Which? The UK based consumer advocacy organisation finds Smart Air Fryers and TVs engaging in invasive surveillance, with some even sharing data with TikTok.
The researchers from Which? noted that a significant number of these requests for personal information surpass what is needed for the fundamental functionality of a product.
Harry Rose, Which? magazine editor added, “Our research shows how smart tech manufacturers and the firms they work with are currently able to collect data from consumers, seemingly with reckless abandon, and this is often done with little or no transparency.”
SMART DEVICES MAY BE COMPROMISING USERS’ PRIVACY
Smart devices may enhance our lives with convenience and connectivity, but they also pose significant risks to our privacy by collecting and sharing personal data without adequate user awareness.
AIR FRYERS
Three models of air fryer were found asking for precise location and audio recording permissions on users’ phones for no stated reason. With certain smart air fryers, users can start cooking meals remotely through a smartphone app.
Xiaomi’s air fryer app links to several trackers, including Facebook, Pangle (TikTok’s ad network), and Chinese tech giant Tencent.
Aigostar’s air fryer also gathered data by requesting users’ gender and date of birth at account setup.
While these requests were indicated as optional, they have sparked questions about the implications of collecting such information.
Both Xiaomi and Aigostar air fryers transmitted users’ personal data to servers in China, a fact that is outlined in their privacy notices but could go unnoticed by many.
SMARTWATCHES
As with all the products under evaluation, the Huawei Ultimate smartwatch requires privacy consent to function properly, demanding nine “risky” phone permissions — the highest of any device tested.
According to Which?, “risky” refers to granting invasive access to various parts of a phone, such as precise location tracking, the ability to record audio, access to stored files, and the capacity to view all other installed applications.
Huawei asserted that all permissions were necessary and that no user data is used for marketing or advertising purposes. Which? found some trackers active on the Huawei watch, but Huawei clarified they are limited to certain regions.
The Kuzil and WeurGhy smartwatches, selected for their bestseller status on Amazon, were found to be virtually the same product — a common phenomenon on marketplaces where little-known brands sell similar white-label goods.
The smartwatches did not include the legally required information about the length of time for security updates. Nonetheless, both watches appeared to be free of any trackers.
SMART TVS
Smart TV interfaces are inundated with ads and thirsty for user data. The Hisense and Samsung TVs evaluated by Which? required a postcode at setup, though both brands said that a partial postcode would suffice and that it was only used for some content localisation features.
Samsung claimed that entering a postcode was not required; however, Which? found it appeared to be mandatory during their tests.
Although the LG set asked for a postcode, it was not compulsory to provide it. Samsung’s TV app requested eight risky permissions from the phone, including access to all other installed apps, second only to the Huawei smartwatch in terms of permissions requested.
Researchers found that the Hisense set did not connect to any identifiable trackers, but both Samsung and LG connected to multiple trackers, including Facebook and Google.
SMART SPEAKERS
The analysis of smart speakers showed that the Bose Home Portable speaker and app request the least number of upfront phone permissions among the products tested, yet they are full of trackers, including Facebook, Google, and Urban Airship.
The Bose speaker was found lacking in effectively securing customer consent for data tracking.
On the other hand, the Amazon Echo offers useful options to opt out of certain data-sharing requests. To use the Echo Pop or Nest Mini, consumers are required to have an Amazon or Google account, respectively.
NEXT STEPS
The research from Which? reveals that manufacturers are able to gather excessive data from consumers, frequently without clear information on how it will be used.
In Spring 2025, the ICO will publish new guidance for smart product manufacturers that must clearly outline how consumer data can be used and the transparency expected from businesses.
It is essential that this guidance offers straightforward advice regarding how consumer data can be utilized and the transparency required of businesses.
Which? is concerned that manufacturers from abroad may leverage the difficulties in enforcing compliance with these guidelines.