Don’t Call Me Scrooge, But …

They can see you when you’re sleeping. They know when your baby’s awake. They know if you’re predisposed to Parkinson’s disease or related to a criminal. So be vigilant for goodness’ sake.

Some of the hottest Christmas gadgets and gifts this season are straddling that fine line between merely creepy and borderline dangerous thanks to some consumers’ innate desire to know everything about themselves and the people in their lives at any given moment.

HP advertisementAdvertisement

It should come as little surprise that a lot of consumer-facing companies are pushing the limit by offering products and services that are completely disregarding the masses’ concern for the privacy of their most intimate personal information.

Ancestry.com and 23andme are really pushing their DIY DNA kits this holiday season – discounted 40 percent and 30 percent, respectively, until Christmas – with extensive online, television and radio advertisements promising a wealth of information about users’ genetic predisposition or genealogy after voluntarily submitting a saliva sample to analyze their DNA.

AncestryDNA was the best selling, non-Amazon branded product on Cyber Monday for the second year in row. The company has now sold more than 14 million DNA kits worldwide. 23andme has more than 5 million users. Twenty million people had no problem spitting into a tube and sending off the most uniquely identifying personal data there is to these companies.

Surely nothing bad could come of this.

In November, 23andme announced it would end its years-long policy/business model of allowing third-party developers to access its treasure trove of raw genomic data to build health apps and weight loss services, etc. But for at least six years, subscribers’ DNA was up for grabs.

By the way, British pharmaceutical giant GlaxoSmithKline in July invested $300 million in 23andme for the exclusive rights to mine customers’ DNA data for drug targets.

Meanwhile, Ancestry.com and its users are still dealing with the fallout from a massive data breach back in 2015 when someone accessed a server that contained the usernames, email addresses and passwords of at least 300,000 registered users. And it took more than a year for the company to admit/announce the breach.

The point here is that no data could be more precious and personal – and that includes any DNA samples from your relatives, even those of the extremely distant variety. Just ask Joseph James DeAngelo, aka the Golden State Killer, a former cop and alleged serial killer and rapist who was finally arrested this spring.

Those who don’t mind making their DNA available to third-party developers, Big Pharma or the police might be less laissez-faire about data privacy when they take a closer look at some of the popular holiday gifts that Mozilla, the non-profit organization famous for its Firefox browser, has identified in its “Privacy Not Included” list for 2018.

There’s the FREDI Baby Monitor that doesn’t encrypt its communications, has no privacy policy and the company doesn’t disclose if it shares information with third parties. Oh, and it also doesn’t prompt you to change the default password nor does it provide automatic security updates.

Do you like drones? Great. So do hackers. There are several on the Mozilla list. Their individual security shortcomings span the gamut. Some have no encryption or privacy policies at all. Some share your information with third-party “partners.” Others don’t require users to change the default password. It’s the Wild West in the drone game. You’re forewarned.

Let’s not forget Facebook Portal, the social networking giant’s new video chat device, and other similar products creeping into the mainstream such as Amazon’s Echo and Google’s Alexa. All of them share something in common: they bring people closer together at the risk – some might say cost – of recording, sharing and potentially exposing the most mundane or most personal moments of users’ lives.

It doesn’t take a lot of imagination to envision how giving these internet-connected devices access to so much of our humanity – especially in light of these vendors’ repeated disdain for or just plain inability to safeguard personal data – could go horribly wrong.

My holiday wish for everyone – be smart and be safe. All of these potential data privacy white elephants share a common theme: people want gadgets and services that allow them to know more about themselves –  but it doesn’t have to mean these companies and a slew of hackers get to know us better than we know ourselves.