U.S SENATORS URGE FTC TO INVESTIGATE SMART TV PRIVACY CONCERNS

IN BRIEF: Two US senators Edward Markey (D-MA) and Richard Blumenthal (D-CT) have sent a letter to the Federal Trade Commission (FTC) requesting the agency to investigate smart TV makers amid fears and evidence that companies might be using devices to collect data and track users without their knowledge.

----------------------------------------------------

The open letter comes while smart TV advancements have "ushered in a new era of innovation and interactivity," they must not come at the expense of consumer privacy. "Televisions have entered a new era, but that does not mean that users' sensitive information no longer deserves protection," the senators said. "The content consumers watch is private, and it should not be assumed that customers want companies to track and use information on their viewing habits."

They said that, any company that collects this type of information should have to "comprehensively and concisely detail who will have access to that data, how that data will be used and what steps will be taken to protect that information," and added that consumers should have the opportunity to consent to that sort of data collection.

Senators Edward Markey  and Richard Blumenthal

TO JUSTIFY THEIR ALARMING LETTER.

The two senators cited a recent New York Times report about Samba TV, a vendor of smart TVs. According to the report, while


Samba tells users and lets them decide if to enable data collection for analytics purposes, it does not inform customers of the real depth of the collected data, which includes much more information than users believe they are agreeing to.

Recent reports suggest that Samba TV, one of the largest companies tracking smart TV users' viewing behavior, offers consumers the opportunity to enable their tracking service, but does not provide sufficient information about its privacy practices to ensure users can make truly informed decisions

Reports also suggest that smart TVs can identify users' political affiliations based on whether they watch conservative or liberal media outlets – Regrettably, smart TV users may not be aware of the extent to which their televisions are collecting sensitive information about their viewing habits.

The two senators also noted that the FTC has taken action on this before, investigating Vizio for collecting viewing data on 11 million smart TVs without consumers' knowledge. Last year, the company settled with both the FTC and the New Jersey Attorney General, agreeing to pay $2.2 million in penalties and to delete data collected

Another case, which was not cited by the two senators in their letter, is South Korean company Samsung. In February 2016, an EFF researcher spotted a change in the company's terms of service that warned customers not to speak personal information out loud near their smart TV because there was a danger the voice recognition feature would pick it up, send it, and store it on Samsung's servers.

Based on these previously documented cases, the two senators are now asking the FTC to start an industry-wide investigation into the data collection practices of smart TV vendors and get the ball rolling on privacy-boosting regulation for a sector they believe has been allowed to infringe in users' privacy rights.

"Regrettably, smart TV users may not be aware of the extent to which their televisions are collecting sensitive information about their viewing habits," write Senators Markey and Blumenthal. "Televisions have entered a new era, but that does not mean that users' sensitive information no longer deserves protection."

IS THIS THING NEW?

There’s nothing new about smart TV spying.

2012: Zero-day vulnerabilities in Samsung Smart TVs were exposed at the end of 2012; if exploited, attackers could gain control of the webcam and microphone.

2013: Smart TVs were called the perfect target for spying on users back in 2013 – the same year as a Black Hat presentation about hacking Samsung Smart TVs. It was not just exploits that allowed for spying as a scandal erupted about LG Smart TV spying in 2013.

2014: Philips TV was a victim as well, I wrote on an article that can be read HERE, showing how hackers could play around with Philips TV and the way an individual can mitigate the challenge.

2015: Samsung took heat in 2015 for its privacy policy and its use of voice recognition – being able to record and listen in on what users were saying – it later came to light that the CIA had a Weeping Angel attack against Samsung Smart TVs back in 2014, making it possible to record conversations and send them back to a covert CIA server.

Also, in 2015, thanks to Smart Interactivity, Vizio was busy tracking what 10 million smart TV owners were watching and then selling that data to advertisers. Vizio was full of denials, but the FTC slapped Vizio for this. And in 2017, Vizio agreed to pay $2.2 million to settle charges by the FTC.

FACTS – SMART TV USER TRACKING IS REALITY

Many internet-connected smart TVs are equipped with sophisticated technologies that can track the content users are watching and then use that information to tailor and deliver targeted advertisements to consumers. By identifying the broadcast and cable shows, video games, over-the-top content like Netflix, and other applications that users are viewing, smart TVs can compile detailed profiles about users' preferences and characteristics.

#Infosec #Cybersecurity It should be known that everyone is responsible to protect his/her own #privacy
How do you do that? – @cyberawaregov #Cybercrimes
Details at: https://t.co/BgEZnwObpC#GDPRready
- Kileo. pic.twitter.com/0SAr2PMO9x

— YUSUPH KILEO (@YUSUPHKILEO) May 2, 2018

Blumenthal and Markey have also recently pressed both Facebook and Google on their data policies. They have both also sought greater FTC oversight of Facebook following the Cambridge Analytica scandal.

During Our Board meeting - We agreed upon having The Annual @AfICTA summit 2018 in Mombasa #Kenya (East Africa) We look forwards for the very productive Summit this year! More details will follow.#ICT #Africa #Innfosec@jumuiya @AfICTA @Kayodeisaiah4 @jolufuye https://t.co/blSupj9O2R

— YUSUPH KILEO (@YUSUPHKILEO) June 18, 2018

AfICTA Board members during its 5th Board Meeting on June 6, 2018, have unanimously approved the proposal submitted by one of its stakeholders, CSK- Computer Society of Kenya to host the 6th Annual Summit in Mombasa, Kenya from October 8 - 9, 2018.

This important event was first hosted in Lagos, Nigeria in 2013. The Egyptian ICT industry association and the government of Egypt hosted the second edition in 2014. The third edition took place in Johannesburg. The 4th edition was hosted by the ICT Professionals Association of Namibia with the support of the Namibian Ministry of ICT and last year 5th edition was held in Nigeria by the ADD Consortium. Further datails coming soon.

TAKE NOTE: Cybercriminals consider small businesses a "target of choice," and a vast number of owners may be leaving their websites and companies unnecessarily vulnerable to attack, a new report suggests. Training employees on sound cybersecurity practices is an integral part of protecting a business.

In a recent survey of 250 website owners, cloud-based security firm SiteLock found that 59 percent are responsible for their own website upkeep but only 41 percent update website applications at least once a month. Experts consider software updates vital to protecting computer systems.

Among other survey findings: Of owners who had experienced a security incident, 24 percent reported that it damaged their business reputation while more than 35 percent reported that it endangered their bottom line.

This may leave businesses with websites vulnerable to a variety of cyberattacks. It also begs the question, what other cybersecurity vulnerabilities are being left exposed? All too often, one of the weak links in the cybersecurity chain for corporations is employee awareness.

#Infosec #Cybersecurity The increase in data breach and cybercrime as modern technology takes over the world - De Rebus https://t.co/pBmmP9bRYA#Cybercrimes

— YUSUPH KILEO (@YUSUPHKILEO) July 14, 2018