LG Smart TVs May Spy on Users, Blogger Says
An LG Smart TV owner in Britain found that his TV was tracking his viewing habits, even after he opted out of the feature.
UPDATED 9:45 am ET Wednesday with model number of TV. Updated 11:15 ET Thursday with DoctorBeet's name and occupation.
Just how smart is an LG Smart TV? Smart enough to spy on you, according to one user's findings.
A blogger who goes by the name DoctorBeet wrote that he had performed a traffic analysis on his home router and found that every time he changed the channel, his LG Smart TV would ping LG's servers with the name of the channel and his TV's identification number.
In the TV's system settings, DoctorBeet found an option called "Collection of watching info" that was set to "on" by default.
MORE: TV Buying Guide 2013
But even after he switched this option to "off," more traffic analysis revealed that his TV continued to send the same information to LG's servers.
DoctorBeet said he also discovered that the LG Smart TV would sometimes upload the names of personal files stored on an external USB drive plugged into the TV.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Only the files' names were collected, not the files themselves. However, file names can contain potentially sensitive information.
For example, DoctorBeet said he saw his Smart TV had uploaded a file name of a Christmas video that contained his children's names.
As bait, DoctorBeet created another file and called it "midget porn," just to see if the TV would upload that file name. The TV did.
LG didn't appear to be actually receiving those file names — at least not at that moment. The URL to which the file names were being posted returned a 404 "Not Found" error, indicating that the URL did not exist, even if the receiving server did.
"However, despite being missing at the moment, this collection URL could be implemented by LG on their server tomorrow, enabling them to start transparently collecting detailed information on what media files you have stored," DoctorBeet wrote on his blog.
DoctorBeet said he sent an email message to LG's U.K. subsidiary. He received a response that he should have read the Terms and Conditions of his user agreement before switching on the TV, and that any fault was with the retailer that sold him the TV.
LG's privacy policy doesn't appear to contradict any of DoctorBeet's findings. The policy states that LG collects "personally identifiable information" — names, emails, physical addresses and company names — and "non-personally identifiable information," such as IP addresses and product information.
Furthermore, LG shares this information with "strategic partners, agents, third-party marketers or information providers, or other unaffiliated parties, who are offering products or services that we believe may be of interest to you."
A video that LG created for prospective advertisers touts the wealth of information the company collects about users of its TVs and smartphones.
The privacy policy doesn't give LG customers any way to opt out of this data collection, stating, "If you do not want us to share your personally identifiable information in this manner, please do not provide us with this information."
Tom's Guide has reached out to LG for comment, which said it was investigating the situation. "Customer privacy is a top priority at LG Electronics and as such, we take the issue very seriously. We are looking into the reports that certain viewing information on LG Smart TVs was shared without consent," the company said in a statement. We will update this story as more information becomes available.
UPDATE: In his Twitter feed, set up Tuesday, Doctor Beet described himself as a "developer, tweaker and Linux enthusiast" living in Hull, Yorkshire, England.
More importantly, Doctor Beet said the television model involved in his research was an "LG 42LN575V manufactured May 2013." That appears to be a U.K.-only model; a similar North American model would be the LG 42LA6200.
UPDATE: The Sydney Morning Herald reports that DoctorBeet's real name is Jason Huntley, an IT consultant from Hull, England.
Email jscharr@techmedianetwork.com or follow her @JillScharr and Google+. Follow us @TomsGuide, on Facebook and on Google+.
Jill Scharr is a creative writer and narrative designer in the videogame industry. She's currently Project Lead Writer at the games studio Harebrained Schemes, and has also worked at Bungie. Prior to that she worked as a Staff Writer for Tom's Guide, covering video games, online security, 3D printing and tech innovation among many subjects.