18 Sep 2019

Last week my TV literally went bang. I didn’t know that was a thing any more. Cue an online search, and a couple of days later a “smart TV” was delivered. Smart TVs are notorious for their questionable privacy practices, from embedded cameras and microphones that can be switched on remotely, to sending information about your use of the TV back to the manufacturer and app developers.

Here’s a rundown of the privacy concerns I had when setting up and using a smart TV – and the steps I took in an attempt to reduce these privacy concerns.

Part 1: TV Setup

1. Turn the TV on and one of the first things you have to do is connect to the WiFi. Fair enough: it’s a smart TV. Enter the WiFi password and a pop up message tells you that your WiFi network’s name will be reported to the manufacturer.

There is no way to turn this off: if you want your smart TV to actually be smart, you have to tell the manufacturer your WiFi network name. Here’s our first breach of the data protection principles: data collected must be adequate, relevant and not excessive. Maybe there is a legitimate reason for reporting the name of my WiFi network to the manufacturer – the critical point from a privacy compliance perspective is that I had no real choice over this, and received no explanation as to why it was needed. Off to a bad start.

2. Once the TV connects to the internet, it downloads an update and a set of lengthy terms and conditions, which runs to 20 something pages. There are Consumer Rights Act 2015 issues here, particularly around keeping contractual terms simple, short, and easy to understand. But this post is about privacy, so I’ll stop there. Scroll to the end of the terms and I’m asked to agree to the ‘privacy policy’.

This is a real bug bear of mine, for two reasons. First, privacy notices are critical documents to properly explain to people how you will use their data. They don’t need to be essays – they should be short, clear and presented in easy to consume formats. I’m thinking infographics and animations. I am in front of a TV – so why show me a load of text I have to painfully scroll through on a screen? This is literally one of the clearest use cases I can think of for communicating privacy information via a video or other more engaging format than a document I have to scroll through using a remote.

Second, privacy policies are not contracts. You don’t need to, and nor should you, force people to agree to the entire policy. If this is an attempt to collect ‘consent’, the new data protection laws have made it crystal clear that consent collected in that way will be invalid – not least because I either have to agree to the policy or not use the TV. Privacy notices are used to inform and communicate with your customers, not to contract with them.

3. So I’ve followed this process and then I have to provide the TV with my name, date of birth and email address. This, again, is mandatory information – no data provided, no TV access. Try to skip and it loops you back to forcing agreement to the terms and conditions. So I give fake details and a separate email address I setup with Protonmail. The data protection principle issues here are similar as with point 1, so I haven’t repeated them again. Let’s hope I remember my fake name if I ever need to call customer service…

At this point a notice pops up asking if I consent to receive marketing communications from the manufacturer or third parties. Great – but it’s unclear how to move on without giving that consent. And also those third parties aren’t named which they have to be now for my consent to be valid.

There’s a big ‘agree all’ button; there’s also a ‘skip’ button – but pressing this prompts the TV to exit set-up without finishing. Eventually I work out how to complete setup without giving consent – but it would have been easy to consent to this by accident, or just for an easy life. This is what’s known as a ‘dark pattern’: a design intended to make it more difficult for you to exercise control, or worse, to trick you into doing something you don’t want to.

Part 2: Using the TV

4. Turn the TV on and I’m presented with adverts and trailers galore. I haven’t even plugged an aerial or satellite feed in! So by default the TV uses my internet connection to show me ads on startup, and reports how I’m interacting with them (more on this in point 5). Luckily I can sort this out by diving into the menu and disabling these so-called ‘channels’, which appear simply to be advertising channels I can buy content from. This is another dark pattern: enabling advertising and tracking by default, and requiring serious menu diving in order to switch this off, makes it more difficult than it should be to exercise control.

5. Smart TVs have a habit of ‘calling home’ over the internet to the manufacturer fairly regularly, as well as to streaming services if you have their apps installed – even if you don’t use those apps. I am talking communications 24 hours a day, with only 30 seconds or so between each one. The main issue I have here is nobody explains why our smart TVs are checking in with the manufacturer and the streaming services so often: despite investing a great deal of time trying to find out, I just couldn’t find the answer. My search only yielded a pile of forum posts with people similarly irritated by the vast number of communications their TVs are marking with the outside world without their knowledge.

But maybe the TV just needs to call home frequently in order to work properly? Nope. Time to introduce Pi-hole:

I use a free piece of software called Pi-hole, a ‘black hole for online advertising’, to monitor and control how often my devices call their developers, report statistics and talk to advertising networks. Pi-hole works by catching and blocking the requests your devices make to advertisers and manufacturers (or anybody else you want to blacklist) before they even leave your home. And this isn’t just something for tech geeks. You probably have something at home already that you can run Pi-hole on, as it’s compatible with a range of different software platforms – it can be installed by following the simple instructions set out here and takes around half an hour to setup. It is the single most useful thing I have to help retain control over the tracking, profiling and generally creepy statistical information being sent back to advertisers from my home network.

So I use Pi-hole to block the vast majority of the TV’s requests with a single click. And guess what? The TV still works fine.

  1. But in the long term, these steps won’t be enough.

Most of us at some point have been caught out because our PCs have decided to run an update right in the middle of us working or finishing off the new episode of that show we don’t like to admit we watch. It’s annoying, but these updates really do help keep us secure. The problem is that smart TVs, and other ‘Internet of Things’ devices, don’t get updated so regularly – meaning they are more vulnerable. In a few years, the manufacturer will stop issuing updates for my TV altogether, so any security issues in the latest version of the TV’s software won’t be fixed. There are privacy concerns here too, because an insecure device talking to parts of the internet can provide a simple way for ‘bad actors’ to attack your home network.

When these updates stop in a few years, I will block the TV from accessing the internet. I’ll still connect it to my home network, so that I can cast content to the TV – but for streaming content, and for casting where I can, I’ll use third party devices whose software is up to date and secure.

TL;DR: Failing to inform consumers about how their data is used, and making it difficult for them to exercise control, is irritating, unsustainable and non-compliant. You shouldn’t have to be a privacy lawyer or tech geek to begin to understand and control what your TV, or any smart device, is really doing in your home.