an optional app that you can download if you want, and the thermometer syncs your temperature readings over Wi-Fi instead of an unsecured bluetooth connection. The app does track your location, but you can change your app permissions for that, too.
(A “dumb” thermometer is also a perfectly acceptable substitute).
4. For the kids: Kano coding kits
If you’ve run out of things to watch with your kids, and they’re stuck at home like you are, consider getting a coding kit (geared toward ages 6 and up) from Kano. It tops Mozilla’s list for making coding feel instinctual without sharing you or your child’s personal information with third parties.
The company does aggregate your data and anonymize it for customer research and profiling, according to its privacy policy. This data could be used by someone determined enough to figure out who you are. The Harry Potter kit, for instance, comes with a wand that recognizes your movements and compares them with their database via machine learning(!), but that stops as soon as you put the wand down.
5. For the sound geeks: Sennheiser Momentum 3
The Sennheiser Momentum 3 are probably the best “dumb” smart headphones you can get: no signups or personal information required to start listening. There’s some decent noise-cancelling, too, which can be useful if you’re working from home, or just need a bit of quiet. Sennheiser has an app which allows you to customize your equalizer, and you can check and change the app’s permissions with general ease.
The AI assistant function seems somewhat inescapable these days in wireless headphones though, so if you really want to avoid that, your best bet would be to get a pair of headphones or earphones that require you to manually activate a voice assistant with the press of a button.
Part 2: Low-tech gifts that protect privacy
1. For the fashion-conscious: A (nice) face mask
The Covid-19 pandemic has pushed the use of face masks front-and-center in combating its spread around the world. It has also posed a new challenge for CCTV surveillance cameras that rely on a full face to recognize people’s faces. As well as being a must-have item for the winter, masks are just generally good at evading invasive surveillance measures like facial recognition.
If your intended recipients are already well-stocked up on masks, check out other anti-surveillance accessories, like anti-paparazzi scarves, anti-CCTV sunglasses, or even some face paint if they’re feeling particularly adventurous.
2. For anyone who’s always on their devices: Privacy accessories
They may be a bit small for stocking stuffers, but accessories that physically cover your camera and audio jack are indispensable in stopping hackers from recording sound and video from your devices.
Getting webcam covers and headphone jack covers prevents anyone who might find a way to remotely access them on both your phones and laptops from recording any audiovisual input. They’re relatively inexpensive online, and tend to come in packs, which sorts your holiday shopping for multiple people at once. Small novelty stickers also work in a pinch.
If you know their device model, consider buying them a privacy screen, which stops passersby from shoulder surfing and looking at what they’re doing on their devices in public, like typing in passwords or sending private text messages.
If you’re looking for a gift that keeps their internet connection private and secure, and also grants them access to an internet without limits, you need look no further than here.
3. For the cashless carriers: RFID-blocking wallets and cases
With more people turning towards cashless solutions when paying for things, whether it’s shopping online or using a mobile app at the cashier, the potential for opportunistic hackers to collect your information with a Radio Frequency Identification (RFID) reader also increases. Granted, they would have to get very close to your device in order for the RFID reader to work, but once they do, they can intercept the data coming from your device as you use it.
A simple wallet or pouch with RFID protection can safeguard your phone and cards, your passport, I.D. and anything else that relies on radio frequencies to pass information out, financial or otherwise. These items are pretty popular (there’s also the novelty factor of simply owning “RFID-protected” personal items), and you’ll likely have no problem finding RFID blockers for any size, style, and budget.
Read more: 5 ways to protect your online finances… in the physical world
4. For the tin foil upgrade: A portable Faraday bag
Your devices are good at sharing data, whether it’s apps sending information to and from your device, broadcasting your location through GPS, or tracking your biometrics through health accessories. This in itself is not necessarily bad, but we are becoming increasingly familiar with just how much information our devices collect, and with the growing number of ways that data is transmitted (Wi-Fi, Bluetooth, NFC, etc.).
If you know someone who would appreciate an all-in-one item that blocks all possible ways to transmit data, look into getting a Faraday bag. These “bags” look like a pouch consisting of two layers of radio frequency-shielding material (not unlike the RFID-blocking wallets above), into which you can put all your signal-emitting devices. Once they’re in the bag, they won’t be able to transmit, or receive anything from the outside.
Similar to the RFID blockers, Faraday bags come in all shapes and sizes, but won’t be as eye-catching as the humble tin-foil wrap.
Part 3: Gifts to *avoid* for privacy and security concerns
When you’re browsing for gifts this Christmas, remember to look out for these red flags and warning signs. Some may be less obvious than others. When considering these options, buyer beware…
1. Products owned by Big Tech companies
From your Facebook likes and photos, to your Amazon purchases, Big Tech have made it their business to track everything you do. It follows, then, that the privacy of the products and services these companies sell is dubious at best.
The VR Headset maker Oculus, for instance, requires you to set up a Facebook account, and even without a shopping account, Amazon products like the Echo and Ring can still be used to surveil you. Be wary, too, of your current smart devices that might get bought out by Big Tech: Google’s acquisition of Fitbit in 2019 left many suspicious of how their health data might be collected and tracked.
Read more: 5 ways Amazon spies on you (even if you’re not a customer)
2. Internet of Things with poor security
Having a home with smart lights, fridges, door locks, and thermostats can certainly be useful, especially if you’re staying at home a lot these days. But on top of server outages and fatal flaws that can render your smart toaster useless, these IoT devices are also ill-equipped to send and receive data from you or their company servers securely. Having such vulnerabilities can be particularly dangerous if you’re concerned about online stalkers doxing you, or your ISP or government that can look at your internet activity.
If you know someone who has decked their house in IoT devices, you could give them something that secures all their IoT devices instead.
Read more: This one device can protect your entire home network
3. Services that will “share your personal data with third parties”
In a similar vein to products owned by Big Tech companies, any apps, services, and smart home devices that share your personal data with third parties should also get the boot. A number of mental health and habit tracking apps, which have gained considerable popularity this year, were found to be transmitting data to third-party services, and only a fraction communicated this transparently.
On a more alarming level are DNA testing kits, which collect the literal data on you—your DNA. The sheer minefield of privacy risks these kits entail should be enough to stop anyone from using these if they value their personal data.
Read more: Are at-home DNA tests worth the privacy risks?
Few high-tech options for privacy-conscious gifters
There really aren’t enough gift guides out there that positively encourage the purchase of products that respect user privacy and security. For instance, we had difficulty finding high-quality headphones that don’t have a built-in voice assistant function. Perhaps if the absence of these eavesdropping features became a more obvious selling point, companies might be more inclined to actually respect user privacy and security.
For now, we recommend Mozilla’s Privacy Not Included list, which reviews smart devices based on how much data they collect and invites readers to rate them as ”creepy” or “not creepy” (and includes popular products on both sides of the privacy spectrum).
Sadly, even with more options to disable permissions and reduce bluetooth use, many smart devices still leave much to be desired. If you’re still not sure about what to get, may we’d like to make a modest suggestion.