My TV was spying on me and I didn’t even know it. (More)

When my TV was installed back in early March, I was asked for my internet router information. When I asked why, I was told it was so the TV could download software updates, and so that I could use the apps provided with it. I didn’t even want the apps, but almost all new TVs include them. Still, getting software updates sounded important enough that I gave the tech my information.

Last week a box popped up in the middle of my screen. For such a large screen it was incredibly small and I had trouble reading it. I finally got “You have Smart Interaction activated. Vizio has changed its privacy policy, for details go to” I had exactly one minute to read this and copy the website address before it vanished.

Wondering why the heck I needed a privacy policy on my TV, I went to the website and read it. What I read made me unhappy. They could collect all sorts of personal information, including name, address, e-mail address, and credit card information. And while I could ask to have any data they had collected removed, they could not guarantee that my personal information would be scrubbed from their database.

I promptly found the directions to turn off their Smart Interaction on my TV and then called the number provided on the privacy policy.

My irritation grew when they wanted still more personal information just to talk to me. I refused to go past my name and phone number. That was quite enough. No address, no serial numbers, no model numbers. Just answer my question.

Me: What information are you collecting on me from my TV?

Him: None. It’s just a TV, not a computer.

My irritation turned to anger.

Me: Then why did my TV just tell me to review the new privacy policy which lists it as collecting personally identifiable information, including credit card information, and says it can collect information from all the computers in my house?

The song changed then, of course. Well, they were just collecting info on shows I watched because networks need to know what’s popular and this is the only way they can find out.

Me: Not true. I was a Nielsen Family. Nielsen collected that data with my permission, and what’s more, they paid me for it. But you want to collect it for free and sell it.

Him: Well, this allows us to tailor ads to you and your viewing preferences. It lets us alert you to new shows you might like.

Oh, so now I have a version of AdChoices on my TV?

Of course, they are selling this information which I was unwittingly providing. And of course, they wanted to custom-tailor my ads … and so on. Nielsen at least had the courtesy to ask my permission first, and then pay me for the information they were collecting. What’s more, during the period I was on their program, they offered to pay half of any cost for repairs to my TVs.

But Vizio denied data collection, then assured me they couldn’t reach my computers even though their privacy policy states they can collect personally identifiable information from computers. Even though everything is on the same network. Even though I have a home network that allows everyone connected limited access to other computers.

Hard to believe they weren’t accessing my computers after they denied collecting any information at all.

I paid for a TV. They already made money off me. Now they are collecting and selling data about me? All without telling me unless I read fine print on my screen and then their privacy policy online? And then they deny they’re doing exactly what they’re doing?

Nor am I the first to discover this problem. An IT specialist in England wrote about it on his blog, and was able to track the data being taken from his TV even after he switched off data collection. He had a hard drive connected to the TV’s USB port so that he could watch family videos, and was dismayed to find personal content from the drive being uploaded. When he complained to the manufacturer about it, their response was less than sympathetic:

The advice we have been given is that unfortunately as you accepted the Terms and Conditions on your TV, your concerns would be best directed to the retailer. We understand you feel you should have been made aware of these T’s and C’s at the point of sale, and for obvious reasons LG are unable to pass comment on their actions.

We apologise for any inconvenience this may cause you. If you have any further questions please do not hesitate to contact us again.

Frankly, I object to data being collected by companies without my permission or knowledge. I find it more frightening than the NSA, because the NSA is at least inhibited by regulation and law. But private companies don’t have to answer to anyone about what they do with information about me. I should at least have the right to know it’s happening and to decide whether to consent.

It’s not just data collection. Another researcher found that a TV could provide a gateway to access computers, Skype and video from the cameras and microphones built into the TV:

Assuming the blogger is picking up on behavior common to a significant percentage of smart TVs, it wouldn’t be the first time a traditional consumer device that has been retooled with an Internet connection has been found to present a potential privacy threat. Last year, a researcher uncovered a vulnerability in many Samsung smart TVs that allowed him to remotely take control of devices that were connected to the same local network he was on. From there, he could access USB files and install malicious apps, and use the TV’s microphone and camera to spy on users. Last month, a security researcher demonstrated how to turn a wireless baby monitor made by Belkin into a stealthy and persistent bugging device. This raises an important question about what consumers of these devices can do.

Welcome to Big Brother, Inc.