PRISM schmizm. The NSA’s got nothin’ on LG.
Article by Pam Baker in FierceBigData
Emphasis in red added by me.
Brian Wood, VP Marketing
LG caught red-handed spying on viewers via Smart TVs
Jason Huntley, U.K. ICT consultant, accidently discovered his LG Smart TV was sending extensive information about his viewing habits to the Korean manufacturer. He gives a full account of the unsettling details in his DoctorBeet’s Blog. Readers should consider carefully what this means to them beyond using LG or other brands of Smart TVs.
“After some investigation, I found a rather creepy corporate video advertising their data collection practices to potential advertisers,” he writes.
Interestingly, LG has taken down the “creepy corporate video” that Huntley linked. But the most disturbing of the samples Huntley gave in his post of what the video said was this:
“Furthermore, LG Smart Ad offers useful and various advertising performance reports that live broadcasting ads cannot. To accurately identify actual advertising effectiveness.”
Now, how could LG possibly “accurately identify actual advertising effectiveness” unless they can see more than your TV viewing habits? But how can a TV see what you buy online, say? One way might be spying on your entire home network which includes your desktop computer and mobile devices. After all, a smart TV is plugged directly into your network. It’s not inconceivable that the device could snoop your entire network once connected.
Huntley details his investigation into what data his TV was transmitting.
“It was at this point, I made an even more disturbing find within the packet data dumps,” he writes. “I noticed filenames were being posted to LG’s servers and that these filenames were ones stored on my external USB hard drive. To demonstrate this, I created a mock avi file and copied it to a USB stick. This file didn’t really contain ‘midget porn‘ at all, I renamed it to make sure it had a unique filename that I could spot easily in the data and one that was unlikely to come from a broadcast source. And sure enough, there it was…”
“My wife was shocked to see our children’s names being transmitted in the name of a Christmas video file that we had watched from USB,” he adds. “Information appears to be sent back unencrypted and in the clear to LG.”
Perhaps most disturbing of all was what he found on the so-called opt-out feature:
“In fact, there is an option in the system settings called “Collection of watching info:” which is set ON by default. This setting requires the user to scroll down to see it and, unlike most other settings, contains no ‘balloon help’ to describe what it does.”
He discovered that even when he opted-out, the data was still transmitted.
I own a LG Smart TV and I’m very upset to discover that while I thought I was buying a personal TV–an expensive one too!–I was in fact funding LG’s spying operation. That’s a pretty slick, ballsy move to make consumers buy and install the equipment a manufacturer needs to spy on them.
Fortunately, Huntley offered a fix:
“So how can we prevent this from happening? I haven’t read the T&Cs but one thing I am sure about is that I own my router and have absolute jurisdiction of any traffic that I allow to pass, so I have compiled an initial list of internet domains that you can block to stop spying and advertising on TVs that we, as customers have actually paid for.
This will free you from seeing ads plastered on your screen and having your viewing habits monitored, whilst it should still allow firmware updates to be applied.”
According to a report in Tom’s Guide, LG has finally admitted that opting out is not opting out. LG also promised to provide a firmware update to rectify this.
Personally, I’ll stick with Huntley’s fix at least until I can figure out how to disable the TV’s data collection and transmission capabilities.
Expect a new industry to arise soon in privacy protection which will likely include user-friendly data transmission detectors, signal scramblers, mods, advanced filters, code disruptors (a new kind of anti-virus aimed at manufacturers’ coding) and other means for consumers to protect themselves from the items they own.