They do a lot more than that. In particular, they take a screenshot of what you’re currently watching at regular intervals and send it to a content recognition server. That way they’re able to tell what every single Samsung owner is watching at any given time and even if you’re watching a show you downloaded or something that’s not on the air. They then sell this data to broadcasters for measuring audience but also to show you ads related to what you’re watching (if you watched ice age, maybe they’ll advertise another animation movie to you). And they also use that data to target you on other devices you own because they’re able to use your tv as a Trojan horse and figure out what other devices are on your network and thus belong to the same person. IIRC they also scan and extract what devices are connected to hdmi ports so they know what consoles etc you’re using to further complete your advertising profile. That was several years ago, I can’t imagine they’ve gotten anything but even more data greedy over time.
A good Samsung tv is an offline Samsung tv. A better Samsung tv is one you don’t own.
> That way they’re able to tell what every single Samsung owner is watching at any given time and even if you’re watching a show you downloaded or something that’s not on the air.
Wait a second, what if I use my TV as a monitor for my PC?
...And doing all kinds of business confidential work for my employer or government ... and also looking at PII,financial,medical data of my own including SSNs and whatnot.
They take I think 30 pixels across known positions on the screen and that’s apparently enough to recognize content without being able to look at your confidential data.
it's not a screenshot, they sample pixels and get essentially a CSV of the pixel values at several locations. There's then a content database with frame by frame values for those pixels for all the content in the database.
Sending a screenshot would use too much bandwidth/data on Samsung's side, but a couple dozen bytes every few minutes would not.
> This is gonna be some hefty GDPR fines in Europe.
I keep hoping this is gonna be the case, but the years roll on, I'm still clicking some stupid consent-popup on every single website I ever visit, and in the meantime TV manufacturers continuously spy on their users, sell their user-data, and push unwanted ads into their interface and even in programs being watched, and apparently no-one (apart from a few of us on HN) seems to care.
>noyb uses best practices from consumer rights groups, privacy activists, hackers, and legal tech initiatives and merges them into a stable European enforcement platform. Together with the many enforcement possibilities under the European data protection regulation (GDPR), noyb is able to submit privacy cases in a much more effective way than before. Additionally, noyb follows the idea of targeted and strategic litigation in order to strengthen your right to privacy. We will also make use of PR and media initiatives to emphasize and ensure your right to privacy without having to go before court. Ultimately, noyb is designed to join forces with existing organizations, resources and structures to maximize the impact of GDPR, while avoiding parallel structures.
For what it's worth, at least on my Swedish model, this seems to be gated behind an opt-in (default off!) consent toggle. It was buried in several layers of menus, and not even mentioned during the setup process.
So I would assume that this is mostly an issue in non-GDPR regions (or they're doing some really ugly legal shenanigans to ignore the denied consent?).
> Legitimate interests is most appropriate as a lawful basis where companies use personal data in a way that individuals can reasonably expect. If it impacts individuals, it can still apply if the controller company can justify there is a compelling reason for the impact the processing will have.
> Companies can rely on legitimate interests for marketing purposes if they can prove that the data usage is proportionate and fair to the user. It must have a minimal impact on the user in privacy terms and be for a reason that people would not be surprised at.
Sadly I would reasonably expect Samsung to sell the data and I would not be surprised by it.
It depends. For that to be on the radar, in most countries you have to contact Samsung and come to a solution with them (or try to) first. Then you have to argue with them about whether or not their anonymisation (which they will surely claim to do) is sufficient. Then when you forward the request to the gdpr institution of your country, you must make reasonable for them why you feel that your request for them to fix it has not been honoured.
Naturally this is a process most people do not feel like going through, and as such most companies continue flying under the radar :)
IIRC it doesn't actually send the content, just a hash of it that can be checked against popular channels or on-demand content. So text contained within a screen wouldn't be identifiable.
If we are talking about what aboutisms what about if they didn't send screenshots and then they were hacked and an attacker deployed a new update that spied on everyone.
Also true, which is why they shouldn't be allowed to join any old wifi network and not try to workaround firewall policies on the network the user wants them on.
That's an entirely different issue, but yes, automatic updates are an attack vector. But that's another step that would need to be performed by an attacker, rather than already having the images available without designing custom firmware.
My point is that making up theoretical situations is not useful. You can make up theoretical situations where it's bad with it and I can make up theoretical situations where it's bad without it.
> Data ceases to be personal when it is made anonymous, and an individual is no longer identifiable. But for data to be truly anonymized, the anonymization must be irreversible.
Examples of PII:
A cookie ID.
Internet Protocol (IP) address
Location data (for example, the location data from a mobile phone).
The advertising identifier of your phone.
> (30) Natural persons may be associated with *online identifiers provided by their devices*, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.
Device Identifiers explicitly covered as a definition of GDPR. Further, IPs are also shared if you are behind an ipv4 gateway and these are also covered.
The difference is that the TV manufacturer has to clue who owns a specific tvid. The whole point of personable identifiable information is that you can use it to find the identity of someone. There is no registry somewhere that keeps track of this.
A good Samsung tv is an offline Samsung tv. A better Samsung tv is one you don’t own.