New privacy guidance after air fryer spying fear

The makers of air fryers and other smart home appliances have new guidelines around what information they can collect from people's homes.

The Information Commissioner's Office (ICO) released the guidance today after an investigation by Which? revealed in December that some air fryers, smart TVs and smartwatches are collecting data on their owners. "In our increasingly connected world, we shouldn't have to choose between enjoying the benefits of smart products and our own privacy," said Stephen Almond, executive director for regulatory risk at the ICO.

"We all rightly have a greater expectation of privacy in our own homes, so we must be able to trust smart products are respecting our privacy, using our personal information responsibly and only in ways we would expect." Three air fryers, made by China's Xiaomi, Tencent and Aigostar, recorded audio on their owners' phones for no specified reason, according to the Which? study. The Aigostar and Xiaomi fryers also sent personal data to Chinese servers, although this was flagged in the privacy notice supplied with the product.

"Whether it's an air fryer that wants to know your exact location, or a smartwatch app that listens while you sleep, it's clear that some companies have been pushing the boundaries of what's acceptable on privacy," said Andy Laughlin, a tech expert at Which?, in response to the new rules. "ICO's much-needed guidance marks an important first step towards ensuring consumers can have confidence when buying smart products for their home - but this must be backed by effective enforcement, including against companies that operate abroad." Read more from Sky News:First woman to head MI6Dig for remains of 800 infants begins Four out of five people in the UK are thought to own at least one smart appliance, according to research by TechUK, and the new guidance is designed to protect them from disproportionate surveillance.

The ICO says manufacturers and developers must "adopt a data protection by design and default approach". This means considering data protection while the appliance is being designed and then all the way throughout the lifecycle of the product.

The ICO recommends a series of questions developers should ask themselves including: "Do you need to use personal information?" Smartwatches and fitness trackers are also included in the new guidance, with the ICO warning information like a user's BMI or fertility counts as special category data and should be treated with extra caution. Which?'s investigation found the Huawei Ultimate smartwatch requested nine "risky" phone permissions - the most of all the devices in the study.

"Risky" permissions generally include knowing the user's precise location, the ability to record audio, access to stored files or an ability to see all other apps installed. Huawei said all of the permissions it asks for have a justified need.

There is no suggestion of illegal behaviour by any of the companies mentioned in the study. "We want to help organisations get this right from the start - but we are ready to take action if necessary to protect people from harm," said Mr Almond.

"When you bring a new smart product into your home, you can feel confident that we have your back.".