Latest in Gear

Image credit: Getty Images/Blend Images

Consumer Reports now rates product privacy and security

Good design won't matter if a device leaks your data like a sieve.
547 Shares
Share
Tweet
Share
Save

Sponsored Links

Getty Images/Blend Images

When you read a review for a product, you're usually looking for tangible qualities like battery life and performance. As we've seen lately, though, the company's respect for your data matters -- a seemingly perfect gift may turn out to be a privacy nightmare. And Consumer Reports, at least, wants to do something about it. The publication has announced that it will start rating products' privacy and security, and it's working with several partners to create a standard by which products are judged. If a baby monitor or smart TV plays fast and loose with security, you'll know.

Just what is the standard, though? From a cursory glimpse, the privacy standard mostly amounts to a few logical rules. An internet-connected device should ask you to sign in and transmit encrypted data, for example. Companies should also be clear about how they share your data, delete that info on request and behave in an ethical manner (say, not compromising for the sake of advertisers or authoritarian governments). And security? For the most part, it amounts to asking the Cyber Independent Testing Lab to use automated testing tools to look for commonly accepted security practices. CR may also ask experts to hack devices, but it says this is "impractical" for reviewing many products.

The company stresses that this is a "first draft" of its takes on privacy and security, and that it hopes outsiders will help improve its policies. At least for now, it's setting expectations accordingly. These methods definitely won't guarantee that a product is airtight, as automated checks and basic precautions can't account for every possible vulnerability or dodgy privacy practice. Our columnist Violet Blue adds that having just one company involved in security screening could be a problem, since it'll be responsible for everything regardless of whether or not it has expertise in a given area. However, it's being fairly "aggressive" by counting deletion of user data as a positive, Violet says -- companies like Facebook might still fight that expectation.

The biggest challenge may be getting companies to treat these ratings as baselines, rather than as gold standards. The whole point is to have manufacturers thinking about privacy and security when they design a product, not to pat them on the back for accomplishing the bare minimum.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
547 Shares
Share
Tweet
Share
Save

Popular on Engadget

Sonos' portable smart speaker leaks in greater detail

Sonos' portable smart speaker leaks in greater detail

View
Kevin Smith is making a 'He-Man' anime series for Netflix

Kevin Smith is making a 'He-Man' anime series for Netflix

View
SpaceX Starman Roadster completes its first orbit around the Sun

SpaceX Starman Roadster completes its first orbit around the Sun

View
Tesla's relaunched solar power efforts include $50 panel rentals

Tesla's relaunched solar power efforts include $50 panel rentals

View
After Math: Plead the fifth

After Math: Plead the fifth

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr