
What Vizio was doing behind the TV screen - Deinos
https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen
======
mikeryan
So I have a bit of intimate knowledge of this.

Not sure what I can answer but for years my company worked on an Automatic
Content Recognition project using tools from a team called Cognitive Networks
who were bought by Vizio and makes up the tech that did this. If I understand
correctly the founder of Vizio kept this tech for himself in the sale of
Vizio.

When developing this we would work directly with Cognitive checking sync'd
apps. We knew for a long time that they could see our content in their office
while we tested.

Note LG got caught on this about 2-3 years ago and made ACR apps opt-in which
pretty much killed it for LG.

AFAIK Samsung never did the exact same thing a bunch of providers saw the
writing on the wall and dumped this sort of technology a few years back. It
had some really cool applications for interactive sync to broadcast apps but
the privacy concerns killed it for a lot for a lot of manufacturers.

~~~
AJ007
Thanks for posting this. When I saw the original FTC story I recalled reading
about this once or twice in the past but couldn't think of any key phrases or
sources.

In response to some of the other comments here, basically what they are guilty
of isn't spying but failing to properly disclose and opt-in users. There is a
particular major AV vendor who is selling raw clickstream data of millions of
their user's internet usage directly to marketers and other parties right now.
As far as I can tell, as long as it is buried somewhere in the terms and
conditions no one cares.

Of course, other companies that are actually serving the content are doing far
more than just passively monitoring your viewing habits.

From my best guess, Facebook is logging every signal it can from
content/pictures/videos it displays to users. Even if you didn't click like,
comment, or click through the link it knows the story captured your attention.

I had an interesting case with Instagram where after viewing enough pictures
of women's butts it started also showing men's bare butts in my feed too.. at
least until I never opened any of them, and they disappeared.

Users should consider that content providers are going to have extremely deep
data sets of even the most minute dimensions of their political leanings, porn
viewing habits, dating preferences, and gullibilities. All of this will make
what TV shows you watched between Netflix and NBC beyond mundane.

With an open web, where we get content from the source, this shouldn't
actually be possible. Thank the platform business model.

~~~
mirkules
Is it possible to bring about a similar complaint against Facebook with the
FTC? Or, if the FTC is the wrong agency, what would be the right one?

Of particular concern are "shadow profiles" \- dossiers on people who have
never even used or consented to using Facebook[1]. I'm no lawyer, but there
could be precedent per this Vizio case.

In my opinion Facebook is hugely overstepping people's privacy bounds, even if
they do bury what they do with some of the data in their terms of service. I
never even knew about DeepFace, or mouse cursor movements, or any of the
multitudes of violations of privacy outlined in the article below, and frankly
it scares me and makes me angry.

[1][http://veekaybee.github.io/facebook-is-collecting-
this/](http://veekaybee.github.io/facebook-is-collecting-this/)

~~~
scient
By using FB, you consent to them using the information about you that others
and you yourself provide. Dont like it? Dont use FB.

~~~
mirkules
By that logic, we shouldn't buy or use Vizio TVs either. But the issue here
with the FTC complaint is that there was not a _prominent_ warning that the
data was being collected or used in such a way.

I certainly never read or even saw any warning about facial matching in all my
photos or my children's photos.

Besides all that, people with shadow profiles who never even used Facebook or
agreed to their TOS are being tracked. This is not ok.

I feel like there is a double standard here: we are vilifying Vizio - a
company that has mutliple competitors - for much less wrongdoing than what
Facebook is guilty of, even though FB has a de facto monopoly on social
networking.

Edit: there is a link on the ftc.gov website where you can file a complaint
against a company with concerns how it handles your privacy:
[https://www.ftccomplaintassistant.gov/Company#crnt](https://www.ftccomplaintassistant.gov/Company#crnt)

~~~
jjawssd
> By that logic, we shouldn't buy or use Vizio TVs either.

Burn it all. Facebook and Vizio.

~~~
ebtalley
And every other company. Go live in a cave because thats where all companies
are going and no one is slowing the process down. This consumer choice gambit
very well be a false statement in the future.

------
jasonwilk
It's not worth buying any of these 'Smart' TVs. I don't know whether it is a
shoddy developer experience provided by the likes of Samsung / Vizeo etc or if
it's the developers themselves (Hulu I'm looking at you) who do not maintain
their apps which are constantly bug filled.

I much prefer my old dumb TV that has a Roku plugged into it. Oh yeah, and I
know it's not WATCHING ME.

~~~
wrsh07
If you want a high end tv you don't have much choice.

But also, why do you not expect your Roku / apple tv / etc to be watching you?

~~~
bduerst
You can still find OLED or 4K off-brand "dumb" TVs, like from Hisense and
Selki, but you run the risk of terrible support.

~~~
khedoros1
Don't those often use B-grade panels from other manufacturers? I know Hisense
has the reputation for punching above its weight, but I wouldn't expect them
to produce "high end" TVs.

~~~
bduerst
Not for Hisense televisions, but I don't know for Seiki. The former is
basically a high quality panel with crappy speakers.

Hisense is also now selling under the Sharp brand name.

------
jaimex2
I caught my TV doing this and went to war.

For the last two years I have had a service running that floods garbage data
back to the collection point from several addresses throughout the Internet.

You're welcome.

~~~
voltagex_
I know we can't expect the "average" consumer to do this, but thanks for
caring and running tcpdump on your network! It amazes me that with a lot of
these stories there's no one popping up with a pcap showing exactly what's
going on.

I'm hoping projects like Turris Omnia [1] will allow people to be more in
control of what goes in and out of the LAN - my network, my rules.

1: [https://omnia.turris.cz/en/](https://omnia.turris.cz/en/)

~~~
ktta
You don't really need a open source router. Just something that can be flashed
with Openwrt or dd-wrt. The router you linked actually runs a fork of Openwrt.

[https://openwrt.org/](https://openwrt.org/)

~~~
voltagex_
Yeah, they're pretty rare in Australia due to our reliance on ADSL - unless
you flash with DD-WRT. It's still not something everyone does. OpenWRT and DD-
WRT's UIs are pretty rough (although, most commercial UIs are, too)

~~~
cybergoat
I'm running OpenWRT on a TP-Link TL-WR841N/ND v8 and the LuCI interface that
comes out of box is vastly better (cleaner and more feature-full) than the
majority of consumer router interfaces I've encountered. In particular, the
realtime graph of current connections!

You can likely set your ADSL modem into "bridge mode" and put a user-flashable
device between that and your network. Once you get NBN you just connect the
WAN port to the NBN termination box and you'll be getting DHCP from your ISP.

~~~
voltagex_
I'm on the NBN now. Configuring OpenWRT had been a pretty steep learning curve
but it's worth it in the end.

------
passivepinetree
The amount of money they made from that data is probably orders of magnitude
more than the paltry $2.2 million penalty.

I hate to get all paranoid, but it seems like every day there's news of a
company's data being hacked, and what information isn't being hacked is being
actively sold.

What can an average citizen do (short of living Ron Swanson-style in a cabin
in the woods) to protect their privacy?

~~~
Narkov
"orders of magnitude more" ? As in, ~$200m? No chance.

With a little bit of industry knowledge, I would posit that they made roughly
the same quantum as the fine.

~~~
tgsovlerkhgsel
So basically, it pays to engage in unethical behavior, because if you do get
caught, the fine will usually not be more than the profit you made from said
behavior.

~~~
bredren
Obviously. Whatsapp broke privacy law in Canada and across Europe to hack
growth. Different industry, but Four Loko also was penalized for its risky
(but great for some people) original formula.

------
awfgylbcxhrey
_Vizio collected a selection of pixels on the screen that it matched to a
database of TV, movie, and commercial content._

I would like to know more about that process. I find it ethically abhorrent,
but technically very interesting.

Like, is it grabbing, say, three pixels in constant locations across the
screen and matching their color change over time? Is it examining a whole
block? Is it averaging a block at some proportional location on the screen?

~~~
cracell
I'm also curious if they'd be able to match different encodings of the same
video or would only be able to match against specific encodings in their
collection.

~~~
nikmobi
I would imagine it's simply a temporal comparison of pixel colors at
predetermined locations, similar to how the Shazam algorithm[1] works? You'd
just need to analyze enough pixels to reduce "collisions", coupled with the
temporal aspect!

[1]
[https://www.ee.columbia.edu/~dpwe/papers/Wang03-shazam.pdf](https://www.ee.columbia.edu/~dpwe/papers/Wang03-shazam.pdf)

------
JohnBooty
If nobody's started one yet, I think there would be an audience for a
blog/vlog/whatever that reviews _non-smart_ TVs. And/or a place that evaluates
which "smart" TVs function acceptably as "dumb" when they are _not_ connected
to a network.

Realistically, this would have to include evaluating things _beside_ consumer
TVs for use as living room devices, since "smart" features in consumer TVs are
nearly unavoidable at this point.

Because I'm going to have to start looking into the world of commercial
displays for my next TV, I guess. At least I _think_ those don't have "smart"
features. Yet?

~~~
ktta
Rather than avoiding such TVs, I think we're better off taking some good
precautionary measures.

Why buy commercial displays which usually are pretty expensive, when you can
buy consumer ones and be smart about how you use it? Of course, even if they
start coming with in-built wifi, just don't let them connect to anything.

First, off taking control of your own home network is crucial. Get a good
router, something you can install pfSense or linux on. You'll basically have
to get an NUC and learn how to manage firewalls. I suggest pfSense or just
plain jane ubuntu server if you aren't very good with these systems. Then, a
wifi access point can be connected to it for your wireless devices.

Prevent external network access to all the devices, and then whitelisting them
(probably only your computers) is the way to go. Unless you bother to teach
every one who lives in your house about the terrible things that some
companies do, just block everything.

I don't think we can prevent IoT just like we couldn't stop phones. Home
automation can be the best thing since mobile phone. As nuts as it sounds, you
might just realize the comfort factor of having a "smart home". Just have to
be careful, just like you're careful with your phones, and what they do. Read
up on basic security, common exploits targeting IoT devices, etc.

~~~
richardwhiuk
There's an absurd amount of technical knowledge that you are suggesting that
every household in America should subscriber to.

Also, if you have a SmartTV, you probably need to allow it contact the
internet, otherwise playing internet TV (Netflix, iPlayer, Hulu, etc) is not
going to work. If it can access Netflix, it can probably phone home with your
data.

~~~
remir
Don't connect your TV to the internet and use something like a Chromecast,
Roku, Apple TV, instead.

~~~
Arizhel
Yeah, but those spy on you too, so I don't see how they're any better. The
main advantage with things like those is that you can more easily upgrade them
later as technology changes.

------
pdimitar
"Vizio has agreed to stop unauthorized tracking".

As if there's any human-measurable way of confirming this. Yes they can be
forced by a court. And no, the court can't know if they stopped all of the
software copies on all TVs and no, the court can't know if they didn't re-
activate them in the future back again.

What actual proof do we have that LG actually stopped? What actual proof can
we have that Vizio will stop doing this?

~~~
abraae
Vizio is not an individual, it's a collection of employees and contractors,
some loyal, and others who hate their corporate overlord and would love
nothing better that to dob them in if they ever sneakily resumed the spying.

~~~
pavel_lishin
Where were these noble folks earlier?

~~~
nxc18
This wasn't an issue earlier. It was a known public fact. I stumbled upon the
marketing page for this feature about a year ago by accident without even
attempting to find it.

What Visio is doing has so little impact on privacy that it is embarrassing
for our regulatory system that this is what they took action on.

------
ComputerGuru
A 2.2M settlement is absolute peanuts compared to the mountains of cash they
likely made.

~~~
thenayr
Yeah not much of a punishment to discourage further abuse. Should have fined
them on a ratio of the number of data points they collected (100 billion).
Even a 100:1 seems like a reasonable punishment for this scale of abuse ($1
billion)

~~~
harryh
The idea that the data that they collected was worth $1B is laughable.

~~~
kilotaras
Fine should be bigger than price of the data.

Expected return from 'illegal' activity E = R - p * F, where R is revenue, F
is fine and p is probability of getting caught.

p < 1, so if F < R engaging in such activity is a rational, if immoral,
choice.

------
criley2
Just further confirms that "Smart" TV's are a ripoff at best and a scam at
worst.

Never, ever, ever buy a television described as smart. For any reason at all.
All of the solutions are miserably pathetic. All of the solutions are riddled
with bugs, design omissions and potentially nasty security zero days. All
implementations have little to no update support from major third parties.

And, in many cases from many companies, the units spy on you as aggressively
as could be to sell data for marketing purposes.

"Smart" tv's are lose lose lose lose. You pay more, you get inferior software,
inferior hardware and ultimately have your privacy abused.

EDIT: To be fair, I love my Vizio dumb TV I just got. 40" 1080p dumb TV for
$167 inc. taxes this past black friday. Got a HDR/4K Roku for an additional
$70 and this TV is beautiful and the Roku is so much impossibly better in both
hardware, software and third party support than any "smart" solution ever
could be, and costs far less than the "smart" upgrade!

~~~
antisthenes
I don't understand why someone just doesn't hook up their TV with their
computer via HDMI or DP. Is switching sources too complicated for people?

Even the shittiest Dell boxes these days have 2 video outputs, I believe, so
you can run 1 monitor + TV. Most laptops have an extra video out port too.

That way you can actually type on your keyboard when you search youtube,
unlike typing with god forbid, a remote or an xbone controller (like a console
peasant)

By using a $5 cable, pretty much anyone can make a TV 'Smart', and not just
smart, but smarter than the ones that are marketed as such.

~~~
criley2
Because a full desktop UI is vastly inferior to a simple remote interface if
you don't have a full mouse/kbb available, and having to have a mouse/kbb to,
I don't know, pick a movie is very lame from a couch user perspective.

Because you can get 4K/HDR with regularly updated high quality third party
apps like Netflix from Roku for $80 with hardware that can handle it/

But a Media PC running Windows would require you to spend several multiples of
80$ to achieve 4k/HDR with a good remote.

More work, more setup, more money, more configuration, and frankly the end
result isn't better.

Easier to use your PC as a media server, then use Roku to read from the server
using a remote on your couch.

~~~
Shorel
Install Kodi, use the wireless gamepad as the remote control.

Problem solved, no money spent, best of both worlds.

~~~
criley2
>Problem solved, no money spent, best of both worlds.

Many new problems:

* Gamepad costs roughly 70% the cost of any entire 4k/HDR Roku setup. A first party game pad costs $50-65 dollars, while a HD Roku costs $80.

* A gamepad is VASTLY INFERIOR to a remote. This one is very easy. Gamepads are crappy, crappy remotes. The back triggers (L2 R2) are stupidly mapped to seeking causing endless fastfoward/rewind triggering by mistake. The buttons are unintelligble (what does a Square do to my movie? What does Y do to my TV show?) and are only usable by basically the 1 geek who set it up and is unusable by all other users who have to learn custom button mappings per application

* Kodi is vastly inferior to Roku for average use, like Netflix. Users must use unsupported, buggy third party non-Netflix based Netflix add-ons which are inferior in every way to an officially distributed Netflix app. At this point, the best solution is the PAID "PlayOn" subscription service, meaning the user must ___pay monthly_ __just to access basic apps like Netflix which are free monthly on Roku (outside of the actual subscription, which both methods require)

I'm sorry but Kodi is pretty crap as a home media solution, have you ever
relied on it for your full library and media consumption and watched it be
used by the less tech-focused people in your home? Regular users, children,
elderly people?

Roku is easy for my grandfather to use. Kodi + a Xbox1 controller? Not so much

~~~
Shorel
Well, I already had all the hardware, and the hard disks already have most of
the content.

I kind of disagree about gamepads being bad remotes. The default mappings are
bad and I do agree about the triggers. We don't need more than half the
control to do forward and rewind. I had remapped mine, particularly to add
changing subtitles and audio streams.

But: the gamepad is the control I can use without having to look at it,
because it is not a matrix of similar rectangular buttons, and after a while
everything is just second nature. For me, nothing is faster or more intuitive
now. And the buttons are REAL solid buttons, not crappy pieces of rubber. I
get frustrated when I have to use a regular remote control now.

I don't use Netflix because I'm not in the USA and in South America it
honestly sucks. And they hunt and shutdown VPNs now.

However, nothing beats the price of your Roku for a new setup. That one I
concede. Your setup is much cheaper. But you can't play Batman Arkham games on
it :D

------
neotek
"Smart" TVs are the worst TVs I've ever used, I really don't understand the
appeal whatsoever.

They're almost universally clunky and slow with horrific UI / UX choices and
painfully high latency on simple things like browsing a list of files or even
just registering button presses, provide fuck all useful benefit over and
above the regular TV experience, are usually running some long-deprecated
version of Android which is riddled with security holes that will never get
patched - why does anyone actually _want_ this?

A Raspberry Pi running OSMC is everything you could ever want out of a home
media setup, it'll work with good old regular "dumb" TVs that can't invade
your privacy, with an interface so simple your grandparents can use it, and
can be put together for well under $50.

~~~
LordJZ
And then there's Tizen which is even worse than Android Smart TVs. Dad bought
a Samsung Smart TV with Tizen (even though I begged him to change his mind and
buy a better solution for half the price) and expecting the worst I was
_still_ suprised what an absolute piece of garbage that TV is.

------
fencepost
This sounds like an excellent reason to simply never connect the TV to the
Internet and to simply connect your own system to the TV whether it be a stick
PC or something with a little more oompf.

~~~
pdimitar
That's what I plan to do but it still makes me nervous that the "smart" part
of the TV might secretly contact my router and ask for network access.

I have zero proof but I became paranoid recently. :(

The reasonable tradeoff would be to buy a high-quality "dumb" TV with a very
good screen. At least I hope so.

~~~
tucif
> Ask for network access Assuming you have a decent router that supports wpa2
> I find it difficult to believe a TV would crack it.

~~~
Neliquat
Agreed, but. Most just bug you about 'updates' ad nausem until you have a
moment of weakness and punch it in. At least some will autoconnect to open
wifi. Sure YOURS is locked down, but what about your neighbors? Just 'turning
it "off"' is not enough for even casual security.

~~~
pdimitar
Exactly what you said. Even if I do my very best to secure my router and
blacklist the TV's Mac address (and never give it the wifi password), how do I
know that my neighbours won't mistakenly let their WiFi open for a day or two
until they realize their mistake? Or if I tether my mobile data from my phone
and turn into a router, that I might forget to secure it?

All it takes is one small slip.

I'd rather never take the risk. I'll just look for a dumb huge TV; I need 65+
inches, good luck to me, right?

~~~
ChoGGi
You can usually unplug the Wifi module, if you don't mind opening it up (and
checking beforehand if it is removable).

Good luck

~~~
SmellyGeekBoy
All hardware is removable if you own a soldering iron ;)

------
abandonliberty
This is promising and is a good start towards IOT precedent, and perhaps even
operating systems of our devices (Windows 10).

\- Explain your data collection practices up front.

\- Get consumers’ consent before you collect and share highly specific
information about their entertainment preferences.

\- Make it easy for consumers to exercise options.

\- Established consumer protection principles apply to new technology.

I wonder how many technical teams are scrambling to undo their spying now -
though this is a fairly insubstantial fine. I could see the data being
potentially worth more than $2.2m

~~~
Smerity
To note, they were also forced to delete the collected data, though the
insights they've already extracted / profits from data they've already sold
may offset both the point and the $2.2 million fine.

~~~
abandonliberty
You're right, good insight.

I was thinking purely about risk/reward for other players in the market. The
fine is 0.4% of the Note 7 recall cost, not including brand damage.

A fine this nominal could easily be seen as the cost of doing business - if
you get caught.

~~~
codedokode
If they really have sold 10 million devices then the fine is 22 cents per
device.

------
diamondlovesyou
What I'm about to say may go against what many of the HN community believes.
This isn't an attack on anyone's beliefs; I'm merely expressing my thoughts in
an attempt to solicit constructive discourse.

I'mma be honest. I don't understand the repulsion at the possibility of
corporation X knowing my personal info, (excluding the usual things like bank
account info, SSNs, etc) like my location, search history, etc. To be clear,
I'm 10000000% against warrantless (FISA court "warrants" excluded) government
access to this information. Here's my reasoning:

* Governments

Have the power to arrest and detain on a whim. Not to mention, use drone
strikes.

* Corporations

... Don't. These entities have self-interested incentives to provide tools
which are economically productive for users. For example, a smarter
smartphone, whatever that may be.

Regarding Vizio, my grip is that Vizio's goal (for this product at least) is
to make a profit producing TVs. So, after the TV is sold, the product is
individually "finished" (not considering support stuff). So, then, what other
product is the data collection for, and what does this product give me in
return for my data? The answer to both is no, and not just for Vizio.

Maybe I'm naive.

~~~
mindviews
It's the lack of transparency that's the real problem. I like to know as much
as I can when something I own is sharing personally identifiable data about me
and my habits to companies (and governments). The fact that the whole effort
on Vizio's part was under the radar means that consumers lacked important
information about the functioning of their TV's. If they had known about the
depth and breadth of the data collection, maybe some portion of purchasers
would have made other decisions. Once that's on the table, then you're free to
make the choice to let that data be shared if you're comfortable with it (as
you indicate you'd be in your case).

~~~
irontoby
Yes, yes, yes. For example I am perfectly okay with Google slurping up every
bit of data they can about me, tracking my every move etc. because the benefit
I receive (i.e. really spooky-accurate suggestions & info in Google Now) is
worth the privacy tradeoff.

Also, based on their past actions and statements, my level of trust with them
is very high that they will be transparent with their uses of that data and
that they will diligently guard against that data being put to other uses that
they or I didn't allow.

But what Vizio has done here makes it perfectly clear that providing any
benefit to the end users was never their goal and that keeping the true nature
of this program secret was an intentional act. That's enough to ensure I'll
never buy a Vizio product in the future.

------
jeanvaljean2463
Huge schocker /s

Pretty sure that Samsung does very similar things. I've been interested in
actually capturing outgoing pcap data for this purpose. Looks like I have a
new project to add the pile.

~~~
PhantomGremlin
_capturing outgoing pcap data_

Why wouldn't that data be encrypted? All you would see is packets going to
specific IP addresses. No way to analyze the contents.

Of course, the data might not be encrypted. Why go thru the effort? Because of
the large quantity of data being passed back and forth by almost all Internet
connected devices, it's tedious to interpret what's happening even if the
flows are completely open.

~~~
jasonjayr
Speaking of encryption ....

If they're capturing the image and sending it back to themselves for
classification ... arn't they breaking their HDCP license?

~~~
chris_wot
I think they were only sampling areas of the screen.

------
silveira
_> Consumers have bought more than 11 million internet-connected Vizio
televisions since 2010._

 _> The order also includes a $1.5 million payment to the FTC and an
additional civil penalty to New Jersey for a total of $2.2 million._

 _> Vizio then turned that mountain of data into cash by selling consumers’
viewing histories to advertisers and others._

$2.2 million / 11 million tvs = $0.20 per tv

~~~
jaclaz
To be picky, the thingy was introduced "only" in 2014, so maybe "only" 4.5
million tv affected, that would raise the cost for the company to a whopping
$0.50/each, more than double what you calculated but still peanuts ...

------
kevin_b_er
This is why you do not use a smart TV: Nefarious data collection on what you
watch and Samsungs are known to demand to show ads or else.
[https://news.ycombinator.com/item?id=13585132](https://news.ycombinator.com/item?id=13585132)
[https://www.extremetech.com/electronics/241500-samsung-
smart...](https://www.extremetech.com/electronics/241500-samsung-smart-tv-
update-forces-users-see-ads)
[http://www.techtimes.com/articles/190222/20161227/samsung-
sm...](http://www.techtimes.com/articles/190222/20161227/samsung-smart-tvs-
shove-ads-down-users-throats-and-no-theres-no-real-opt-out.htm)

I'm also, for political reasons, suspicious of the FTC's willingness to pursue
such cases in the future.

~~~
xanderstrike
Can you recommend a 50" 1080p tv that isn't "smart"? I've been shopping for a
new one and I strongly suspect they don't exist.

~~~
logfromblammo
Last time around, I elected to buy a smaller "dumb" TV, and just sit closer to
it. I learned my lesson very early, with LG as my teacher.

If I really had to get a large display, I'd just make it a big computer
monitor and add a separate sound setup, or I'd spend the gratuitous extra
markup on a commercial "digital signage" display. Either way, I'd probably
have to route all TV-related functions through a set-top box with HDMI output,
like a DVR, cable/satellite box, or HTPC.

------
troydavis
It's amazing this was settled for a few million dollars. It's easy to imagine
an alternative press release where the settlement was 10x or even 100x larger.

~~~
vonklaus
but then Vizio wouldn't make a profit. The FTC has to make sure these
companies continue to be profitable while itself appears to be semi-competent.
Similarly, Verizons supercookie "crackdown" was laughable. FTC stands for Fuck
the Consumer because that is their primary objective.

edit: I phrased the above incorrectly. I meant to imply that the FTC is
beholden to these companies and largely does their bidding. Except in narrow
circumstances, the FTC really is a tool of the major corporations it is
supposed to regulate.

Fuck the FTC.

~~~
teach
I suspect if you rewrote this comment without using such emotionally-charged
and loaded language you might have gotten more upvotes.

Let me give it a try.

"Unfortunately, the FTC has an interest in keeping companies profitable, so
any punitive measures take a back seat."

~~~
PhantomGremlin
_without using such emotionally-charged and loaded language_

Except that "Fuck the Consumer" seems like a nice clear description of the
situation.

------
csours
>On a second-by-second basis, Vizio collected a selection of pixels on the
screen that it matched to a database of TV, movie, and commercial content.
What’s more, Vizio identified viewing data from cable or broadband service
providers, set-top boxes, streaming devices, DVD players, and over-the-air
broadcasts. Add it all up and Vizio captured as many as 100 billion data
points each day from millions of TVs.

> The order also includes a $1.5 million payment to the FTC and an additional
> civil penalty to New Jersey for a total of $2.2 million.

------
zeropoint46
So I actually worked at cognitive networks up until the end of 2014. I've read
this thread and thought I would address some things here that didn't seem to
get fully concrete answers (in no particular order).

The ACR technology that cognitive used was/is in vizio and LG tvs. during the
time I worked there we only had a deal to use it actively on vizio tvs. I
guess lg was just testing the waters to see how it'd work. The ACR technology
that CG used is based on RGB values from sampled patches on regions of the
image. There was no audio finger printing used. There were a number of items
that would mess up the "recognition". Some of those included aspect ratio of
content, watermarks from different providers, overlays and basically anything
that modified either the size of the original image or obstructed it. For the
server infrastructure, what we did was we ingested live feeds from the major
network providers, these feeds had to be ahead of what tvs were watching by at
least 5-10 seconds so we actually had the fingerprint data in our database to
be recognized. we would pair the ingested fingerprints to TV scheduling data
and voila, we "knew" what you were watching. Now clearly if we didn't have the
content in our database we had no idea what was being shown on your screen.

What did we use the ACR data for. Well there were 2 "deals" going on while I
was there. One was ratings, something to compete with the likes of neilsons.
Different content providers, distributors, marketing agencies, etc. would want
ratings info. Additional there were other "data mining" companies that build
profiles based off public IP addresses that would want to use our data to
enhance and augment their data. The other application that was the one that
everybody was after want "interactive advertising". This would allow us to pop
up an HTML5 app/page based on the ACR. So for example your selling a car, your
ad comes up, you pop up your app and allow the user to schedule a test drive
or look at the car in more detail. The use cases were endless though.

The ACR technology ONLY worked on content that was viewed from the HDMI ports.
Any built in apps like netflix or hulu that were run, ACR was force disabled.
One thing I remember about that was that netflix is huge about NOBODY getting
viewing data/ratings information about netflix and it's users. Only netflix
has that data apparently. One somewhat reassuring thing about disabling the
technology is at one point vizio did notice a bug on one of its TVs where ACR
was not being disabled when the user opted out of "interactivity". This was a
big deal and we were required to solve it ASAP.

AMA if I missed something.

------
myrandomcomment
1\. Press the Menu button or open the HDTV Settings. 2\. Select System. 3\.
Select Reset & Admin. 4\. Select Smart Interactivity. 5\. Right arrow to Off.

------
sitkack
How is this not an illegal wiretap? Shouldn't executives and employees at all
the involved companies go to jail?

~~~
an_account
Because wiretaps are for telephones...

------
segmondy
This is ridiculous, I wish someone with money would create an absolute
shitstorm by buying this kind of data, buying data from Facebook, google,
twitter, internet cable companies, state departments, combining them,
deanonymizing millions of users and dumping them. Until something crazy like
this happens nothing will happen, it needs to be brought to the light. Until
then, no regulation will ever happen on data collection on users and we will
all be sheep and the product. Crazy thing, it won't cost that much money.
Folks need to wake up and be scared shit less. Everything spies on you, your
pace maker, your fitbit, your car, your TV, your fridge, watch. 1984 ain't got
shit on this! :-(

------
a3n
I wonder how many of these Vizio TVs are in government offices, recording and
selling their IPs, pixels, preferences and schedules.

Remember, it's not just broadcast, it's also from DVD players. Anything
displayed.

And I wonder who's buying, and then correlating IPs and devices, besides the
obvious advertisers. The potential for espionage and extortion is interesting.

"That's an interesting fetish you got there, Mr third or fourth down on the
org chart who does the actual day to day running of the agency. It'd be a
shame if it was to be ... exposed."

------
tps5
> Consumers have bought more than 11 million internet-connected Vizio
> televisions since 2010

11 million televisions. 2.2 million penalty. 20 cents per television.

------
guscost
I got a supposedly "smart" TV at a ludicrous price the other day, maybe
because there are already surplus units that nobody wants? It's a Roku/Sharp
combo thing so there are no numbers on the remote either, but the UI is
actually pretty darn good.

And no, I would _never_ connect my cheapo TV to the Internet. Come on.

------
msmith10101
How did Vizio get caught? Was it a whistle blower?
[https://www.propublica.org/article/own-a-vizio-smart-tv-
its-...](https://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-
you)

------
gesman
>>The order also includes a $1.5 million payment to the FTC

>>and an additional civil penalty to New Jersey

 __Read __: FTC and New Jersey decided to made money off consumers too by
charging Vizio a little tax. "Protected by law" consumers got: $0.

------
werber
Are they shielded from a class action suit now?

------
busted
There is a comment on this article basically saying, "I bought a Vizio TV,
later my email, bank account, and facebook got hacked, and now I know why."
Shows roughly the understanding of these issues for some people.

------
codedokode
The law is not strict enough. No single byte should be sent outside without
user's consent. No matter whether it contains personal data or not.

And that would make proving company's guilt much easier.

------
nikanj
Could we merge this with
[https://news.ycombinator.com/item?id=13581771](https://news.ycombinator.com/item?id=13581771)

------
hueving
Wow, those punishments are pathetic for sampling private movies you watched
(e.g. porn) on your TV and funneling that information off with IP address to
advertisers.

------
nojvek
Consumers want the best service at the cheapest price. Producers want to
maximize the profit on products and services. Advertisers want the best return
on investment for their ad dollars so they also maximise profit.

This are fundamental thruths of the market. It's why Google and Facebook are
behemoths.

The only way to win the game is precision tracking, addictive services and
building good models of customer behavior for advertising.

------
whalesalad
On a similar note, can anyone here speak to the hidden audio signal that is
broadcast over the air with things like sporting events?

I noticed it once when Google Now knew instantaneously that I was watching a
specific NFL football game and began displaying the score. It felt magical but
after a little research there are hidden frequencies that reveal this
information.

------
agotterer
How are fines that are as little as this supposed to deter future companies
from sketchy collection practices? One can only assume they made more than
$3.7M selling illegally collected data.

There's no incentive for companies to do better and not be shady. It pays to
roll the dice and see if you get caught. If you do just say sorry and pay a
small fine.

~~~
jps359
It seems a bit odd... spying on people on a massive scale, nobody goes to jail
and only a $2M fine

------
scarface74
If they were aggregating and selling this information to television networks,
as a better way of measuring how many viewers a show had, I would be okay with
that. It may help keep some of my favorite shows on air. But to sell my
individual viewing habits with my IP address? Not okay.

------
calvinbhai
With Vizio and other Dolby HDR compatible TVs you'll have to keep it connected
if they intend to get firmware updates. I wonder which TV will be ideal for
purchase, now that Samsung and Vizio have been caught hoodwinking their
customers.

~~~
kofejnik
why do you want firmware updates? they will only bring more tracking

~~~
givinguflac
Fixes and improvements.

~~~
LeoPanthera
Remember when products worked out of the box?

~~~
TeMPOraL
This.

I'm conflicted about updates. On the one hand, people screaming "but
security!!111~1" have some pretty good points - especially when talking about
internet-connected devices. On the other hand, _shit used to work out of the
box_ in the past, and most updates that are not security patches seem to only
introduce useless crap and bloat software more.

------
knodi
3.7mill is not enough of a fine. The fine should have been 50mill plus.

~~~
jaclaz
... and it's not even 3.7 millon, the total is seemingly 2.2 million
_including_ the 1.5 million FTC:

>The order also includes a $1.5 million payment to the FTC and an additional
civil penalty to New Jersey for a total of $2.2 million.

Or am I reading it wrongly?

------
mathgeek
I wonder how many meetings were called at other manufacturers when this went
public, both to check on what they themselves were doing, and to make plans to
stop doing it where relevant.

------
noonespecial
Well, looks like old Orwell got the Telescreen just about right. "Facecrime"
turned out to be something a little different though...

------
chinathrow
I wonder how you can work on such a setup as an engineer with morale,
colleting 100B data points _daily_ without telling your customers...

------
myrandomcomment
So there was a setting to turn their tracking off if you dug into the menus. I
turned it off on my set. I hope it covered that feature.

~~~
ben174
It's called Smart Interactivity and it's so far tucked away it's blatantly
obvious they intended to hide it. As I recall it was in the 'System Reset'
menu for some inexplicable reason.

------
dewiz
I wonder if Comcast does the same, they can even cache user interests locally
waiting for a connection to be available.

------
usgroup
May be worth noting that AV companies and privacy guards also sometimes
operate on this model. E.g Avast and Ghostery.

------
kelvin0
Vizio: Clash of the Titans, when capitalism is at odds with individual privacy

------
skc
The cynic in me believes that Vizio are probably just a few years too early.

------
amq
Want a dumb TV? Disconnect it from internet and have your Roku etc.

------
daveheq
Yah but Trump's going to get rid of the FTC and regulations that get in the
way of business, such as spying on you and selling your watching habits and
personal info to a bunch of other companies.

------
firefoxd
I have a Vizio TV, can i disable tracking?

~~~
firefoxd
Nevermind. I found it. Let's hope it does what it says it does.

[http://i.imgur.com/aXThhIg.jpg](http://i.imgur.com/aXThhIg.jpg)

------
hoodoof
Ironic that the government should be so concerned about spying.

------
bitmapbrother
Now that we know what they did the class action lawsuits should follow. If
your concerned about privacy don't connect your TV to the Internet. Treat it
like the dumb screen it's supposed to be and just cast or route content to it.

------
rasz_pl
Do you watch cable? Every single settopbox is designed in a way that makes
tracking viewing habits trivial and every cable company does this.

------
jlebrech
this sound like a reverse-DRM, they can they figure out if you're watching
pirated content then send you a bill.

this cheap unknown brand doesn't look so cheap now does it.

