Manufacturer will pay $2.2 million and delete data to settle privacy-invasion charges.

Vizio, one of the world's biggest makers of Smart TVs, is paying $2.2 million to settle charges that it collected viewing habits from 11 million devices without the knowledge or consent of the people watching them.

According to a complaint filed Monday by the US Federal Trade Commission, Internet-connected TVs from Vizio contained ACR—short for automated content recognition—software. Without asking for permission, the ACR code captured second-by-second information about the video the TVs displayed. The software collected other personal information and transmitted it, along with the viewing data, to servers controlled by the manufacturer. Vizio then sold the data to unnamed third-parties for purposes of audience measurement, analysis, and tracking.

"For all of these uses, Defendants provide highly specific, second-by-second information about television viewing," FTC lawyers wrote in Monday's complaint. "Each line of a report provides viewing information about a single television. In a securities filing, Vizio states that its data analytics program, for example, 'provides highly specific viewing behavior data on a massive scale with great accuracy, which can be used to generate intelligent insights for advertisers and media content providers.'"

In an e-mailed statement, Vizio officials wrote: "The ACR program never paired viewing data with personally identifiable information such as name or contact information, and the Commission did not allege or contend otherwise. Instead, as the Complaint notes, the practices challenged by the government related only to the use of viewing data in the 'aggregate' to create summary reports measuring viewing audiences or behaviors."

The tracking started in February 2014 on both new TVs and previously sold devices that didn't originally ship with ACR software installed. The software periodically appended IP addresses to the collected data and also made it possible for more detailed personal information—including age, sex, income, marital status, household size, education level, home ownership, and home values—to be associated. The collection occurred under a setting that was described as a "Smart Interactivity" feature that "enables program offers and suggestions." The menu never informed users that the feature also transmitted viewing habits or other personal information. The complaint offered these additional technical details:

Through the ACR software, Vizio's televisions transmit information about what a consumer is watching on a second-by-second basis. Defendants' ACR software captures information about a selection of pixels on the screen and sends that data to Vizio servers, where it is uniquely matched to a database of publicly available television, movie, and commercial content. Defendants collect viewing data from cable or broadband service providers, set-top boxes, external streaming devices, DVD players, and over-the-air broadcasts. Defendants have stated that the ACR software captures up to 100 billion data points each day from more than 10 million VIZIO televisions. Defendants store this data indefinitely.

Defendants' ACR software also periodically collects other information about the television, including IP address, wired and wireless MAC addresses, WiFi signal strength, nearby WiFi access points, and other items.

Big Brother is watching

The allegations are only the latest to raise troubling privacy concerns about Internet-connected TVs and other so-called Internet-of-things devices. In late 2015, security researchers found that Vizio TVs failed to properly validate the HTTPS certificates of servers they connected to when transmitting viewing-habit data. That made it trivial for anyone who had the ability to monitor and control the Internet traffic passing between the TV and the Vizio servers to impersonate the servers and view or tamper with the transmitted data. Smart TVs manufactured by LG have also been caught collecting potentially sensitive data, including a list of shows being watched, the names of files contained on connected USB drives, and the names of files shared on home or office networks.

Under the terms of the settlement, Vizio will pay $1.5 million to the FTC and $700,000 to the New Jersey Division of Consumer affairs. The settlement also requires Vizio to delete all data collected before March 1, 2016. Additionally, Vizio has agreed to prominently disclose and obtain express consent for all future data collection. The FTC has more details about the case here and here.

http://arstechnica.com/tech-policy/2017/02/vizio-smart-tvs-tracked-viewers-around-the-clock-without-consent/

what's the big danger in this situation?

first thing that comes to my mind is the camera was recording 24 hours a day... maybe visio itself wasn't looking at the data, but anyone can hack into these systems and watch what people are doing around the house, or to see if anyone is home or alone, what kind of valuables one might have...


not to mention it's going after data stored on other devices in peoples homes, through the home and office networks...

"The allegations are only the latest to raise troubling privacy concerns about Internet-connected TVs and other so-called Internet-of-things devices. In late 2015, security researchers found that Vizio TVs failed to properly validate the HTTPS certificates of servers they connected to when transmitting viewing-habit data. That made it trivial for anyone who had the ability to monitor and control the Internet traffic passing between the TV and the Vizio servers to impersonate the servers and view or tamper with the transmitted data. Smart TVs manufactured by LG have also been caught collecting potentially sensitive data, including a list of shows being watched, the names of files contained on connected USB drives, and the names of files shared on home or office networks."

thank you so much, Moe, that was very nice of you.

That "Eyewitness News" segment in The Kentucky Fried Movie.

this seems no different than what internet does

ill be darned if whatever things I search or shop for happen to pop up banners on the sites I visit,,,,,

I only hope this judgement is expanded.

We'v reached the point very recently, where the commercial profit interests of large private corporations, has been allowed to determine the limits, if any, of our rights to privacy.

We're in for another round of declines in the right of individuals, not only to their own freedom of choice in what they do being known only to them, but further, in the ability of private for-profit companies to be allowed to decide in advance, how each of us make use of services we pay them for.

The propaganda-named effort for "internet neutrality" is a part of it. The "Net Neutrality" issue, is that the internet providers want to be allowed to determine not only how MUCH internet access you have, and how fast it is, according to what is most profitable to them, but further, they want to be allowed to SELL TO THE HIGHEST BIDDER, what search results you see, whenever you go online.

Search engines like Google ALREADY constantly monitor everything we do, and every email subject we touch upon, they want to be able to use that information, and sell it to commercial interests, so that when you (for example) shop online for clothes, or something, that the people who have PAID THEM to promote their products, will always be given top billing in your search results.

It has been said that the Trump administration favors allowing businesses to do exactly that, and more, to enrich themselves at their customers' expense.