Your TV is Not a Spy, Big Brother is Not in Your Living Room, and Yet, Without the Power to See Through Your TV, You Still Aren’t Safe By Michael Pepper

Your TV is Not a Spy, Big Brother is Not in Your Living Room, and Yet, Without the Power to See Through Your TV, You Still Aren’t Safe

By Michael Pepper

First off, anybody who wants to use the voice recognition features of a smart TV should not be outraged that the TV is listening to them—there can be no voice recognition without a voice to recognize. Comparing a television keeping its passive microphone on to wait for the phrase “Hi TV” so that it can process commands[1], a feature you paid for, to an Orwellian dystopian future is outrageous[2].

However, consumers deserve, and may be entitled to, demonstrable transparency with respect to how their speech is analyzed, stored, and used. At this point, Samsung has not delivered this. Samsung has recently come under fire because of its privacy policy for its SmartTVs: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.”[3] What Samsung’s privacy policy provides fair warning against is exactly the problem that reveals Samsung and other electronics companies are not doing nearly enough to protect personal data, and, in the worst case scenario, may reveal that no company feels the pressure to actively safeguard against massive misappropriation.

The “third party” mentioned in Samsung’s privacy policy is Nuance Communications, Inc.[4] The voice commands are transmitted from the TV microphone to Nuance’s servers, which sends back the appropriate command to the TV.[5] This is simple enough and very similar to how most voice recognition, like Apple’s Siri, works with sending voice commands to external servers for comparison.[6] However, Nuance “has its own privacy policy that TV users suddenly become subject to if they utilize the on-board voice recognition feature.”[7] This is where the danger lies. The voice commands and the speech have been reasonably recorded, but they have now been sent to a third party, where consumers are in the dark about what they have implicitly agreed to just by using a feature that came with their TV. Who knows what that third party can then do? Are consumers really protected once their personal speech has left the living room?

Samsung’s answer: yes, because of “industry-standard security safeguards and practices, including data encryption, to secure consumers’ personal information and prevent unauthorized collection or use.”[8] This quote comes from a blog posted by Samsung in response to the outcry against its SmartTV.[9] Interestingly, it goes into some good detail about how voice recognition actually works and discusses how one may disable voice recognition.[10]

Despite all the technological details, Samsung remains vague on one key point: what are “industry-standard security safeguard[s]”?[11] It is unclear what these safeguards are, how they are implemented, how their compliance is overseen, and how, if at all, they really prevent unauthorized use. “Data encryption” is the singular example of a safeguard. What does this entail? Is it encrypted only in transit from the TV to Nuance? Is it separately encrypted at Nuance? How strong is the encryption? As Senator Al Franken wrote in memos sent to Samsung and LG, “It remains unclear, however, how this data is treated after it is captured . . . Whether [third parties] cooperate with Samsung to ensure the protection of this highly sensitive information.”[12] The questions of how consumer data is transferred, to whom is it transferred, and how it is used could be endless, yet at this point there are no clear answers, and there is little indication that any electronics company wants to transparently set the record straight. Without the power to see through your own TV, the paths your data travels and the places it arrives are anybody’s best guess, and companies like Samsung need to do more than vague descriptions of protection and privacy policies.

Why should they have to? Senator Franken offers a seemingly personhood-related justification: “Consumers must be able to make informed decisions about whether and with whom they share that information . . . And they must be assured that when the information is shared that it will receive the utmost protection.”[13] This seems common sense: it is your info, and you should be able to knowledgably determine where it goes. Also, the pervasiveness of the internet may require greater protection of a constitutional, albeit minimal, right to informational privacy to curtail impermissible dissemination of personal data.[14] Further, Federal Trade Commission chairwoman Edith Ramirez is particularly concerned with the enormous risks posed to user privacy and security  “without businesses adopting security by design; engaging in data minimization rather than logging everything they can; and being transparent about the data they are collecting — and who else they want to share it with . . . .”[15]

There are not enough safeguards in place to protect the personal information once it has been reasonably recorded, there is not enough transparency provided to consumers so they can see for themselves where their data is going, and there are no incentives in place for companies to be any less opaque. Furthermore, as one author describes, these problems represent the struggles “to achieve such rigorous privacy standards on the current Internet,” and the internet is just going to keep growing and growing at a pace likely much faster than our lawmakers.[16] The Samsung SmartTV is just a singular example that the law has failed to keep up with the proliferation of technology into every facet of our daily lives and adequately protect our information’s privacy, and indicates the dangers as we approach the critical mass of connected devices.

[1] Caleb Denison, You Can Stop Whispering: Your Samsung Smart TV Isn’t Spying On You, Digital Trends (Feb. 9, 2015), http://www.digitaltrends.com/home-theater/samsung-tvs-arent-spying-eavesdropping-listening/.

[2] See Jared Newman, Shhh! Your Smart TV is Eavesdropping On You, TechHive (Feb. 9, 2015, 8:43 AM), http://www.techhive.com/article/2881653/shhh-your-smart-tv-is-eavesdropping-on-you.html.

[3] Samsung Privacy Policy–SmartTV Supplement, http://www.samsung.com/sg/info/privacy/smarttv.html.

[4] Stephanie Mlot, Samsung: Our TVs Are Not Listening to Living Room Chatter, PC Mag (Feb. 10, 2015, 5:50 PM), http://www.pcmag.com/article2/0,2817,2476583,00.asp.

[5] Id.

[6] Andrew Nusca, How Apple’s Siri Really Works, ZDNet (Nov. 3, 2011, 9:00 PM), http://www.zdnet.com/article/how-apples-siri-really-works/.

[7] Natasha Lomas, Today in Creepy Privacy Policies, Samsung’s Eavesdropping TV, TechCrunch (Feb. 8, 2015), http://techcrunch.com/2015/02/08/telescreen/.

[8] Samsung, Samsung Smart TVs Do Not Monitor Living Room Conversations, SamsungTomorrow (Feb. 10, 2015), http://global.samsungtomorrow.com/samsung-smart-tvs-do-not-monitor-living-room-conversations/.

[9] Id.

[10] Id.

[11] Id.

[12] Stephanie Mlot, Senator Probes Samsung, LG Over Smart TV Privacy, PC Mag (Feb. 12, 2015), http://www.pcmag.com/article2/0,2817,2476661,00.asp.

[13] Id.

[14] See generally Elbert Lin, Prioritizing Privacy: A Constitutional Response to the Internet, 17 Berkeley Tech. L.J. 1085, 1091-118 (2002).

[15] Natasha Lomas, What Happens to Privacy When the Internet is in Everything?, TechCrunch (Jan. 25, 2015), http://techcrunch.com/2015/01/25/what-happens-to-privacy-when-the-internet-is-in-everything/.

[16] Id.

Advertisements

One thought on “Your TV is Not a Spy, Big Brother is Not in Your Living Room, and Yet, Without the Power to See Through Your TV, You Still Aren’t Safe By Michael Pepper

  1. درمان دیابت March 6, 2015 at 2:42 am Reply

    Your site is so interesting that I’ve introduced your website to my friends so they can benefit from the information your site.
    I’m sure a few days once I will head back to your site.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: