Cool tech for Christmas? Now set up the privacy controls

This year’s holiday gift lists included consumer tech that would have been the stuff of science fiction just a few years ago. If you unwrapped a smart TV, a voice assistant, smart watch or an internet-connected toy, here’s a practical suggestion: Get to know the privacy implications of your new electronics.

Now is the time to take a few moments to set up privacy features so you can be comfortable with how your personal data is collected, used and shared.

Here are some of this year’s hot electronics, the information they collect, and what you can do to exert some control over how they use your data.

Smart TVs: Understand how to limit sharing data about what you watch


Smart TVs connect to the internet to allow users to access streaming video services (such as Netflix or Hulu), or other online media or entertainment, such as music, on-demand video, and web browsers. Almost all TVs on the market today are “smart” — and other devices can be purchased, at relatively small cost, to connect to a regular TV and enable certain video streaming services.

Smart TVs collect a lot of data about your viewing habits, and that information may be shared with companies other than the device manufacturer or connected apps.

For example, some advertising companies buy viewing data and add it to detailed profiles that also include offline data, like spending patterns. The information in that profile may determine what ads you are served on your TV, or on other devices, like your phone.

Tip — Some TVs prompt you to make privacy choices when you first set them up. Other TVs ask for permissions when you try to use specific features that collect data. Either way, you should be able to visit the settings menu at any time to review or change your preferences.

Tip — If you have the option to set up automatic software updates, do it. That will increase your security and improve the performance of the TV.

Voice Assistants: Learn how to manage audio recordings

Voice assistants, often called smart speakers, offer an amazing amount of information; your wish is its command. They also record a lot of information.

Most of these devices are voice or speech-enabled, meaning that they use microphones to detect a certain “wake phrase,” but do not activate and begin recording (and sending information) until they hear that phrase. Most devices keep audio recordings of your commands so they can get better at recognizing your voice over time.

Tip — You can delete recordings of your voice commands or searches by logging into your account and managing your data history.

Tip — If you want the device to be responsive at all times, then it will probably pick up snippets of other noises in the room. Some devices may even occasionally activate by accident — for instance, if the device thought something you said was the “wake phrase.” Having a particularly sensitive conversation? Many voice assistants have a hard “mute” switch to turn it off.

Wearable Tech: Understand whether the app shares your health or location data.

Whether it’s a smart watch, a health monitor or an item of clothing, wearable tech is increasingly popular. Lots of wearable tech monitors your health or fitness, but unless it was prescribed by a health professional, it’s probably not covered by the strict privacy rules under the Health Insurance Portability and Accountability Act (HIPAA).

Most wearables connect with an app, some of which share user information in unexpected ways. For example, some track a user’s location all the time and share that information with third parties.

Tip — You should check the app’s privacy practices and use the settings menu on your device to change default settings that you don’t like. It should only take a couple of clicks to prevent an app from collecting location data. Of course, if you want access to that data yourself, you have to let the app collect it — but you may be able to control privacy settings to prevent other uses or sharing.

Connected Toys: Be aware of the data they may collect

If you’ve got kids, they may have new connected toys that respond to voice commands, link to an app, or have to be set up using an online account. Although electronics and data processing can create great experiences for kids, toys that connect to the internet raise concerns about what kind of data is collected from children, how that data is handled, and whether the device itself is secure.

Tip — Know whether the toy connects to the internet. Many “smart toys” can perform sophisticated tasks using hardware on the toy but are not connected to the internet. If the toy is connected, it is usually through an app. Be sure to check the privacy settings on the app as well as the device.

Tip — If the toy gives you an option to reset the default password for accessing the toy via the app, do it. If you keep the default password (or there is no password) anyone in the vicinity of the toy can control it.

Tip — Toys that connect to the internet are regulated strictly by the Children’s Online Privacy Protection Act (COPPA), which means they require parental consent before any data can be shared.

The hours after you unwrap your gift is the best time to invest a few minutes with your new device’s privacy settings.

If you do, you’re less likely to experience a data use disappointment in the future.

John Verdi is vice president of policy for the Future of Privacy Forum, a nonprofit that offers leadership in data privacy issues as well as privacy best practices, ethical norms and principled data practices for emerging technologies. Verdi previously served as director of policy initiatives at the National Telecommunications and Information Administration, where he crafted policy recommendations for the U.S. Dept. of Commerce and President Obama regarding technology, trust, and innovation.