| |
The
Privacy Foundation today released its first Privacy Advisory regarding a set-top
box: the TiVo personal video recorder. It seems clear from our research that
many of the privacy issues dogging the Internet (tracking individual behavior,
opt-in/opt-out, and murky privacy policies) are headed straight for your TV set.
The best way to describe TiVo is as a VCR on steroids. Rather than using video
tape to record TV programs, it uses a hard disk, with up to 60 hours of
recording time in one model. The box is controlled by an internal computer that
comes with sophisticated software, along with an electronic programming guide,
that makes it easy to identify and record TV programs and watch them later. You
can even program it to record shows up to two weeks in advance.
TiVo has the TV industry very concerned because TiVo viewers can easily
fast-forward through ads. But TiVo's investors and partners include some of the
biggest players in the game: NBC, AOL Time Warner and Nielsen Media Research.
I'll tell you what I think is going on with them later in the column.
But first, the snoopy part.
Because a TiVo box plugs into the phone line, we were very interested in
learning what our TiVo box says when it phones home to TiVo. The phone line is
primarily used to download TV schedules to the box, but it can also upload
information back to TiVo. In particular, we wanted to find out if it reports
back to TiVo what we are watching on TV. We also wanted to know out how up-front
TiVo is in telling subscribers about any tracking that might be done. This meant
reading marketing literature, TiVo manuals, terms of service agreements, and
TiVo's filings with the SEC.
To read the advisory in full, click
here. I'll summarize some of the key findings below.
To answer our first question, "Does a TiVo box spy?," Dr. David
Martin, the technical lead at the Privacy Center at the University of Denver,
created a modem sniffer set-up that allowed him to watch all the data that
passed back and forth between his TiVo box and TiVo servers. He found that the
TiVo box was very talkative. He saw that it was sending back the following types
of information back to the TiVo:
 His
customer ID number for the TiVo service
 Times
and dates when he was using the TiVo box
 The
internal temperature of the box
 Some
button presses on the TiVo remote control
Information
about what TV programs he was watching
Much of the data being sent back looked like telemetry from a NASA rocket
launch. Pretty amazing stuff for a consumer electronics gadget! Dr. Martin then
put on his detective hat and figured out how all this data was organized. He
discovered that the TiVo box actually sends out two separate files during its
nightly phone call.
When comparing the data collected by TiVo with its stated privacy policies, Dr.
Martin drew the following conclusion: "TiVo receives all of the information
necessary to attribute the viewing information to a particular subscriber during
this phone call but gives no indication of this fact in any of its
documentation."
What's going on? Part of the mystery is solved in the "TiVo Privacy
Promise" in the back on the user manual. Basically, TiVo claims it doesn't
use "personal viewing information" that could be tied to a particular
individual. However, it does use "anonymous viewing information,"
which is that same information, stripped of personal identifiers, and aggregated
for data mining purposes. A phone call to TiVo executives confirmed that this is
how it works. TiVo allows subscribers to opt-out of providing "anonymous
viewing information," though the company admits that only a small
percentage of subscribers do that. Probably that's because TiVo doesn't exactly
promote this opt-out feature in their marketing materials and legal agreements.
My bottom line here is that TiVo isn't playing very fair with their customers,
who number more than 150,000. Even if it is "anonymous" information
about what TV shows people are watching, TiVo needs to do a better job of
explaining what is going on. Why not use the TV screen itself? During system
setup the TiVo box could show a couple of screens that explain how TiVo does
anonymous tracking. Then they could ask consumers if they would like to
participate in this program or not. Seems pretty simple to me!
But what is TiVo's goal in collecting all this data, particularly given its
alliances with big media partners? I think TiVo is collecting
"anonymous" viewing information as a bargaining chip in their
negotiations with the TV industry. By collecting this data, TiVo knows more
about the TV industry's customers than they do. TiVo's viewing data is more
easily quantified than Nielsen's statistical samples, which is one reason that
Nielsen is partners with TiVo in an opt-in viewer survey analysis.
Yet, TiVo acknowledges that they really aren't making much money from the
anonymous data today. And, due to technical issues and the uncertainty of viewer
acceptance, it is doubtful that TiVo will be able to effectively use such
information to target commercials to individual viewers, even though this was
one of their original ideas.
One potential payday would be if TiVo collected specific viewer information,
tied to demographics and psychographics, then sold that data for a variety of
direct marketing purposes. But company officials, including co-founder and CTO
James Barton, claim that is not going to happen. One of TiVo's legal disclosures
gives a little more wiggle room for the future, stating, "Under our current
policy, we do not access [viewer] data or release it to third parties."
The privacy issues around TiVo may soon apply to a range of consumer electronics
devices. Are our TV sets, digital cable boxes, satellite TV receivers, and MP3
players all going to becoming data collection devices for marketers and
advertisers? I certainly hope not. Internet-enabled devices should be designed
to minimize the amount of data they send back about us. If companies want to spy
on us, they are going to have to make it very clear what's going on and ask if
it is okay.
If companies try to slide snooping devices into our homes on the sly, I think
they'll only hurt themselves. If consumers can't tell which Internet-enabled
devices will spy and which ones won't, maybe they won't buy them at all.
Related
Links
The
Official TiVo Web Site
The
TiVo Area Within the AVS Forum
The
TiVo Hacking Web Site
Boom
Box, The New York Times Magazine, 8/13/00
The
Spy Interactive Web Site
New
Bill Targets TV Privacy, Wired News, 2/23/00
Is
Your TV Set Watching You?, Richard's Tipsheet, 1/16/01
|
|
