«
»

Sunbeam Electric Blanket App Steals Data

2/19/2022, 3:59 pm, General

Here is the letter I wrote to Sunbeam today

Data Privacy Enquiry
Attn: Data Protection Director
6655 Peachtree Dunwoody Road
Atlanta, Georgia 30328
2-19-22

Lee Sonko
[address redacted]

Dear Data Protection Director,

Holy Moley! I did not expect my new Sunbeam electric blanket to be stealing my data!

I bought your Sunbeam LoftTec Wi-Fi Connected Heated Blanket and installed the required Sunbeam app. Every time I start the app on my Android phone to control my electric blanket, I see a message from Android saying “Sunbeam pasted from your clipboard.” Why is your electric blanket app scraping my clipboard? An electric blanket does not need to know what is in my phone’s clipboard!

Please tell me you will fix this insane privacy and security hole!

I looked through the Privacy Policy of the app and you made no argument for capturing my clipboard. In fact, the Privacy Policy reads:

5. SENSITIVE PERSONAL DATA
Unless specifically requested, we ask that you not send us, and you not disclose, on or through the Sites or otherwise to us, Sensitive Personal Data (e.g., religion, ethnicity, political opinions, ideological or other beliefs, health, biometrics or genetic characteristics, criminal background, trade union membership, or administrative or criminal proceedings and sanctions) unless specifically requested by us or required by law.

So you don’t want my sensitive personal data, and I don’t want to give it to you, but you make it impossible when you’re grabbing snippets of my clipboard!

I’ve already returned the electric blanket. I would love to buy a version that doesn’t violate your own Privacy Policy. It could be the best electric blanket on the market but as it stands, it literally can’t be trusted.

What is “clipboard scraping”? It’s when an app grabs the contents of your clipboard. Sometimes it is a convenience feature so a user doesn’t have to copy-and-paste data themselves. But if the app obviously doesn’t need the data, the only reasons are nefarious ones. An electric blanket does not need to know what is in anyone’s phone’s clipboard! Tik-Tok stopped the practice promptly after it was exposed in 2020. I hope you do the same.

Most sincerely,
Lee Sonko

Leave a Comment

Do not write "http://" or "https://" in your comment, it will be blocked. It may take a few days for me to manually approve your first comment.