That Game on Your Phone May Be Tracking What You're Watching on TV

In 2016, the US Federal Trade Coimmission issued a warning to app developers that had installed Silverpush, software that uses device microphones to listen for audio signals inaudible to the human ear that identify the television programmes they are watching. Nonetheless, similar technology continued to spread. In 2017, software from the TV data collection startup Alphonso, began to spread. As many as 1,000 gaming, messaging, and social apps using Alphonso's software, some of them aimed at children, have the ability to track what TV programmes users watch, even when the games aren't being played.

As long as the apps are running in the background, Alphonso's software uses audio signals in TV ads and shows to identify what users are watching. It can also follow the ads people see in their friends' homes and elsewhere, detect movies via snippets provided by the studios, and recognise music via a deal with the listening app Shazam. The viewing information is tied to IP addresses, which can be matched to more detailed identifying characteristics via data brokers even without personally identifiable information like names and addresses. Alphonso, which collects TV viewing data for advertisers, says the apps do not collect human speech, and that their functioning is clearly explained in the apps' descriptions and privacy policies. Users, the company says, opt in knowingly and can opt out at any time. This type of data is highly valuable to advertisers, who spend $70 billion in the US on TV. Previous similar efforts - software known as Silverpush - have attracted warnings and fines from the Federal Trade Commission. While it's not entirely clear how much information Alphonso successfully collects every day, these are concerns that also apply to internet-connected speaker devices from Amazon and Google.

Writer: Sapna Maheshwari
Publication: New York Times

What is Privacy International calling for?

Data beyond our control, invisible to the individual

People don’t know or control what data is on devices and how it is used by others, and how this can be used against them. In the future, individuals’ data held on technologies and devices can be exploited beyond the control of the individual, to anybody with the authority and capability.

The era where we were in control of the data on our own computers is nearly over. We were once able to access, process, and delete our data on our devices, with few exceptions. Now industry is building an era where devices and services are

  • generating data we cannot control,
  • storing data we cannot access,
  • using systems we cannot monitor, and
  • accessing and sharing data without our knowledge.

Often, there is more data being generated than is necessary for the provision of a service, the functionality of a device, or the clearly-stated business purpose. This excessive generation of data, often done beyond our control, leads to excessive processing, often done without our knowledge, and may exceed the reasonable expectation of users.

Why this matters

In the future, individuals’ data held on technologies and devices can be exploited beyond the control of the individual, to anybody with the authority and capability. Data on mobile phones and health devices are already used as evidence in criminal proceedings and are increasingly monitored by employers. 

Data is generated by technologies and systems designed for the ambitions of companies and governments rather than prioritising the interests of the individual. This means those companies have immense power over these systems and the data. 

People must know

People must be able to know what data is being generated by devices, the networks and platforms we use, and the infrastructure within which devices become embedded.  People should be able to know and ultimately determine the manner of processing.