Update February 7, 2020:
Wacom published a blog post (opens in new tab) in response to the "many questions regarding data collection" prompted by Robert Heaton's report (detailed in our original coverage below). The blog says that Wacom's users have to opt in to sharing the data, which is collected via the Wacom Experience Program that Heaton described. Wacom also said that users can opt out of sharing this data at any time by turning off the Wacom Experience Program inside the Privacy Settings panel in the Wacom Desktop Center app.
Wacom explained that it "collects data through its software driver ... for quality insurance and development purposes only." That data is collected "from time to time" via Google Analytics, which is said to anonymize the information before providing it to Wacom. That way it can view aggregate data without compromising individual users (at least in theory).
"Our development and customer care teams could review across all aggregated users of a product, for instance, the most common function settings for pen buttons (e.g. 'right click' or 'undo') or the most frequently viewed tabs or selected links in the Wacom apps," Melissa Ashcraft, Wacom's director of marketing communications, wrote. "We have no access to personal data. We cannot relate to any specific users as the data are anonymized and aggregated. We do not know who users are as individuals and cannot see what users are creating or doing in third-party software applications."
Original article, February 6, 2020:
Wacom tablet owners might be sharing more information with the company than expected. A software engineer named Robert Heaton reported (opens in new tab) Wednesday that Wacom's driver sent details about every app he opened to Google Analytics.
The driver seemingly recorded when the app was opened too, and the report included a string of characters that could serve as a unique identifier for Heaton's laptop (opens in new tab). That's a lot of information for a drawing tablet driver to collect about a customer's system.
Heaton said he needed to use Wireshark, a popular app among the security-conscious that monitors network traffic, as well as a cybersecurity utility called Burp Suite to piece together the information Wacom's driver gathered to share with Google Analytics.
Wacom likely uses this data to troubleshoot any problems with using its tablets in specific apps. If the company sees that a lot of Wacom tablet owners experience problems after using Adobe Illustrator, for example, it can investigate the issue.
Failing to disclose this information could be a problem, though, and it doesn't exactly inspire confidence even if everything's on the up-and-up. Even the most innocent actions look sketchy when done in secret.
We've reached out to Wacom for a comment on Heaton's findings and will update this post if the company responds.