LG Smart TV Caught Collecting Data On Files Stored On Connected USB Drives

from the if-you-give-a-TV-an-internet-connection... dept

The growing presence of "smart" devices, each one requiring a connection to the outside world, is a bit alarming (Samsung TV zero day exploit, anyone?). The territory still remains largely uncharted and device manufacturers are still pretty much free to decide just how much data these devices will cough up when phoning home.

A blogger (and developer and Linux enthusiast) going by the name of DoctorBeet noticed his newly-purchased LG Smart TV was displaying ads on the "home" screen. He dug around and found more info on an LG corporate page that described the process in cheery let's-sell-some-ads tones.

LG Smart Ad analyses users favourite programs, online behaviour, search keywords and other information to offer relevant ads to target audiences. For example, LG Smart Ad can feature sharp suits to men, or alluring cosmetics and fragrances to women.
The endearingly sexist sales pitch attempting to sell other pitchmen on LG's "smart" ad platform/TV makes it pretty clear that LG's TV is very interested in any "interactions" you have with your device.

What the sales pitch failed to make clear is that LG will be grabbing this behavioral data no matter what.
In fact, there is an option in the system settings called "Collection of watching info:" which is set ON by default. This setting requires the user to scroll down to see it and, unlike most other settings, contains no "balloon help" to describe what it does...

At this point, I decided to do some traffic analysis to see what was being sent. It turns out that viewing information appears to be being sent regardless of whether this option is set to On or Off.
Not only was LG sucking up viewer data, it was sending the data on each interaction completely unencrypted. This isn't necessarily a huge problem if the data collection was limited to the channel watched and for what length of time. But as the increasingly creepy sales pitch above points out, LG also wants "search keywords" and a potentially unlimited amount of "other information."

At this point, LG already has a bit of privacy problem. Sending data on channel selection is one thing. Collecting and sending unencrypted web data like search terms is quite another. And it gets even worse.
It was at this point, I made an even more disturbing find within the packet data dumps. I noticed filenames were being posted to LG's servers and that these filenames were ones stored on my external USB hard drive.
DoctorBeet tested his hunch by mocking up an .avi file that would be immediately distinguishable from any other "normal" traffic. Plugging in a USB stick with the bait (Midget_Porn_2013.avi) into his TV, DoctorBeet soon saw data on his faux porn headed to LG's servers in unencrypted plain text. DoctorBeet (and his shocked wife) also watched his children's names being harvested from the file name of a Christmas video located on another connected drive. [Click picture to open a full size version in another tab.]


The implications of this data collection are huge. As DoctorBeet points out, it's simply an invasion of privacy at best. Who knows what ads LG might serve when faced with a hard drive full of porn? Who knows what it might do if it goes trolling through media files at the behest of publishers, studios and labels? It's not tough to imagine a scenario where "connected" files become bricked because of a perceived lack of license. As we've seen before, companies are seeking to patent methods of utilizing connected devices (like the now-mandatory Xbox "camera") to determine who's enjoying what content for ad-serving purposes/licensing fee extraction.

If nothing else, a "smart" TV shouldn't be gathering, much less sending, file data back home from customers' non-LG devices. The fact that LG does this in unencrypted form is also troubling. The fact that LG does this even when you specifically tell it not to is the sort of thing that becomes the basis for a class action lawsuit.

LG's pass-the-buck response to DoctorBeet's complaints makes everything so much worse.
Thank you for your e-mail.

Further to our previous email to yourself, we have escalated the issues you reported to LG's UK Head Office.

The advice we have been given is that unfortunately as you accepted the Terms and Conditions on your TV, your concerns would be best directed to the retailer. We understand you feel you should have been made aware of these T's and C's at the point of sale, and for obvious reasons LG are unable to pass comment on their actions.

We apologise for any inconvenience this may cause you. If you have any further questions please do not hesitate to contact us again.

Kind Regards

Tom

LG Electronics UK Helpdesk
Tel: 0844 847 5454
Fax: 01480 274 000
Email: cic.uk@lge.com
In other words:
"Sorry" if you misunderstood the Terms and Conditions you were compelled to accept if you wanted to use your new purchase. "Sorry" these same terms and conditions nullified your preferences on sending data without your permission. Oh, and by the way, not our fault -- the helpful people with the name tags at your local electronics store should have been intimately familiar with the Terms and Conditions of our entire product line and ensured that potential customers knew they were purchasing a SPY TV rather than a SMART TV.

If you have any other questions about our intrusive data collections, please don't hesitate to fuck off and die.
LG's representation may not care (at the moment) whether DoctorBeet feels LG's watching him more than he's watching its TV, but as this story continues to spread across the internet, I would imagine its tune will change. And when that changes, hopefully it will alter the Terms and Conditions as well.

People don't implicitly surrender their privacy when they attach a "smart" device to the internet. There are responsible ways to collect data and responsible ways to protect this data and, from what's being shown here, LG is doing neither.



Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Guardian, Nov 20th, 2013 @ 7:46am

    stooooopid

    finished ....next stupid spyware product

     

    reply to this | link to this | view in thread ]

  2. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Nov 20th, 2013 @ 7:47am

    SO? Like Google, you "agree" whether want to or not!

    SPYING IS THE UNIVERSAL "BUSINESS MODEL" OF CORPORATIONS IN THE FASCIST STATE.

    So just try to 'plain why it's okay for Google to spy on ME and everyone all over teh internets without any consent or possibility of stopping it -- and Google's "opt-out" only applies to its direct "services", besides that you don't know whether it's real or not either, besides that just flags you as someone to watch, and how can it know you've "opted-out" unless knows who you are? HMM?

    ALL SPYING IS BAD. Don't try to make examples of other corporations being bad unless include Google and Facebook and other mega-corporations.

    Google is in advertising, not freedom. Advertising is commercial propaganda full of deceit.

    03:46:27[d-117-0]

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    BentFranklin (profile), Nov 20th, 2013 @ 7:48am

    Why does the query URL-encode the digits of "2013"?

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 7:55am

    Let's rewrite that headline

    "LG devices spy on you so that they can sell your private data to marketers, spammers, phishers and pedophiles"

    That's not really a reach: once LG's sold it once, they can't control who will sell it again. I'm sure every potential child-raping kidnapper would just LOVE to know which TVs are tuned into kid shows in their neighborhood.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 7:57am

    Peek behind the curtain

    Snowden awakened the paranoid in all of us. More people need to question and examine everything. Not only consumer electronics, but structures of authority as well.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 7:59am

    Forcing you to accept TOS to use a product should be illegal

    Forcing you to accept TOS to use a product like LG and many others do should be illegal. ESPECIALLY when they update the TOS months or years later and make you agree to them to continue using the product.

    Worse yet here, I'll bet that after the Supreme Court's ruling a few years ago, that LG's TOS state that you aren't allowed to engage in a class action lawsuit against LG and must go into arbitration at your own expense for all disputes, where LG picks the arbitrator (which of course has a heavy incentive to side with LG to get more business).

     

    reply to this | link to this | view in thread ]

  7. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Nov 20th, 2013 @ 8:00am

    I Like Google

    you should too.

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    PaulT (profile), Nov 20th, 2013 @ 8:01am

    Re: SO? Like Google, you "agree" whether want to or not!

    Why do you have to bury your few salient points in paranoid idiotic ranting against one specific entity?

    You almost had some points in your rant on the police article today, but buried it in some half-sane crap about police states, video games and how Techdirt aren't posting the article you think they should be posting. You almost had a point here, but decided to turn it into whining against Google (a company whose main services you've admitted to willingly using despite your supposed objections to their ancillary advertising services).

    If you want to actually get anywhere here without looking like a complete twat, tone it down. LG are clearly in the wrong. Don't defend them just because Tim didn't whine about Google at the same time. Yes, by trying to redirect attention you are DEFENDING this corporation. How do you like that?

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Brazilian Guy, Nov 20th, 2013 @ 8:03am

    A Brand New Marketing Campaign

    (PARODY)
    NEW LG GET SMART TV. The first device joint approved under consumer's privacy normatives by FCC and NSA.
    (/PARODY) - or does it?

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Jerrymiah@sympatico.ca, Nov 20th, 2013 @ 8:07am

    LG SmartTV spying on you

    What do you expect? It looks like LG is run by GCHQ and its affiliate, the NSA. These spies will do anything to know eveything about everybody.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    crade (profile), Nov 20th, 2013 @ 8:11am

    Re: I Like Google

    Or if you don't like em, don't use em.. whats the big deal?

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:13am

    Let me get this straight...the guy sets the data collection setting to OFF, yet the TV still transmits data...AND THAT'S A TOS ISSUE WITH THE RETAILER?

    Are you fucking kidding me?

    My response to LG would've been:

    Dear LG,

    If I set something to OFF, I expect it to be OFF. It is clearly not OFF, as it is STILL transmitting data. As a result, this is NOT a TOS thing. You have a bug, and you need to fix it - you're welcome.

    Sincerely,
    Customer doing your QA testing, since you guys seem to suck at it.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Pixelation, Nov 20th, 2013 @ 8:16am

    Isn't this a violation of the CFAA?

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    gab4moi (profile), Nov 20th, 2013 @ 8:16am

    ahh...

    L...ife's G...ood...

    ...but for who?

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:23am

    Before some stupid law enforcement official says "but if you have nothing to hide", why don't you place cameras in your house and point a camera at all of your televisions and broadcast it on the Internet for everyone to see 24/7.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:23am

    This is likely to turn into a PR nightmare for LG similar to the Carrier IQ catastrophe that the wireless providers faced a little while back. Everybody grab your popcorn.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:24am

    Stop the abuse!!

    The only way to stop the LG NSA inspired personal data collection is...

    No one buys another LG TV, Fridge, Washer/Dryer, phone, or other electronic device

    When they respect their customers then we the people will buy their products. We have the power... let's use it.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:25am

    Re:

    The CFAA doesn't apply to corporations, don't you know. It's only for individuals. You know, that High Court/Low Court thing?

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:27am

    LG have gone over the edge, this is an outright invasion of privacy. This is beyond only collecting information given to them as part of a transaction and trying to get more than needed. Having the TV report channel;s selected is going too far without explicit user permission.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:28am

    LG, An NSA Company.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Baron von Robber, Nov 20th, 2013 @ 8:33am

    New from LG!

    "Yes it's the new Malibar Front LG TV!

    Not only do you watch your new TV in HD, your TV watches you!!

    You! Winston Smith #2059830, why are you not doing your exercises!"

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    Namel3ss (profile), Nov 20th, 2013 @ 8:49am

    Well, I guess I'll just have to...

    tell LG to "fuck off and die". There's other TV companies out there.

    Vote with your wallet!

    And DoctorBeet should return the TV.

     

    reply to this | link to this | view in thread ]

  23.  
    icon
    Namel3ss (profile), Nov 20th, 2013 @ 8:50am

    Oh by the way

    In Soviet Russia, TV watches you!

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    anonymous cow warden, Nov 20th, 2013 @ 8:52am

    In europe the TOS bullshit won't likely be tolerated as much and LG might be in for a nice and costly lawsuit.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:53am

    Re: Forcing you to accept TOS to use a product should be illegal

    I feel the same way about EULAs.

    But forcing a user to accept a ToS to use a product that costs thousands of dollars with no mention of it existing beforehand is just scum.

     

    reply to this | link to this | view in thread ]

  26.  
    icon
    Gwiz (profile), Nov 20th, 2013 @ 8:53am

    Re: Stop the abuse!!

    The only way to stop the LG NSA inspired personal data collection is...


    What about not connecting to it your router? Do these TV's require an always on data connection to function?

    What about using restrictive (whitelist) settings on the router firewall to prevent the phoning home part, but allowing the content access?

    Is this even possible? I only have "dumb" TV's, so I'm curious.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Someantimalwareguy, Nov 20th, 2013 @ 8:55am

    Re: Forcing you to accept TOS to use a product should be illegal

    Let the market decide. If the "thing" tries to make you accept any TOS to use it, take it back and give the sales people a very loud rendition of your opinion regarding the intrusion of the product into your privacy. Do this so loudly that everyone in the store hears you.

    Add to this a very strong, bad review on the product's web page and you can effect the market for the product and perhaps even force the manufacturor to pull back due to the bad publicity and shame...

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:58am

    I said this before about smart devices, connecting as many devices as possible to the internet for nothing more than novelty value has and will always be a bad idea. Even if someone doesn't care for their privacy and would love to install LG spyware on every appliance in their house, the least they could care about is the presumption that they have signed legally binding agreements without any signature being passed on their part.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 8:59am

    I no longer have a tv in house. I don't want one. I've had it to the eyeballs with poor programming, commercials, and reruns. Nor will I have an appliance that connects to the internet, other than a computer.

    It's crap just like this which ensures it will stay that way. BTW, my computer does not have a camera attached, a microphone, nor speakers. It's to the point that yes, you do have to be paranoid as demonstrated by this article.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 9:04am

    surrender or not shouldn't be the issue! LG need ripping up for arse paper over this! what a fucking cheek! they are refusing you the option of buying and using a bloody TV, for Christ's sake, unless you agree to be watched and reported on 24/7! this is another reason that people's privacy should be of paramount importance, not something that can be done away with by whoever feels like it, just to get something extra out of you! there needs to be severe repercussions over this! it's just as bad as being watched all the time by the Government with the added bit in that you can be targeted for various ads and distributions!!

     

    reply to this | link to this | view in thread ]

  31.  
    icon
    DSchneider (profile), Nov 20th, 2013 @ 9:07am

    Re: Re: Stop the abuse!!

    I don't have a smart tv either, but it may be that blocking the site may break some functionality. Even if it were possible, this isn't something that you're average person is going to be able to do. Since we're reading a blog with "tech" in the title most of us here are technically savvy or at least technically aware of things, but do you think your average senior citizen is going to know how to configure their router and setup a white/black list?

    Won't someone think of the Grandparents!

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 9:24am

    Re: ahh...

    Identity thieves?

     

    reply to this | link to this | view in thread ]

  33.  
    icon
    John Fenderson (profile), Nov 20th, 2013 @ 9:34am

    Re: Forcing you to accept TOS to use a product should be illegal

    Nobody has a blanket right to use any particular service, so there's no problem with a service provider requiring you to agree to terms for using that service. If you don't like the terms, don't use the service. Where's the problem?

    However, on this point: " when they update the TOS months or years later and make you agree to them to continue using the product."

    I agree wholeheartedly. Once agreed to, it should be illegal to change the terms of the agreement unilaterally, with or without notice. If the terms need to be changed, then another active agreement form the customer should be required, not simply a notification. If the customer doesn't agree with the new terms, then the customer should be able to cancel the service and be refunded for anything they paid for but haven't used yet.

    If this renders a piece of hardware they purchased less usable, then they should be able to return the hardware for a full refund.

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    I'm_Having_None_Of_It, Nov 20th, 2013 @ 9:34am

    Re: LG SmartTV spying on you

    Er, Jerrymiah, you've got it the wrong way around. I understand that conspiracy-theory-prone Americans are now asserting that Britain is trying to finish what they started 200 years ago.

    Actually, no. Look up Digital Economy Act, Richard O'Dwyer, ACTA, and David Miranda on the search engine of your choice to find out who is really calling the shots. It's not us.

    Now look in the mirror to find the solution. Stop voting the chumps responsible for this state of affairs into office every. Bloody. Time.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 9:36am

    Re: Re: Forcing you to accept TOS to use a product should be illegal

    The market is broken. It's not like there are an infinite number of TV manufacturers out there, there are maybe a dozen, and all of them have the same TOS agreements.

    Oh, and most places will charge you a 10% restocking fee, just to make your little tirade cost something.

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 9:38am

    Re:

    Because that would break copyright laws?

     

    reply to this | link to this | view in thread ]

  37.  
    icon
    John Fenderson (profile), Nov 20th, 2013 @ 9:41am

    Re:

    Emphatically this.

    In the security world, one of the important concepts to increase security is reducing the attack surface. This means presenting the most minimal connection to the outside world possible while still accomplishing what you need to accomplish.

    People need to take this to heart. As a matter of habit, you should have nothing connected to the internet unless you have a really good, solid reason to do so -- and even then, it should only be connected during the time that you actually need to use the connection, not all the time.

     

    reply to this | link to this | view in thread ]

  38.  
    icon
    Nick (profile), Nov 20th, 2013 @ 9:47am

    Why is it the companies we GIVE REAL MONEYS TO in exchange for a product try to get more out of use that they can then sell for MORE MONEYS?

    As an alternative to a smart TV, you can get a dumb TV, a set top box, and load up a FREE open source XBMC that does NOT phone home, does NOT sell your information, does NOT give you shit, and does NOT cost you anything. Oh, and it likely supports way more video formats and codecs than any smart tv out there.

    Why anyone pays big companies anything any more to be spied on just astounds me.

     

    reply to this | link to this | view in thread ]

  39.  
    identicon
    Rich, Nov 20th, 2013 @ 9:55am

    Re:

    My response would be, "Thanks, I will no longer be purchasing LG products."

     

    reply to this | link to this | view in thread ]

  40.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 10:03am

    I won't buy LG in the future.

     

    reply to this | link to this | view in thread ]

  41.  
    icon
    TasMot (profile), Nov 20th, 2013 @ 10:30am

    Re: Re: Stop the abuse!!

    I think more people are going to be calling their local geek to set up blocks to the LG websites similar to ad blocks.

     

    reply to this | link to this | view in thread ]

  42.  
    icon
    Doug (profile), Nov 20th, 2013 @ 10:31am

    Re: Forcing you to accept TOS to use a product should be illegal

    I think consumers need their own TOP, "Terms of Purchase". A contract that spells out what we expect, and what businesses need to do if they want to go beyond. Of course, no one consumer could get anyone to agree to such a thing.

    A large-enough group of consumers could band together, though, and threaten a boycott of any business that won't agree to the terms. If we can find at least one that will, things could change.

    Of course, that "large-enough group of consumers" should actually be represented by *our* government, but as we know the government conceives of itself in an adversarial position with respect to citizens, not as our *representatives*.

    Corporations have the power imbalance: "agree to our (onerous) terms of service" or you get nothing. Consumers should be able to balance that power: "agree to our (hopefully not onerous) terms of purchase" or you get no sales.

     

    reply to this | link to this | view in thread ]

  43.  
    icon
    Sunhawk (profile), Nov 20th, 2013 @ 10:33am

    Re: Re:

    The CFAA doesn't apply to corporations, don't you know. It's only for individuals.


    Individuals like, say, the ones that are in charge of a corporation? ^^

    BTW, my computer does not have a camera attached, a microphone, nor speakers. It's to the point that yes, you do have to be paranoid as demonstrated by this article.


    Indeed. my desktop lacks a microphone or camera (unless I plug one in), myself.

     

    reply to this | link to this | view in thread ]

  44.  
    icon
    TasMot (profile), Nov 20th, 2013 @ 10:35am

    Security by Obscurity - FAIL

    Well, it appears that LG just thought that nobody would ever notice that their TV was spying on them. How about some charges against LG for transmitting the contents of a hard drive that they should be accessing and transmitting. Isn't it great that now we pay for a TV for the company to use to spy on us. At least it used to be that you got a free service in exchange for being watched (one example is Yahoo and another is Google). Now, LG wants you to pay them for the TV, then they get to sell all of your personal info. I think they should have to give me a free TV for that access.

     

    reply to this | link to this | view in thread ]

  45.  
    icon
    Transmitte (profile), Nov 20th, 2013 @ 10:36am

    @Gwiz

    DoctorBeet actually did block the outbound traffic at the hub/router level.

    It was in an article I read yesterday but cannot find it now. Hmmph.

     

    reply to this | link to this | view in thread ]

  46.  
    icon
    Arthur Moore (profile), Nov 20th, 2013 @ 10:45am

    Re: Re: Forcing you to accept TOS to use a product should be illegal

    I agree completely. Unfortunately, the Sony PS3 case shows that the courts do not.

    The PS3 MUST receive firmware updates to play new games. Every firmware update requires the end user to accept the new EULA. If they do not, then the console is useless. They can not even downgrade to the original firmware.

    Worse, this new firmware can remove features. This was the big thing when Sony removed the ability to run Linux on the PS3. The courts found that there's nothing wrong with any of this. You can't even get your money back.

     

    reply to this | link to this | view in thread ]

  47.  
    icon
    Transmitte (profile), Nov 20th, 2013 @ 10:49am

    Here it is from his own blog:

    http://doctorbeet.blogspot.com/

     

    reply to this | link to this | view in thread ]

  48.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 11:01am

    Re: Re: Forcing you to accept TOS to use a product should be illegal

    there's no problem with a service provider requiring you to agree to terms for using that service. If you don't like the terms, don't use the service. Where's the problem?
    It's a TV. How should anyone know it's implicitly accessing a web service? (And even if he knew the "collection" menu item meant "transmission [to LG's service]", the blogger specifically tried *not* to use that service.)

     

    reply to this | link to this | view in thread ]

  49.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 11:12am

    Re: Re: Forcing you to accept TOS to use a product should be illegal

    The problem with letting the markets decide is why should I have to do all this research before buying a relatively cheap product?

    If we decided to go "let the market decide how we deal with polluters" and everyone decided to just pollute anyway to sell cheaper goods, we all lose, especially since businesses can blatantly lie and get away with it (see misleading Comcast commercials claiming cable is faster then Fios according to experts, experts who say Comcast is blatantly lying).

     

    reply to this | link to this | view in thread ]

  50.  
    identicon
    Rekrul, Nov 20th, 2013 @ 11:13am

    Re:

    This is likely to turn into a PR nightmare for LG similar to the Carrier IQ catastrophe that the wireless providers faced a little while back.

    Here's what's going to happen:

    There will be some consumer backlash because of this and LG will probably issue a firmware update that makes the opt out setting actually work. All other TV manufacturers will add similar data gathering to their smart TVs. They will all collect some level of data that you can't opt out of, which the company will assure users is just for statistics. Little by little, the amount and type of data collection that you can't opt out of will expand. People will accept this because no one change will be big enough to make them complain. A decade from now there won't be an opt out setting and smart TVs (as well as other smart devices) will regularly collect and send data on everything you do back to the company.

    They will be able to do this because people will have no other choice if they want to continue watching TV. It will also happen because people will get tired of fighting a never-ending battle against the corporations who are trying to erode their privacy and because enough people simply won't care as long as they can watch the latest Honey Boo-Boo reality crap.

     

    reply to this | link to this | view in thread ]

  51.  
    identicon
    Rekrul, Nov 20th, 2013 @ 11:17am

    Re: Re: Stop the abuse!!

    What about not connecting to it your router? Do these TV's require an always on data connection to function?

    I don't know, but I wouldn't think so. However I wouldn't put it past them to have the TV just automatically connect to any open WiFi network it might stumble across in order to phone home. So it just might connect to your neighbor's WiFi without your knowledge.

    Also, I would think that if you do connect it to the net, but block connections to the LG site, that you would get near constant nag messages complaining that it can't connect.

     

    reply to this | link to this | view in thread ]

  52.  
    identicon
    Rekrul, Nov 20th, 2013 @ 11:18am

    Re: Well, I guess I'll just have to...

    tell LG to "fuck off and die". There's other TV companies out there.

    You think the other TV manufacturers aren't going to do the same?

     

    reply to this | link to this | view in thread ]

  53.  
    identicon
    JEDIDIAH, Nov 20th, 2013 @ 11:18am

    Re: Forcing you to accept TOS to use a product should be illegal

    > Nobody has a blanket right to use any particular service,

    This isn't a "service". It is a Television set.

     

    reply to this | link to this | view in thread ]

  54.  
    identicon
    JEDIDIAH, Nov 20th, 2013 @ 11:20am

    Re: Stop the abuse!!

    > So it just might connect to your neighbor's WiFi without your knowledge.

    Then it would run afoul of those pesky anti-hacking laws then.

     

    reply to this | link to this | view in thread ]

  55.  
    icon
    art guerrilla (profile), Nov 20th, 2013 @ 11:28am

    Re: Re:

    well, that's what i preemptively did...

    am going to be in the market for a teevee after the holidays, and i sent LG an email telling them which brand i will NOT be considering...

    told'em to FOAD...

     

    reply to this | link to this | view in thread ]

  56.  
    icon
    McCrea (profile), Nov 20th, 2013 @ 12:12pm

    Great excuse!

    That is the ultimate fabrication for when your wife asks "Why is Midget_Porn_2013.avi on the flash drive?"

     

    reply to this | link to this | view in thread ]

  57.  
    identicon
    SDF, Nov 20th, 2013 @ 12:29pm

    Attempt to see said Terms and Conditions

    I actually tried to get a copy of these terms and conditions from LG, and found the attempt enlightening.

    Ana: Hello S. Fox. Welcome to LG Electronics U.S.A. Support only. How may I provide you with excellent service today?
    ME: I am trying to find the terms and conditions for the smart tv series prior to purchase, but do not see the information on your website
    Ana: HI
    Ana: What terms and conditions are you referring to ?
    ME: the terms and conditions related to the smart tv software
    Ana: That is not available in the website. That only comes up in the TV when you are setting it up for the first time
    ME: the ones that must be accepted to use the smart tv software, but arent accessible until after purchase of the television, at which point i would be out a restocking fee
    Ana: I can email you the TV warranty statement if you want to
    ME: So if I am unwilling to accept them because i find parts objectionable, is the tv eligible for a full refund?
    Ana: Refunds or exchanges depends of the store policy
    ME: so they must be agreed to in order to use the device, but are not available until after purchase, at which point i may or may not be out of money based off of the retailers policy on returning open-box items.
    ME: is this correct?
    Ana: Yes, you need to agree to continue the TV setup
    ME: Is LG able to provide me these prior to purchase so that I can decide if they are acceptable?
    Ana: No, those are not available
    ME: So I have to accept them to use the product, but they will not be made available to me before I purchase the product. Do you not see a problem with this ?
    Ana: That is right.
    ME: In other words, by purchasing the TV I am entering into a contract that I am not allowed to read.
    ME: Thus am unable to make an informed decision whether to proceed
    Ana: You can check with the distributor what are their policies for return in the event you are not satisfy with the product
    ME: I can state unequivocally that LG has been removed from lists of potential products. I find this lack of transparency to be unacceptable.
    Ana: Thank you for your feedback. I have forwarded your comments to our corporate public relations office

     

    reply to this | link to this | view in thread ]

  58.  
    icon
    John Fenderson (profile), Nov 20th, 2013 @ 12:44pm

    Re: Re: Re: Forcing you to accept TOS to use a product should be illegal

    The TV's behavior was, in fact, authorized by the terms of service. So you could know what the TV was up to by reading it.

     

    reply to this | link to this | view in thread ]

  59.  
    icon
    John Fenderson (profile), Nov 20th, 2013 @ 12:45pm

    Re: Re: Forcing you to accept TOS to use a product should be illegal

    The issue is about the service, not the TV. If you just want to use it as a TV with full privacy, that's trivially easy -- just don't plug it into the network.

     

    reply to this | link to this | view in thread ]

  60.  
    icon
    John Fenderson (profile), Nov 20th, 2013 @ 12:48pm

    Re: Re: Stop the abuse!!

    How so? Connecting to your neighbor's open WiFi isn't hacking by any definition.

     

    reply to this | link to this | view in thread ]

  61.  
    icon
    John Fenderson (profile), Nov 20th, 2013 @ 12:49pm

    Re: Re: Well, I guess I'll just have to...

    Just don't buy "smart" TVs. I honestly don't see the appeal of them anyway.

     

    reply to this | link to this | view in thread ]

  62.  
    icon
    That One Guy (profile), Nov 20th, 2013 @ 1:32pm

    Re: Attempt to see said Terms and Conditions

    That really gets to the crux of the matter I'd say, the biggest problem with TOS's for products is that they aren't presented up front and clearly visible.

    Oh sure the sellers and manufacturers go on and on about how 'You have no cause to complain, it's in the TOS, which you signed', but they knowingly go out of their way to make actually reading said TOS as difficult as possible, burying any important information in legalese, and only actually showing the TOS at all once you've purchased the item in question and gotten it home.

    It's even worse of course with digital stuff, which is increasing in number, as you can't return that, so you either agree to the TOS, and use the product, or refuse, and are completely out the money you paid for it.

     

    reply to this | link to this | view in thread ]

  63.  
    identicon
    PlayNicely, Nov 20th, 2013 @ 1:34pm

    An often stated opinion about this is "let the markets handle it". Even setting aside the fact that the data collection was set to "off" I very much disagree with that sentiment.

    An ideal marketplace relies on good "default" rules of transaction, which means that for example purchasing a certain item does not require any additional terms of service or contractual obligations, certain rules automatically apply. Arrangements like that have served us well in marketplaces we encouter every day (like buying bananas or t-shirts or getting a haircut). Marketplaces where standard rules are uncommon or impossible (like fitness club memberships or telco services) tend to yield undesired results such as hidden fees, arbitrary suspensions of service and so on.

    The current trend towards the latter model (many transactions that used to rely on standard rules increasingly and unnecessarily have their own terms of service now) is one we should not encourage or defend. Many markets are far from the academic ideal and lack the ability to punish such abusive practices.

    Terms of service are very often to the detriment of the customer, lead to more unnecessary litigation and generally decrease a market's performance by obscuring the facts and restricting the customer's ability to punish bad behaviour. The law should discourage the use of terms of service unless it is absolutely necessary. An ordinary TV or a music album should rarely if ever be bundled with custom contractual obligations.

    Instead we should encourage "default" rules for marketplaces that were traditionally dominated by terms of service. For example I see no good reason why it should be impossible to boil down internet access to a few simple standard cases. This would allow case law to accumulate quickly around these few core features instead of being spread out among a multitude of contractual tricks and phrasings.

     

    reply to this | link to this | view in thread ]

  64.  
    identicon
    phils, Nov 20th, 2013 @ 1:38pm

    DoS:

    Connect a small computer [Raspberry Pi, or similar] to your network and program it to constantly send garbage info to the LG address that is set up to receive the spy data.

     

    reply to this | link to this | view in thread ]

  65.  
    icon
    TasMot (profile), Nov 20th, 2013 @ 1:53pm

    Re:

    I like this idea. Something like the SETI system that can set up willing systems to be constantly pumping data (of the useless nature) into their servers while the systems would otherwise be idle.

     

    reply to this | link to this | view in thread ]

  66.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 2:00pm

    Re: Re: Re:

    The CFAA doesn't apply to CEO's of the corporations as they can afford to buy their way out from under it.

     

    reply to this | link to this | view in thread ]

  67.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 2:02pm

    Re: Re: Re: Stop the abuse!!

    Except Carmen Ortiz and Stephen Heymann's.

     

    reply to this | link to this | view in thread ]

  68.  
    icon
    ECA (profile), Nov 20th, 2013 @ 2:03pm

    pAYING FOR PRODUCT

    1. I want the make and model of the unit, I will look it up.

    SO you pay for a Product. $1000.
    And it has some interesting features.
    It can use CERTAIN features that access the internet and NET services..

    I warn people about the IDEA' of a SMART product.
    Its a computer inside..do you have CONTROL over that computer?
    HOW much protection do you have on your HOME computer? TONS? Good.
    And you CANT protect the data in/on that SMART product?
    AND it reads your EXTERNAL DATA FILES???

    SHOOT IT..

     

    reply to this | link to this | view in thread ]

  69.  
    icon
    ECA (profile), Nov 20th, 2013 @ 2:26pm

    Re: pAYING FOR PRODUCT

    http://www.lg.com/us/support-product/lg-84LM9600#

    The Software he is using is optional..Smartshare is run on your computer..
    I would bypass this. Just use a remote keyboard and wonder the net tot he sites you wish..MOST dont need this interface program.

    ALSO..I could NOT find a TOS listed on their site for any of their product.

     

    reply to this | link to this | view in thread ]

  70.  
    icon
    Spaceman Spiff (profile), Nov 20th, 2013 @ 2:47pm

    Sorry LG

    But you just lost all of my business FOREVER! I thought you had some pretty good gear, but this is just beyond the pale! You have just joined your colleague Sony in my "you will NEVER get another penny from me" group of companies...

     

    reply to this | link to this | view in thread ]

  71.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 2:57pm

    Re: Peek behind the curtain

    I agree, Truth to Power.

    Some Snowden revelations might not have been "news" if the media complex would have stopped giving Obama a 5 year tongue bath(quoted from David Burge @iowahawkblog on Twitter) and DONE THEIR DAMN JOBS...

     

    reply to this | link to this | view in thread ]

  72.  
    icon
    John Fenderson (profile), Nov 20th, 2013 @ 3:09pm

    Re: Re: Re: Re: Stop the abuse!!

    The "hacking" that Swartz was being accused of doing wasn't related to the use of open WiFi as such, it was related to accessing a database.

     

    reply to this | link to this | view in thread ]

  73.  
    identicon
    Anonymous Coward, Nov 20th, 2013 @ 4:37pm

    Re: Re: Re: Re: Re: Stop the abuse!!

    The "hacking" that Swartz was being accused of doing wasn't related to the use of open WiFi as such, it was related to accessing a database.

    I think previous poster was referring to the charges connected to allegations that Swartz was abusing the MIT wireless network rules by spoofing his MAC address (or similar).

     

    reply to this | link to this | view in thread ]

  74.  
    identicon
    Mike, Nov 20th, 2013 @ 5:20pm

    Re: Nor will I have an appliance that connects to the internet, other than a computer.

    That's what I said until I determined having electricity was more important and was forced to accept a smart meter.

     

    reply to this | link to this | view in thread ]

  75.  
    icon
    That Anonymous Coward (profile), Nov 20th, 2013 @ 5:25pm

    Remember that time the troll included demands for any 6 Strikes notices sent to an alleged infringer...
    Now LG is building a database of all file names ever connected yo your tv...

    Yep this'll work out fine. o_O

     

    reply to this | link to this | view in thread ]

  76.  
    identicon
    Mike, Nov 20th, 2013 @ 5:32pm

    Re: Attempt to see said Terms and Conditions

    As I remember it, case law settled this with shrinkwrap software. The publisher was being forced to provide the refunds if the store didn't for software without having EULA available at purchase.

     

    reply to this | link to this | view in thread ]

  77.  
    identicon
    Mike, Nov 20th, 2013 @ 5:45pm

    Re: SmartShare

    That's the DLNA interface that allows your devices to share files with each other and is what makes any TV, Blu-Ray player, etc., a "Smart" device. So, do not enable the feature that is the only selling point for a smart product vs. non-smart product?

     

    reply to this | link to this | view in thread ]

  78.  
    icon
    Matthew Cline (profile), Nov 20th, 2013 @ 7:30pm

    Re: Re: SO? Like Google, you "agree" whether want to or not!

    Look, s/he's a troll. If s/he made reasonable points, way fewer people would respond.

     

    reply to this | link to this | view in thread ]

  79.  
    icon
    G Thompson (profile), Nov 20th, 2013 @ 9:33pm

    Re: Re: Re: Forcing you to accept TOS to use a product should be illegal

    That might be the case in the US though the EU, AU, NZ courts see things a LOT different and are bound by consumer laws that actually protect the consumer.

    As for this situation LG most likely have committed numerous offenses under Privacy, Telecommunication Interception, and Consumer Statutes (some criminal some otherwise) in the EU and more definitely in my own country of Australia. In fact it's in the process of now being verified here with LG devices and if correct LG Aust are in for a pile of hurt

     

    reply to this | link to this | view in thread ]

  80.  
    icon
    G Thompson (profile), Nov 20th, 2013 @ 9:38pm

    Re: Re: Re: Re: Forcing you to accept TOS to use a product should be illegal

    not if reading and accepting that TOS was only available After the fact of purchase. a TOS is not a binding contract after the fact.

    And it's Not a service if it is an always ON system that cannot be turned off other than by removing the actual connection to the Internet. You purchase a product for specific purpose based on what is advertised, if that product requires extra structures & consideration after the sale then it is not fit for designed purposes and can be construed as false and misleading. Not in the USA no, but nearly everywhere else that has equitable consumer laws this is the law of the land.

     

    reply to this | link to this | view in thread ]

  81.  
    identicon
    Y U No Use Brains, Nov 21st, 2013 @ 12:26am

    Re: Re: I Like Google

    Oh, you can stop using their products, but you can stop them using their Adsense, Analytics, apis and tracking cookies against you.
    Now, that's the problem.

     

    reply to this | link to this | view in thread ]

  82.  
    identicon
    Spodula, Nov 21st, 2013 @ 1:26am

    public networks..

    The total lack of encryption implies that the people who wrote it dont know or are deliberately ignoring the standard guidelines for sending personal information over public networks. It they are that sloppy while doing the basics, where else is the firmware sloppy?

     

    reply to this | link to this | view in thread ]

  83.  
    identicon
    spodula, Nov 21st, 2013 @ 1:48am

    Re: public networks..

    The thing that just occurred to me however, is, Is the automatic firmware update just as sloppy and not use certificates or just uses trivial verification? If so, you you are precisely one website hack away from bricking it along with every other LG TV

     

    reply to this | link to this | view in thread ]

  84.  
    identicon
    Anonymous Coward, Nov 21st, 2013 @ 3:10am

    Re: Attempt to see said Terms and Conditions

    Hilarious! And nice documentation.

     

    reply to this | link to this | view in thread ]

  85.  
    icon
    That One Guy (profile), Nov 21st, 2013 @ 4:00am

    Re: Re: public networks..

    Massive treasure trove of personal information, lack of any real encryption... nah, I just can't see a hacker ever taking advantage of that. /s

     

    reply to this | link to this | view in thread ]

  86.  
    icon
    Anonymous Howard (profile), Nov 21st, 2013 @ 4:08am

    Re: Re: Re: Forcing you to accept TOS to use a product should be illegal

    Why this procedure reminds me of a dark figure saying the following line:
    "I'm altering the deal. Pray that I do not alter it further."

     

    reply to this | link to this | view in thread ]

  87.  
    identicon
    ryuugami, Nov 21st, 2013 @ 4:54am

    Re: Re: Re: I Like Google

    It may take a bit of work, but yes you can. You can block it in your hosts file, for example. In Firefox, you can install RequestPolicy + Ghostery to block third-party connections (like those to Google) and cookies, respectively.

    It would be nice if all of that crap was opt-in, but at least there are some ways to "opt-out" if you look around a bit. I'll settle for that.

     

    reply to this | link to this | view in thread ]

  88.  
    icon
    Killer_Tofu (profile), Nov 21st, 2013 @ 7:14am

    Re: Re: Re: public networks..

    Like the NSA?

     

    reply to this | link to this | view in thread ]

  89.  
    identicon
    Anonymous Coward, Nov 21st, 2013 @ 8:11am

    Re: Re: Re: Re: Re: Re: Stop the abuse!!

    Yes, that was part of it. They were saying that because they attempted to block him from connecting to the open Wifi network and he reconnected anyway after changing getting a new computer and changing his MAC address, he was violating the CFAA and it constituted "hacking". So according to them connecting an open Wifi network that you aren't given permission to connect to would constitute "hacking."

     

    reply to this | link to this | view in thread ]

  90.  
    icon
    John Fenderson (profile), Nov 21st, 2013 @ 9:18am

    Re: Re: Re: Re: Re: Forcing you to accept TOS to use a product should be illegal

    if that product requires extra structures & consideration after the sale then it is not fit for designed purposes and can be construed as false and misleading


    I agree, and if you can't read the TOS until after the purchase, then return the TV. If they don't accept the return, sue in small claims. There's plenty of precedent for this sort of thing. It would be an easy win.

     

    reply to this | link to this | view in thread ]

  91.  
    icon
    John Fenderson (profile), Nov 21st, 2013 @ 9:20am

    Re: Re: Re: Re: Re: Re: Re: Stop the abuse!!

    They were making the case because they were blocking his MAC address and he changed it. In other words, the WiFi was no longer "open" to his device, so it wasn't a case of "hacking" open WiFi anymore.

     

    reply to this | link to this | view in thread ]

  92.  
    identicon
    balaknair, Nov 21st, 2013 @ 10:30am

    Re: Stop the abuse!!

    I wish I'd heard about this story a month ago. Just bought an LG fridge. On the other hand, I'll no longer be buying the nexus 5 for myself and my wife. So two lost sales there, LG.

     

    reply to this | link to this | view in thread ]

  93.  
    identicon
    Dave, Nov 21st, 2013 @ 12:22pm

    Any other makes doing this?

    I recently got a Panasonic so-called smart telly and it's obviously got a net connection. Is this up to the same tricks?

     

    reply to this | link to this | view in thread ]

  94.  
    identicon
    Frank Nurock, Nov 21st, 2013 @ 9:21pm

    Privacy Issues

    This signifies that privacy issues are becoming increasingly valuable to people in all places, as we are so dependent on technology in our everyday lives.

     

    reply to this | link to this | view in thread ]

  95.  
    identicon
    Todd Zircher, Nov 22nd, 2013 @ 5:47pm

    Just an idea...

    So, the data is unencrypted. Some clever person should create a program/filter that removes all the personal content before passing it out of your home network. Kind of a reverse firewall.
    --
    TAZ

     

    reply to this | link to this | view in thread ]

  96.  
    icon
    That One Guy (profile), Nov 23rd, 2013 @ 7:13am

    Re: Re: Re: Re: public networks..

    Come now, you make it seem like the NSA would break into unsecured networks(or deliberately sabotage security to make the networks insecure), all for gathering private information on people without having to get a court order, I'm sure they'd never do something like that...

     

    reply to this | link to this | view in thread ]

  97.  
    icon
    That One Guy (profile), Nov 23rd, 2013 @ 7:20am

    Re: Re: Re: Forcing you to accept TOS to use a product should be illegal

    Unfortunately, with the increasing prevalence of built-in wifi, unless you've password protected your network, or don't have it available to connect to without a wire connection, you'd have to go out of your way to keep a device like that from connecting to your network, whether you wanted it to or not.

     

    reply to this | link to this | view in thread ]

  98.  
    identicon
    lakawak, Nov 27th, 2013 @ 9:50pm

    Re: Let's rewrite that headline

    Oh, give me a break...way to take it to the most illogical, pathetic bi*ch-ass extreme.

    YEah...pedophiles are always buying information from marketers in order to find their victims!

     

    reply to this | link to this | view in thread ]

  99.  
    identicon
    lakawak, Nov 27th, 2013 @ 9:53pm

    Re:

    No...it is not at that point. You are just pathetically paranoid and are wasting your life because of it

     

    reply to this | link to this | view in thread ]

  100.  
    identicon
    Lakawak accident55@hotmail.com, Nov 27th, 2013 @ 9:56pm

    Re: Re: SO? Like Google, you "agree" whether want to or not!

    He attacke Google! LEt's GET HIM! I dion't caer if what he said was accurate...since like Google, you AGREE to use the LG TV when you buy it! GET HIM ANYWAY! Howe DARE this article suggest that a company founded by two men whose penises I dream of sucking every night is not working for my best interest! I mean, sure...they have built themselves into a third of a TRILLION dollar company based SOLELY on selling as much of my information as they can possibly get out of me. And now they re trying to force people to give more and more by pushing the failure that is Google+ on people! But I don't care! I am sure Sergey's semen tastes delicious! So no one can say anything bad about them!

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This