Smart TV Caught Spying on Users Devices, Who’s Behind It?

A recent revelation regarding privacy violations by Skyworth TV has rattled smart TV users in China. On V2EX, an online forum for tech geeks, one user posted a series of decoding process information showing a kind of spying behaviour from the Skyworth service on all their devices connected to the internet.

According to the post, the app that does the job is called Gozen Data, which is pre-installed on the TV’s Android system and which would scan the devices, sending back data from hostname, Mac, ip addresses, network delay times, and even nearby WiFi SSID names to a database called gz-data.com.

The website traces back to Dozen, a big data company. At time of this article’s publication, the official website of Gozen has gone into repair, but other open resources show that this company has long established partnerships with not only Skyworth, but also a series of smart TV manufacturers as well, including Sanyo, TCL, Toshiba and Philips. The firm collects data by implanting system development kits in the system layer, and is able to draw a massive amount of information by having access to 149 million households across China.

Although in its statement, Gozen claimed that the data would only be applied for “household and individual viewership analysis, rating analysis, advertising analysis and optimisation,” it doesn’t change that fact that such infiltration into someone’s online activity without warning constitutes a privacy violation. According to Cybersecurity Law of the People’s Republic of China, where network products and services have the function of collecting users’ information, their providers shall explicitly notify their users and obtain their consent. If any user’s personal information is involved, the provider is obligated to comply with this law.

Gozen quickly responded to the accusation by issuing an apology, saying that “our company has communicated with Skyworth TV to disable ‘Gozen Data Service’ APK in the first instance, and conducted an in-depth investigation.”

The smart TV maker Skyworth has since cancelled its seven-year partnership with the company, declaring in a statement that “the incident seriously violated Skyworth’s core values of putting users first. Skyworth has also sent a letter to Beijing Gozen Data Technology Co., Ltd. to terminate its cooperative relationship and ordered it to delete illegally obtained Skyworth user-related data.”

SEE ALSO: Best Smart TV in 2020: Top 4K TVs from Xiaomi, Hisense, Samsung, TCL and More

However, by cutting ties with the data collecting service provider, Skyworth may still not able to clear itself off the legal consequences. The Cyber Security Law requires network service providers to take necessary measures in the process of providing services to ensure the safety of the personal information they collect and prevent information leakage, damage, and loss. In the event that personal information is leaked, damaged or lost, it should immediately take remedial measures, and promptly notify users in accordance with regulations and report to relevant authorities.

Skyworth may not have been aware of Gozen’s illegal conduct, but the more likely possibility is that it has turned a blind eye in order to survive in the competitive market, as over-collection of personal data is a prevalent – albeit unethical – means to compete among internet service providers. In either case, the company would have violated the law and will be held accountable.