Opinion

Eroding Trust: How New Smart TV Lacks Privacy by Design and Transparency

A year ago I got a new Samsung DVD player for Christmas. It’s a lovely device that I use most every day—mostly for streaming video from Netflix and Amazon. I apparently can also make Skype calls from it, though I haven’t tried — I’m told there are hundreds of other applications out there, so I’m probably underutilizing the device. But I’ve recently wondered—does Samsung log what I do on the player? Does it send information about my viewing back to Samsung. I . . . I guess I have no idea.

Last week, UK blogger Doctorbeet revealed that his LG Smart TV was reporting back to LG every time he changed the channel. It was also scanning all shared files on his home network and sending a running tally of those back to LG as well. The company allegedly offered an opt-out of “Collection of watching info” in its options menu, but apparently toggling the opt-out didn’t actually do anything. Oh, and all the data was unencrypted, so someone else with access to the network could see the information in the clear. Not the sort of story you want to come out just before Black Friday.

LG initially dismissed the concerns with a curt response to Doctorbeet saying, “you accepted the Terms and Conditions on your TV.”  But once the story started to get mainstream attention, the company backtracked and said they were looking into the situation. Earlier this week, they announced they were going to fix the problem: After the next firmware update, the opt-out for the collection of TV watching data will work, and LG will turn off the collection of shared file names altogether.

Is an opt-out enough?

That’s a start, but LG shouldn’t stop there. First of all, should home appliances be monitoring consumers and reporting everything back to manufacturers by default? Certainly, other interconnected devices don’t do this today. Your computer doesn’t report back to Lenovo or HP everything that you do. Your phone doesn’t report everything back to Motorola or Apple. When I buy a TV, I’m not typically looking for a relationship with LG or Samsung: I may appreciate additional “smart” capabilities like connecting to Skype or the web, but my TV is a platform for me to access others’ content—it’s not a destination in itself.

Last year, the U.S. Federal Trade Commission (FTC) held a workshop on comprehensive monitoring by intermediaries like ISPs, devices, browsers, operating systems and, sure, TVs. As the CDT noted in our comments after the workshop, this sort of monitoring is particularly invasive. First, it’s comprehensive—it monitors how consumers use all the various services accessed through that intermediary (such as websites, apps or here, TV channels). Second, it’s out of context—you’re trying to connect with other services, not the platform itself. Consumers expect the intermediary to act as a pass-through on their behalf (especially when they’ve paid for it!), not as a man-in-the-middle that monitors all that you do.

We’ve argued for years that intermediaries and platforms should only monitor their customers on affirmative opt-in basis absent a compelling operational necessity (no, showing behavioral ads doesn’t count). We think that should be the case for Smart TVs as well. The FTC has previously said that this sort of comprehensive monitoring without informed choice is illegal; LG is treading in dangerous legal territory if it’s engaging in similar practices. Hopefully their privacy team, assuming they have one, is voicing such a concern. Are they not being heard? If not, this might not bode well for the company.

Can we even tell what LG’s data practices are?

If LG wants to make a pitch to consumers about how it can use their data to offer better services, I say: Go for it! Google, for example, does this for Chrome—it tries to convince Chrome users to sign in to sync bookmarks and settings across devices. But that’s not what’s happening here.

In fact, it’s really hard to tell exactly what LG is doing. We only know about the data collection in the first place because a blogger decided to watch the traffic going out of his home router. LG updated their privacy policy with a brief response to the controversy, but the explanation is utterly cryptic. First, LG bluntly states that viewing history is not personal information. This seems to rely on an outdated concept of personal information—if the company is logging viewing information by device ID or IP address, which could later be tied back to a particular household, most people—and regulators—would recognize that as personal information.

The company also variously says that it collects information “to deliver more relevant advertisements” but also that “LG does not, or has ever, engaged in targeted advertisement using information collected from LG Smart TV owners” [sic]. I’m not sure how to parse that. Perhaps the company isn’t logging IP or device address at all and is just aggregating usage numbers on the fly; they then serve targeted advertisements based on generalized data about how people are using their TVs. That might be perfectly defensible from a privacy point of view. If the channel viewing is immediately de-identified or aggregated, perhaps the data collection by default—or even without choice at all—is OK. On the other hand, perhaps the company is logging everything by unique household—including TV watching, web browsing and other TV app usage—and storing it forever, in the hope that Big Data will happen.

Right now, we have no idea, and that’s a big problem.

And now, LG has a pretty big PR issue on their hands that could have been avoided if privacy had been designed into the TV from the start. Transparency from the beginning would certainly help engender trust, too. Instead, the company is on the defensive, issuing contradictory statements every couple of days, and desperately hoping the issue just goes away.

The increasing prevalence of interconnected, smart devices—the Internet of Things—certainly present challenges for how to contextually let users know how they’re being monitored and by whom. But even setting aside the question of how to provide actionable—and not just annoying—real-time notice, consumers absolutely must be able to find this information somewhere. I’ve spent much of the last several days trying to figure out what LG Smart TVs collect and transmit to LG, and I still have no clear idea. (LG has not responded to multiple requests for more information.)  Even aside from LG’s confusing response to the Smart TV allegations, its privacy policy language is vague and inscrutable, and simply reserves broad rights over what it deems to be non-personal information. (I checked Samsung’s as well to compare—I would guess from this language that they’re not monitoring Smart TV—or DVD player—usage, but I’m not sure.) LG previously hosted a promotional video for a new “Smart Ads” product that promised the ability to link LG Smart TV data to data from LG phones and even LG refrigerators as well (the video has been pulled from the site but it’s been saved for posterity here).

Is LG doing any of these things today? Or have they stopped collecting data entirely in response to the controversy? Since I started writing this blog post, the privacy policy has been revised again and now makes no mention of the Smart TV data collection. Is it different in the U.S., the UK or the rest of Europe? I honestly can’t tell you.

And now, LG has a pretty big PR issue on their hands that could have been avoided if privacy had been designed into the TV from the start. Transparency from the beginning would certainly help engender trust, too. Instead, the company is on the defensive, issuing contradictory statements every couple of days, and desperately hoping the issue just goes away. LG would have been better served with an affirmative privacy strategy developed by privacy professionals—instead of an inchoate data play optimistically pushed by marketers. And even if it did make bad decisions in the past, the company should acknowledge the full extent of the issues to preserve trust, while taking steps to address all the consumer privacy issues I’ve mentioned above. Preferably in time for Black Friday!

Privacy in an interconnected home

The Supreme Court has repeatedly held that people have heightened privacy interests in what happens within their home—even over information that is technologically observable by others. We have “Peeping Tom” laws for the same reason—just because someone has a means to watch what you’re doing in the home doesn’t mean they should. Smart devices have the potential to do amazing things for consumers—smart, automated cars cannot get here fast enough—but it’s paternalistic to assert that those smart devices must be allowed to secretly surveil consumers without understanding them or contrary to their wishes.

Good security and internal accountability are necessary—but not sufficient. Consumers are the ones who pay for the products—they should be the ones in control. Unfortunately, today, we rarely even have access to the necessary information in order to make rational decisions. That needs to change.

photo credit: djLicious via photopin cc

More from Justin Brookman

About the Author

Justin Brookman is the Director of Consumer Privacy at the Center for Democracy & Technology (CDT). Prior to joining the CDT in January 2010, Brookman was chief of the Internet Bureau of the New York Attorney General's Office. Under his leadership, the Internet Bureau was one of the most active and aggressive law enforcement groups working on Internet issues, and Brookman brought several groundbreaking cases to protect the rights of online consumers. Brookman previously worked as a litigation associate for six years at Fried, Frank, Harris, Shriver & Jacobson LLP in both its New York and Washington offices.

See all posts by Justin Brookman

Comments

  • December 05, 2013
    Mr Paul
    replied:

    Your links to the LGTV policy policy are for its website policy, which is explicitly not relevant to the TVs.  Or is it?  The document is self-contradictory about what it applies to!

    The first line states:
    “This privacy policy applies only to the websites and services controlled by LG Electronics USA Inc…”

    But then, under section A, it states
    This privacy policy applies only to information collected on the Sites and does not apply to information collected by LGEUS through any other means.”

  • December 26, 2013
    xxxixmmii@gmail.com
    replied:

    I need serious help. I’m being monitored, my 13 year old, my husband. He’s in every pc, modem, cell, smart tvs, and more. ...I need help. I have evidence please help

  • March 16, 2014
    Andrew James
    replied:

    Well said Justin but let me expand on LG getting all the bad press when it comes to spying please.

    Samsung TVs are even worse than LG when it comes to spying and I did try to put the word out using Twitter but it now seems that twitter take bribes to silence people and most the tweets never got out as can be seen if you open a second twitter account and check

    Samsung is a few steps ahead of LG when it comes to spying and the way that I captured the data was to hijack the DNS server to force my Samsung TV to use a proxy server.

    As soon as you switch a Samsung TV on it connects with Korea and uploads the TV’s unique MAC address and then connects to Google,Twitter plus others and sends them a user-agent in the HTTP Request so that they know that a Samsung TV is connecting to them and they also know your IP address.

    All Google,Facebook need to do now is contact Samsung with the IP and Samsung can give them your name, address and anything else they know about you because they guarantee the TV and have your details.

    This all happens within a second of you switching your TV on and with no apps running.

    It gets worse and Samsung uses SSL to upload information but they don’t use the usual HTTPS CONNECT but instead open a connection and listen for a reply without using the usual handshake.

    These TV’s also scan your network using various protocols like SDDP:1900 to access drives and machines plus an odd one using port 7676.

    No wonder Samsung did not build the option of using a proxy server into these TV’s because that would make it too easy to spot that Samsung is doing evil.

    What’s strange is that when you do a Google for “TV spying on people” all that Google brings up is links about LG TV’s as if no one in the world knows about Samsung so maybe good PR is the price Google pays Samsung for having these TV connect to Google and in return Samsung gives them your details free of charge.

    I could go on but the post would end up being bigger then the blog.

    Best Regards

     

To post your comment, please enter the word you see in the image below:

To post your comment, please enter the word you see in the image below:

Get your free study guide now!
Get your free study guide now!