Even though we might try and forget about how dating apps and connected sex toys store a lot of our data, it doesn’t make the problem any less worrying.

While we might turn a blind eye to how – for example – dating app Plenty of Fish stores information on our parents’ marital status for no particular reason, a new report launched by the makers of the Firefox browser has brought to light just how routine data breaches can be within sextech.

This week, the Mozilla Foundation published a report revealing huge security flaws in many popular dating apps and smart sex toys, just in time for Valentine’s Day.

The 2021 update to the Privacy Not Included guide – Mozilla’s “buyer’s guide for connected products” first published in 2019 – looks at how certain sextech products handle privacy, security and artificial intelligence matters.

If a product doesn’t match up to Mozilla’s Minimum Security Standards, which include encryption, security updates, the use of strong passwords, vulnerability management and privacy practices, it is deemed as needing improvement and given a ‘Privacy Not Included’ warning label.

In the report, Mozilla researchers examined 24 dating apps, a staggering 21 of which were deemed as having minimal security. These include some of the most mainstream apps such as Tinder, Bumble and OKCupid, but, for ease, it’s probably better than we name the three dating apps that ‘passed’ Mozilla’s privacy test: Lex, Happn and eHarmony.

Regarding smart sex toys, half of the 26 sextech products Mozilla included in its report received a warning label. Among these 13 were the headline-making connected chastity belt Qiui Cellmate and Abyss Creation’s RealDollX.

Mozilla’s Privacy Not Included sextech report: The fine print

Plenty of Fish, plenty of problems

Match Group’s Plenty of Fish (POF) is one of the oldest dating apps, but – for such a longstanding product – privacy remains an issue. For instance, POF couldn’t confirm to Mozilla researchers that it encrypts all the personal information shared over the app, the list of which is lengthy. Users are also able to create an account with the password, 123456, which isn’t exactly secure (please, don’t try this at home).

Note: While we’re only pointing out POF by way of an example as to how Mozilla has ranked the privacy of many other apps, it’s worth noting that it’s owned by Match Group – which owns at least 45 other dating sites including Tinder, OKCupid and Hinge, all of which performed similarly badly in this report.

“When you sign up with one of these dating sites, their privacy policy states they may share your personal information with any of the other 45+ Match Group sites. That’s a lot of personal data you might have thought only going to once place getting shared across multiple dating sites,” the report says.

Secure dating apps get gold stars

Mozilla researchers say they “love Lex because they seem to collect as little data on their users as possible”, something that appears to be uncommon in the dating app world. However, it’s still unclear what Lex does with data if users delete their account.

Happn is also whitelisted, although the report mentions instances in 2017 where the location-based dating app leaked users’ Facebook information. The third and final app deemed ‘not too terrible’ is eHarmony, scoring points for “being one of the better mainstream dating apps when it comes to privacy and security.”

Prying eyes: spying sextech

Smart sex toys were split 50/50 on the Mozilla report, with half of those included regarded as ‘needing improvement’ in terms of security. Among these was sex robot brand RealDollX, which Mozilla claimed there was “too little information” around to be able to trust its privacy measures.

Sex toys to vibe with

Lovense, Kiiroo and We-Vibe received praise from the report, for “not selling user data”, “protecting users’ privacy and security” and “cleaning up their act” respectively.

We-Vibe’s cause for congratulation refers to the $4m payout its parent company Standard Innovation made in 2017 to claimants for tracking usage of We-Vibe vibrators without their knowledge. Since then, it seems as if the company has a much better record regarding privacy.

Why was this report done?

The Mozilla Foundation is a non-profit that “works to ensure the internet remains a public resource that is open and accessible” to all.

Last year, as part of a restructure due to the economic effects of Covid-19, it abandoned plans surrounding Firefox XR, an open-source project that might have paved the way for more adult VR and AR content, had it been seen through to completion.

After announcing 250 job losses in 2020, the Foundation now looks to be aligning itself more with activism – campaigning on internet privacy issues, for example – than its Web development work.

While it’s no doubt a good thing that the Mozilla Foundation has added sextech to its mass buyer’s guide for consumer goods (normalising sextech’s place in the Internet Of Things, for one thing), the question still stands whether people really care about it.

With most of the dating apps proving to be a bit of a privacy mess, it doesn’t stop many of us swiping. Perhaps information around the privacy risks needs to be more widely-known, or maybe our online data is just another thing we’re willing to sacrifice for love.

Read Next: How did online dating turn into such a hot mess?