Smart TVs raise privacy concerns

Consumers may want to consider other options, like home theater PCs, that are less aggressive gathering personal data

Reports that new Samsung TVs can capture personal information with their voice recognition feature has sparked concern about what critics perceive as digital spying by so-called smart devices.

Last week, online magazine The Daily Beast spotted wording in Samsung's privacy policy that suggests users should be careful when they speak near their smart TVs. This generated buzz on Twitter and other sites, including comparisons to Big Brother behavior from George Orwell's dystopian novel 1984.

The SmartTV Supplement for Samsung's global privacy policy says that to provide the voice recognition feature, some voice commands may be transmitted to a third-party service that converts speech to text, and that Samsung may also retain these voice commands and texts to improve the technology.

However, the most concerning part appears to be this: "Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition."

Samsung is not the only smart TV manufacturer collecting this type of data. In Samsung's case, users have the option to disable the collection.

In November 2013, the owner of a smart TV made by LG Electronics discovered that the device was collecting information about his viewing habits, even when the "collection of watching info" feature was turned off. Worse, the TV also sent back to LG's servers the names of files stored on external media devices and even network shares.

After his report was picked up by the media, the company issued a firmware update to stop the data transfer if the collection feature was turned off. However, a few months later, it issued a new update that asked customers to accept a revamped privacy policy that gave the company the right to collect viewing, voice and device usage information and to transfer it overseas, to countries with potentially fewer privacy protections.

"You do not have to agree to the Privacy Policy but if you do not, not all Smart TV Services will be available to you," the company's policy says. This effectively forces users to decide between sharing their usage data with LG and having their smart TVs dumbed down.

These increasingly aggressive data collection practices by TV manufacturers, which hope to make some advertising revenue on the side -- the LG policy says the data can be used for personalized advertising -- raise the question of whether smart TVs are really worth the privacy sacrifice, especially when alternatives are available.

Many smart TVs provide less functionality than dedicated home theater PCs (HTPCs) connected to regular TVs. And HTPCs these days are no longer expensive, bulky or power hungry.

For example, a Raspberry Pi can easily be turned into an HTPC by installing OpenELEC, a lightweight Linux distribution designed specifically to turn a computer into a media center.

OpenELEC is built around the popular Kodi (formerly XMBC) open-source home theater software, which supports a wide variety of media formats, streaming and file sharing protocols -- often more than what the media players included in smart TV firmware can handle. It's also extensible and has a large collection of add-ons that provide anything from weather information, to Web browsing, YouTube viewing and even voice control through mobile phones.

If Raspberry Pi is not powerful enough, there are other small alternatives. For example, currently sold for $120, the 2-by-2 inch CuBoxTV packs a quad core ARMv7 CPU, 1GB RAM, a 3D graphics chip, HDMI, USB, Gigabit Ethernet, eSATA and optical audio ports; and an InfraRed receiver for use with TV remote controls. Users can get SD memory cards preloaded with OpenELEC or Android that just need to be plugged in.

Granted, setting up and configuring an HTPC can take more work than simply buying a smart TV and turning it on. However, given TV manufacturers' increased appetite for user data, HTPCs, especially those based on open source software, are a safer choice for those who value their privacy.

Samsung is transparent about its data gathering practices on Smart TVs and provides "meaningful options for consumers to freely choose or to opt out of a service," a company representative said in an emailed statement. "We employ industry-standard security safeguards and practices, including data encryption, to secure consumers' personal information and prevent unauthorized collection or use."

Users can easily recognize when the voice recognition feature is active on a Samsung smart TV because a microphone icon appears on the screen, the representative said, adding that collected voice data is not sold to third parties.

Join the CSO newsletter!

Error: Please check your email address.

Tags LG ElectronicssecuritySamsung Electronicsdata protectionprivacy

More about LGLinuxSamsungSmart

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucian Constantin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place