Pretty sure that Samsung does very similar things. I've been interested in actually capturing outgoing pcap data for this purpose. Looks like I have a new project to add the pile.
One thing that I'd treat as a "tell" for how invasive Samsung's tracking is: how hard is it to disable the Smart TV functionality?
For example, can you disable the wireless interface, or will it keep asking you to connect it to the internet? Does the TV itself ask you to agree to a EULA?
I've been interested in the Samsung hardware, but only as a Dumb TV. This kind of data collection is not what I'd want.
Why wouldn't that data be encrypted? All you would see is packets going to specific IP addresses. No way to analyze the contents.
Of course, the data might not be encrypted. Why go thru the effort? Because of the large quantity of data being passed back and forth by almost all Internet connected devices, it's tedious to interpret what's happening even if the flows are completely open.
> The data might not be encrypted. Why go thru the effort?
It's true that a lot of IoT devices communications are not encrypted.
But what concerns me is that they'll start encrypting everything so that we can't analyze what's being transmitted. Not for our privacy but to prevent us from knowing what they're doing.
I see DNS issues with SmartHub, etc.. but I don't see anyone suggesting that Samsung is capturing image data and sending it back? Not saying they aren't, but as an owner of two Samsung TVs, I'd be interested in any real evidence of them doing this type of thing..
However, as far as anyone has shown, that audio data is only when the user uses the voice functionality on the TV. They just were bad about encryption, but to use voice search, it made sense that they were sent data. That is remarkably different than recording image data every second from every television and sending that back.
Not saying it's the same, just saying it's a potentially questionable (re privacy) thing Samsung has already been caught doing.
Not sure if they were selling any of those data, anonymized or not, either.
edit: It's also worth pointing out that while technical people (e.g. us) may see voice recognition tech and immediately suspect that it involves phoning home, most people probably have no idea that anything of what they say is leaving their living room.
It's in the privacy/TOS section on the Samsung TV I bought from Costco 3 months ago.
"Interest Based Advertisement. Samsung provides the ability to obtain and view interactive and interest based advertising on your Smart TV. Interest based advertisements will rely on your TV viewing history and Smart TV usage information. Your viewing history includes information about the networks, channels, and programs viewed on your Smart TV and the amount of time spent viewing them. We may use automatic content recognition (ACR) and other technologies to capture this information."
It is opt-out, and it's buried a couple levels deep in the menus.
For example, can you disable the wireless interface, or will it keep asking you to connect it to the internet? Does the TV itself ask you to agree to a EULA?
I've been interested in the Samsung hardware, but only as a Dumb TV. This kind of data collection is not what I'd want.