Posted on September 21, 2019 at 3:10 AM
Smart TVs And Other IoT Appliances Are Leaking Data to Big Tech Companies
According to recent research, the beloved Smart TVs, which allows us to enjoy Internet-based content in the comfort of our rooms, are helping notable tech companies such as Google, Netflix, and Facebook by feeding them essential user data.
Those companies, plus several more, are known for their privacy-invasive practices that, on occasions, can become annoying and even dangerous. In this case, Smart TVs are leaking user information that is considered sensitive and private.
Per a report from the Financial Times, some Smart TV models and sets manufactured and sold by prominent companies in the tech industry, such as LG, Samsung, and Apple, as well as other streaming machines and devices such as Roku and Amazon FireTV, are currently sending private data without the consent of the users.
A Disturbingly High Percentage
The study was performed by specialists and researchers from Northeastern University and Imperial College London. The academics looked at 81 different IoT devices in the United States and the United Kingdom, including home appliances and Smart TVs.
The final paper had “Information Exposure From Consumer IoT Devices” as a title, and the results were pretty disturbing: nearly 35,000 experiments concluded that out of the 81 total devices, 71 of them are sending customer data to other entities in addition to the manufacturer of the appliance.
Of the tested devices, over 56% of those in the United States leak data to other agents, and an astonishing 83.8% of the UK’s appliances and hubs will do it, as well. All the devices that underwent the test will send data through plaintext flows.
It doesn’t matter if the data sent is encrypted or not: in nearly half of the cases, 30 out of 81 to be exact, the person’s behavior and trends can be detected via eavesdropping, including the data we share with our smart TVs and other IoT-powered appliances.
Location and IP Address
The most commonly leaked pieces of information were real-time and precise location and IP numbers, which are usually sent to external agents and companies such as Microsoft, Google, Spotify, Akamai, and Netflix by our own IoT gadgets and appliances.
All of the previously mentioned companies implement or offer to its customers’ cloud technologies, which the appliances in question often use for connectivity purposes. That situation paves the way for the easy eavesdropping.
In the specific case of smart TVs, the vast majority of the tested devices would leak information to Netflix. That itself isn’t surprising: the fact that it still happens whether the device in question has an account there or not is, however.
The researchers arrived at the conclusion that, at minimum, our Smart TVs can leak our information to Netflix about the specific model of the TV.
Numerous countries are currently debating the role of big tech companies in user privacy and data property. The results of this particular study will surely heat up the discussions about the potential privacy issues associated with the IoT devices we use every day.
The document published by the researchers noted, however, that while encryption is often implemented to prevent spies and eavesdroppers from knowing the shared information, it also represents a barrier to the staff trying to determine the exact data that was being passed to third parties.
A Common Practice
Facebook officials have stated that it is a common practice that comes with access to the social network included to feed data to external agents and companies, while Netflix observed that there is; indeed, data being sent to them but it is used to determine how the platform looks and performs.
According to Google, each user may configure the preference and consent levels on how they manage data being shared to them, and that it is mostly used to customize ads.
For those people interested in knowing whether their Smart TVs or IoT devices are leaking information to other companies, researchers at the Princeton University created an open-source tool dubbed IoT inspector, which implements ARP spoofing to assess the level of connectivity of each appliance and how much data is being leaked.