Access Now Alleges Internet-Connected Sex Toy Vulnerable to Hacking, Seeks FTC Probe
Access Now is asking the FTC to investigate sex toy maker Svakom Design USA, alleging its internet-enabled vibrator with an embedded camera can be easily compromised. In a Wednesday news release and complaint, Access Now said Svakom released its "Siime…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Eye" vibrator in 2016 "with grossly inadequate security" because hackers can access personal data including video feeds. Risk of personal data might "lead to the loss of professional opportunities as well as harassment, severe reputational and emotional impacts, and other substantial privacy impacts," said the complaint. Access Now said the company's failure to provide proper security is both an unfair and deceptive trade practice. The complaint stems from research presented by technologist Ken Munro of U.K.-based Pen Test Partners, which provides vulnerability testing and security services, during a March 30 session at Access Now's RightsCon annual conference in Brussels. In a demonstration, Munro exploited a vulnerability in the Siime Eye software in two minutes, giving him full access to the video feed, the complaint said. It said Svakom provides little guidance in its device instructions to help users reasonably avoid harm. Security experts tried to tell the company about the problem, but it "ignored the notification and took no additional steps to increase the device security," said the complaint. Access Now wants the FTC to investigate and stop the sale of the Siime Eye products and try to recall those that have been sold. It also wants the commission to force Svakom to push security patches and notifications to users and implement a comprehensive privacy and security audit of the company's internet-connected products and services. Svakom and the FTC didn't comment.