Eroding Trust: How New Smart TV Lacks Privacy by Design and Transparency
A year ago I got a new Samsung DVD player for Christmas. It’s a lovely device that I use most every day—mostly for streaming video from Netflix and Amazon. I apparently can also make Skype calls from it, though I haven’t tried — I’m told there are hundreds of other applications out there, so I’m probably underutilizing the device. But I’ve recently wondered—does Samsung log what I do on the player? Does it send information about my viewing back to Samsung. I . . . I guess I have no idea.
Last week, UK blogger Doctorbeet revealed that his LG Smart TV was reporting back to LG every time he changed the channel. It was also scanning all shared files on his home network and sending a running tally of those back to LG as well. The company allegedly offered an opt-out of “Collection of watching info” in its options menu, but apparently toggling the opt-out didn’t actually do anything. Oh, and all the data was unencrypted, so someone else with access to the network could see the information in the clear. Not the sort of story you want to come out just before Black Friday.
LG initially dismissed the concerns with a curt response to Doctorbeet saying, “you accepted the Terms and Conditions on your TV.” But once the story started to get mainstream attention, the company backtracked and said they were looking into the situation. Earlier this week, they announced they were going to fix the problem: After the next firmware update, the opt-out for the collection of TV watching data will work, and LG will turn off the collection of shared file names altogether.
Is an opt-out enough?
That’s a start, but LG shouldn’t stop there. First of all, should home appliances be monitoring consumers and reporting everything back to manufacturers by default? Certainly, other interconnected devices don’t do this today. Your computer doesn’t report back to Lenovo or HP everything that you do. Your phone doesn’t report everything back to Motorola or Apple. When I buy a TV, I’m not typically looking for a relationship with LG or Samsung: I may appreciate additional “smart” capabilities like connecting to Skype or the web, but my TV is a platform for me to access others’ content—it’s not a destination in itself.
Last year, the U.S. Federal Trade Commission (FTC) held a workshop on comprehensive monitoring by intermediaries like ISPs, devices, browsers, operating systems and, sure, TVs. As the CDT noted in our comments after the workshop, this sort of monitoring is particularly invasive. First, it’s comprehensive—it monitors how consumers use all the various services accessed through that intermediary (such as websites, apps or here, TV channels). Second, it’s out of context—you’re trying to connect with other services, not the platform itself. Consumers expect the intermediary to act as a pass-through on their behalf (especially when they’ve paid for it!), not as a man-in-the-middle that monitors all that you do.
We’ve argued for years that intermediaries and platforms should only monitor their customers on affirmative opt-in basis absent a compelling operational necessity (no, showing behavioral ads doesn’t count). We think that should be the case for Smart TVs as well. The FTC has previously said that this sort of comprehensive monitoring without informed choice is illegal; LG is treading in dangerous legal territory if it’s engaging in similar practices. Hopefully their privacy team, assuming they have one, is voicing such a concern. Are they not being heard? If not, this might not bode well for the company.
Can we even tell what LG’s data practices are?
If LG wants to make a pitch to consumers about how it can use their data to offer better services, I say: Go for it! Google, for example, does this for Chrome—it tries to convince Chrome users to sign in to sync bookmarks and settings across devices. But that’s not what’s happening here.
The company also variously says that it collects information “to deliver more relevant advertisements” but also that “LG does not, or has ever, engaged in targeted advertisement using information collected from LG Smart TV owners” [sic]. I’m not sure how to parse that. Perhaps the company isn’t logging IP or device address at all and is just aggregating usage numbers on the fly; they then serve targeted advertisements based on generalized data about how people are using their TVs. That might be perfectly defensible from a privacy point of view. If the channel viewing is immediately de-identified or aggregated, perhaps the data collection by default—or even without choice at all—is OK. On the other hand, perhaps the company is logging everything by unique household—including TV watching, web browsing and other TV app usage—and storing it forever, in the hope that Big Data will happen.
Right now, we have no idea, and that’s a big problem.
And now, LG has a pretty big PR issue on their hands that could have been avoided if privacy had been designed into the TV from the start. Transparency from the beginning would certainly help engender trust, too. Instead, the company is on the defensive, issuing contradictory statements every couple of days, and desperately hoping the issue just goes away. LG would have been better served with an affirmative privacy strategy developed by privacy professionals—instead of an inchoate data play optimistically pushed by marketers. And even if it did make bad decisions in the past, the company should acknowledge the full extent of the issues to preserve trust, while taking steps to address all the consumer privacy issues I’ve mentioned above. Preferably in time for Black Friday!
Privacy in an interconnected home
The Supreme Court has repeatedly held that people have heightened privacy interests in what happens within their home—even over information that is technologically observable by others. We have “Peeping Tom” laws for the same reason—just because someone has a means to watch what you’re doing in the home doesn’t mean they should. Smart devices have the potential to do amazing things for consumers—smart, automated cars cannot get here fast enough—but it’s paternalistic to assert that those smart devices must be allowed to secretly surveil consumers without understanding them or contrary to their wishes.
Good security and internal accountability are necessary—but not sufficient. Consumers are the ones who pay for the products—they should be the ones in control. Unfortunately, today, we rarely even have access to the necessary information in order to make rational decisions. That needs to change.
About the Author
Justin Brookman is the Director of Consumer Privacy at the Center for Democracy & Technology (CDT). Prior to joining the CDT in January 2010, Brookman was chief of the Internet Bureau of the New York Attorney General's Office. Under his leadership, the Internet Bureau was one of the most active and aggressive law enforcement groups working on Internet issues, and Brookman brought several groundbreaking cases to protect the rights of online consumers. Brookman previously worked as a litigation associate for six years at Fried, Frank, Harris, Shriver & Jacobson LLP in both its New York and Washington offices.