Last week TV maker Vizio made a startling admission. For more than two years the company had collected the viewing habits of 11 million customers who had purchased its internet-connected smart TVs, and sold that data to third parties. Specifically, Vizio had captured what the FTC describes as “second-by-second information about video displayed on the smart TV, including video from consumer cable, broadband, set-top box, DVD, over-the-air broadcasts, and streaming devices.”
The FTC and New Jersey's Attorney General allege Vizio “facilitated appending specific demographic information to the viewing data, such as sex, age, income, marital status, household size, education level, home ownership, and household value…” This is top-shelf privacy violation, the sort of data harvesting and resale that could theoretically let companies — or hackers that might raid their files — turn anonymous viewers into fully identified individuals.
If all available outrage weren't being pulled into the White House's black-hole-like gravitational pull, this story of privacy violation and corporate comeuppance could easily have entered the national conversation. And no one is alleging Vizio actually took that extra step and pinned viewer data to specific individuals by name. However, the company, which was unable to provide a spokesperson in time for this story's publication, is accused of doing the next best (or worst) thing, by associating viewing habits with specific internet connections, or IP addresses. Since most residential IP addresses can pin a user down to a physical address, tugging on that single thread of data will quickly unravel any semblance of digital privacy. The third parties that paid for Vizio's data were most likely interested in targeted demographic data. But there's nothing preventing them from going further, and tying a viewer to his or her online browsing habits, or even attaching an actual name to the increasingly detailed behavioral profile they've cobbled together, profiles that can be updated whenever you open a browser or use one of the many apps that track your data.
Unfortunately, these aren't the frantic ramblings of a tin-foil-hatted paranoid. Companies really do build, store, and sell profiles of individual people, and those people really can be identified, with enough data and effort. This is real life, and the real state of consumer tracking right now, as well as in February 2014. That's when Vizio started spying on its smart-TV customers, and last week the company agreed to delete more than two years of collected data, and pay the FTC and the state of New Jersey a combined $2.2 million.
At issue in the complaint against Vizio was that customers weren't fully informed about its data tracking and resale program. Where that data would go, or even that it was being gathered at all, was buried in the kind of user agreement language that's obtuse to the point of obfuscation. Really, though, this is a simple case, with a simple takeaway.
If you're going to spy on your customers, you need to ask their permission first.
In the more precise parlance of privacy advocacy, Vizio's tracking program was opt-out, meaning that users would have to be aware of what the program was, and take action to get out of it. The more privacy-friendly, and therefore less common option is opt-in, or informing users of a program, and asking them to check a box or otherwise take action to participate. So Vizio is asking for forgiveness now, rather than permission three years ago.
But don't go forgiving Vizio, or another other consumer electronics company, just yet. The battle for digital privacy has been underway for more than a decade, and isn't going well for consumers. Firms that buy and sell user data have won more fights than they've lost, and with no whistleblowers revealing the full extent of their day-to-day privacy violations, this corner of the Big Data revolution operates in near-total secrecy.
Instead, we got broad, open-ended warnings so common that their impact is diluted. Ubiquitous cookie warnings simply reinforce the sense that digital privacy is a fantasy. And maybe that feeling of technological fatalism is simply realism. “There's an illusion of privacy that people can feel when they're online,” says Kurt Baumgartner, principle security researcher at software security firm Kaspersky Lab. “But as far as tracking purchasing habits, sites they visit, using third-party cookies, all of this exists to whittle away at what was once considered to be privacy.” To Baumgartner, tracking goes hand-in-hand with online activity. This low-level background hum of persistent snooping is the inherent cost of roaming around the internet. What Vizio did, though, surprised even him. “They were collecting 100 billion data points per day,” Baumgartner says. “When you look at the massive amount of data they were collecting, and that it was in real time, things get a little more Big Brother-ish.”
Real-time data collection — as opposed to siphoning large troves of stored data on a scheduled basis — is troubling for reasons that are hard to flesh out without veering out of journalism and into amateur techno-thriller fiction. Companies might not care what time of day a specific home is empty. But could hackers or unscrupulous employees who intercept that data use it for nefarious reasons? What about the increasing number of smart TVs with integrated cameras, to allow for big-screen Skyping? It's only the smallest of leaps to imagine a real-time tracking feature that uses facial recognition to better identify demographic traits (such as gender and age), only to accidentally open up homes to live video snooping. After all, the threat of digital privacy breaches is about more than private firms and government agencies using data in some official, if unsavory, capacity. There's also potential for individual miscreants and peeping toms to access and misuse that gathered data. Google has fired at least two employees for violating the privacy of users, including one engineer who allegedly accessed the e-mail accounts of four minors. Those violations happened in 2010, when the kind of real-time tracking that Vizio engaged in wasn't as feasible. Then there are more large-scale privacy breaches of stored data, like the numerous — and increasingly routine — hacks of user information stored by retail giants and financial firms. It's this uncertainty and vulnerability that makes privacy worth defending, even in situations where no clear damage has been inflicted. The ongoing degradation of our expectation of privacy is damage enough.
Sadly, there are no tools at consumers' disposal to prevent or even detect violations similar to what Vizio has admitted to. However useful products like the Tor browser and the Signal messaging app might be to mitigate tracking and snooping, according to Baumgartner, there are no equivalents for smart devices like TVs and thermostats. It's up to device makers to safeguard those products, and their track record isn't promising. The cyber attack that brought down Spotify, Twitter, and other major sites and services last October was launched in part by bots that had penetrated DVRs. How did those bots get in? Many of those DVRs had WiFi passwords what were set to factory defaults, and that no user was asked to change during setup. Full disclosure: That DVRs even have WiFi passwords was news to me. “Unfortunately the manufacturers have not been building their products with security as a priority,” Baumgartner says.
Though the FTC acknowledges the larger privacy implications of opt-out versus opt-in, and the potential for tracked users to be reidentified, the Vizio case came down to one clear issue. “Our complaint alleges that television-viewing information is akin to sensitive financial and medical information,” says Kevin Moriarty, an attorney in the Division of the Privacy and Identity Protection at the FTC. “And in those circumstances where that viewing information is being collected, consumers should be able to affirmatively opt in to such a program.”
Despite Vizio's settlement, this case doesn't necessarily establish TV-viewer data as having the same sensitivity as medical and financial records. But in the running, uphill battle to shore up digital privacy, it might give other smart-device makers pause before they hand over billions more points of data gathered from the people who keep their companies alive, one sale at a time.
Get the latest gear reviews, tech news, and more directly to your inbox. Sign up now for the Men’s Journal newsletter.