In-brief: Smart TV maker VIZIO agreed to pay $2.2 million to the FTC and the State of New Jersey to settle charges that it collected the viewing history of some 11 million smart televisions without users’ consent. The settlement stems from a 2014 case and requires the company to “prominently disclose and obtain affirmative express consent” for data collection and sharing.
Smart TV makers who hoped to make a fortune by collecting minute data on viewers and then reselling it to advertisers got brushed back by the U.S. Federal Trade Commission on Monday, with the announcement that TV Maker VIZIO agreed to settle charges that it violated the law by using automated content recognition in more than 11 million Internet connected VIZIO “smart” TVs to study what their customers watched without getting their consent first.
According to the complaint, VIZIO touted its “Smart Interactivity” feature that “enables program offers and suggestions” but failed to inform consumers that the settings also enabled the collection of consumers’ viewing data. The complaint alleges that VIZIO’s data tracking—which occurred without viewers’ informed consent—was unfair and deceptive, in violation of the FTC Act and New Jersey consumer protection laws.
The full settlement includes a payment of $1.5 million to the FTC and $700,000 to the State of New Jersey Division of Consumer Affairs. It was approved by a vote of 3 to 0. The ruling follows a FTC case announced against D-Link in January that cited that company’s security and privacy claims to consumers as misleading. That complaint, filed in U.S. District Court for the Northern District of California, alleges that D-Link and its U.S. subsidiary, D-Link Systems, used “inadequate security measures” to protect its products, leaving its wireless routers and Internet cameras “vulnerable to hackers.” That put “U.S. consumers’ privacy at risk.”
In a concurring statement, however, Acting FTC Chairwoman Maureen K. Ohlhausen said that the case against VIZIO is not as cut and dry, raising questions about existing definitions of “sensitive information,” and whether granular television viewing data meets the standard.
“There may be good policy reasons to consider such information sensitive. Indeed, Congress has protected the privacy of certain video viewing activity by passing specific laws, such as the
Cable Privacy Act of 1984,” Ohlhausen wrote. “But, under our statute, we cannot find a practice unfair based primarily on public policy. Instead, we must determine whether the practice causes substantial injury that is not reasonably avoidable by the consumer and is not outweighed by benefits to competition or consumers.”
Ohlhausen said she planned to launch “an effort to examine this important issue further” in the weeks ahead.
Smart televisions, which run operating systems like Linux and Android, have long been objects of concern for security experts. The combination of cameras, third-party application ecosystems and common operating systems have raised the prospect of spyware, ransomware and other malicious tools being installed on the devices. The announcement comes as televisions are becoming targets of hackers and malicious software. In December, an LG smart television set was found running ransomware, highlighting LG’s stumbles to help the owner restore the infected set.