The Protection of Privacy Authority (PPA) has recently released two sets of guidelines on the use of home IOT appliances and on video gaming consoles.
PPA Releases Guidelines on Privacy in Smart Homes Appliances
On November 15, 2023, the Israeli Privacy Protection Authority (PPA) has released a set of guidelines addressing the privacy implications of IoT products and smart homes. The PPA mentions that the rising trend of integrating Internet of Things (IoT) devices into domestic spaces to create “smart homes” has become a prominent development in recent years and requires special privacy protection attention.
The Internet of Things involves the incorporation of sensor-equipped electrical devices that gather and process information from their surroundings, encompassing data such as motion, temperature, sound, and location data. While the integration of IoT products in homes offers numerous benefits, it raises concerns about the potential infringement on users’ privacy, affecting not only the residents but also visitors to these smart home environments.
The operation of smart homes requires extensive collection and processing of personal and sensitive information, which, if mishandled, could lead to data breaches and unauthorized use. Moreover, the use of IoT products within the home essentially introduces surveillance systems into the most private and intimate spaces of individuals, giving rise to concerning implications.
In the guidelines, the PPA observes that looking ahead, the pervasive use of IoT products, especially in smart homes, is expected to expand, bringing with it implications for privacy and information security. The guidelines provided aim to navigate these challenges while fostering responsible and secure integration of IoT technologies into domestic environments.
To address these concerns, the PPA has outlined key recommendations for companies providing smart home services and products, as well as for users of these technologies, a summary of them is as follows:
- Configure the operational parameters of portable IoT products, such as robotic vacuum cleaners, to restrict movement in sensitive home areas.
- When installing smart home systems, change default passwords to strong, unique ones and regularly update them.
- Ensure the strength of your home network login password and avoid sharing it with unfamiliar or untrusted individuals.
- When setting passwords, refrain from using easily discoverable data, such as birthdates, phone numbers, names of family members, or pets.
- During the registration and installation of smart home systems, avoid linking them to social media accounts.
- Regularly perform software updates on home IoT products in accordance with the manufacturer’s instructions.
- Utilize home IoT products only when necessary and turn them off when not in use.
- Consider using IoT products with a capability of offline operation, reducing the need for information transfer over the network.
- Minimize the use home IoT products remotely.
- Where possible, install antivirus software on IoT products before connecting them to the network.
- Exercise the right to access and rectify information stored in the databases of smart home service providers. Use your right to request the erasure of any inaccurate or incomplete information.
The full version of the guidelines (in Hebrew) is available at:
https://www.gov.il/BlobFolder/reports/advertising1-15-11/he/privacy-home-iot.pdf
PPA Releases Guidelines for Responsible Use of Video Game Consoles
On November 27, 2023, the Privacy Protection Authority unveiled a set of detailed recommendations including guiding screenshots, to ensure the safe and privacy-conscious conduct of players within the virtual gaming community.
In an era dominated by digital entertainment, video game consoles offer access to captivating virtual worlds and immersive experiences that engage millions, including children and teens. However, beneath the allure of these virtual adventures lies a substantial threat to the privacy of younger members in the gaming community.
The PPA recommendations, grounded in an analysis of privacy policies and terms of use of prevalent game consoles in Israel, aim to foster a balanced and secure use of gaming platforms. Recognizing the risks associated with multiplayer interactions, including the use of microphones and cameras, the document addresses critical issues surrounding the privacy of gamers, particularly children and teens.
Key Points:
Dangers in Video Games:
- Games often facilitate contact between users, introducing risks such as personal data breaches, secret information collection, and unauthorized trade of personal information.
- Awareness among gamers, especially younger ones, regarding privacy risks is typically low.
Information Collected:
- User account information, including personal details like name, email address, home address, and age.
- Activity patterns, tracking gaming achievements, connections with friends, and gameplay details.
- Voice and text communication records from in-game chats.
- Location data, collected if using location-based services.
- Payment information, especially for in-game purchases.
- Biometric data in some cases, involving facial recognition, heart rate monitoring, and gesture recognition.
Maintaining Privacy:
- Enable two-step verification for added account security.
- Proactively adjust privacy settings to control the sharing of personal information.
- Limit data collection and disable personalization services that use your data for recommendations.
- Disable features like the always-on microphone if not needed.
Implementing the PPA Recommendations:
- The PPA guidelines include detailed guidance, including screenshots, to help users implement the recommendations on popular game consoles.
Relevant Game Consoles:
- The recommendations are tailored for popular game consoles in Israel, including Sony PlayStation, Microsoft Xbox, and Nintendo Switch.
- While specifically crafted for these consoles, the fundamental principles outlined in the recommendations can generally apply to all game consoles, serving as crucial guidelines for privacy across various gaming platforms.
The full version of the recommendations (in Hebrew) is available at:
*This post does not constitute a legal opinion.