Warning: *privacy not included with this product
Samsung Galaxy SmartTag 2
The Galaxy SmartTag is a Bluetooth tracker that also lets you control some of your smart home devices with the click of a button. Cool. Pop this little puppy on your keychain and find your lost keys from up to 120 meters away. You can push a button on your phone to make the SmartTag play a sound to lead you right to that very important thing you lost. Or tap into the Galaxy Find Network help you find what you've lost if you're out of Bluetooth range. Before you buy though, know the SmartTags are only compatible with Samsung Galaxy phones and tablets. That's a little limiting. Oh, and Samsung is kinda terrible at privacy.
What could happen if something goes wrong?
Samsung's Galaxy SmartTags don't have the huge community network of devices helping track them that Apple's Airtags and Tile's trackers do. But, they’re working on it. In May 2023, they announced that they added millions of devices to their SmartThings Find network, growing it by 1.5 times since last year. Thankfully, just like other popular trackers, Samsung has taken some steps to help scan if an unknown SmartTag is nearby and tracking you, which is good. You should know that this setting has to be turned on, under "Unkown Tag Detection," then "Unkown tag alerts." Is this the best anti-stalking solution on the market? No. But because Samsung's network is not as vast as AirTags', they're not going to be as effective at long-range tracking. And because they're not as good at long-range tracking, SmartTags probably won't be the product of choice for bad actors.
Oh, and parents, if you have a child please don't create a Samsung account for them. As we mention above, what Samsung says they can collect and share on your child if you create an account for this is crazy. They say they can collect things like video, images, geolocation information, health information, calls and messages. And then they go on to say they can use that information about your child for things like " delivering content and responses tailored to your child and the way your child interacts with the services and features," and the broadly defined "To operate, evaluate and improve our business, including developing new products and services, managing our communications, analyzing our services and customer base, aggregating and anonymizing data, performing data analytics and undertaking accounting, auditing and other internal functions." That's not all though. They also say they can share your child's information with subsidiaries, affiliates, service providers, and "our business partners, such as wireless carriers, as well as third parties who operate apps and services that connect with certain Child Services". This all seems like a lot of potential collection and sharing of your child's personal information that you probably don't want collected and sold. Poor form, Samsung, and the many others who share personal data willy nilly.
Speaking of “nilly,” Samsung also accidentally leaked sensitive data to ChatGPT in early 2023 when their employees reportedly pasted code into the AI chatbot asking for help -- to check and optimize it. Samsung banned its use on all company devices and devices that connect to their network when they found out. It’s a good reminder for everyone that what you share with ChatGPT and most other chatbots is not private.
What could go wrong? Well, Samsung likes to show ads tailored to you through various ad networks, and say they do a lot of tracking of your online activities to do so. These little tags track the location of things you like tracked. They could help Samsung know you like to go bowling a lot, target you with ads for those ugly bowling shoes, you buy 8 pairs because, hey, why not, and then what are you going to do with 8 pairs of bowling shoes? OK, this is probably not likely, but also not impossible in our digital ad economy. Also, there are way worse things that could happen with all the huge amounts of data that Samsung collects on you. Especially given there not so great track record at protecting all that data.
Tips to protect yourself
- Check the tips on how to know if someone is tracking you without your consent.
- Use the Unknown Tag Search feature in Samsung SmartThings app, to be notified if you are being unwillingly tracked.
- Do not sign up with third-party accounts. Better just log in with email and strong password.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
- Keep your app regularly updated
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
- When starting a sign-up, do not agree to tracking of your data if possible.
What can be used to sign up?
What data does the company collect?
"Identifiers: identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, and other similar identifiers Additional Data Subject to Cal. Civ. Code § 1798.80: signature, bank account number, credit card number, debit card number, and other financial information Protected Classifications: characteristics of protected classifications under California or federal law, such as age and sex Location information: Information about nearby Wi-Fi access points, cell towers, and, with your separate consent, your device’s GPS signal, may be transmitted to us when you use certain Services. In addition, for certain Services, zip codes or postal codes and inferred locations using IP addresses may be transmitted to us when you use such Services. Inferences: inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, and behavior (for example, when you use the Customization Service or in connection with personalized ads served to you)"
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In early 2022, Samsung fell victim to the Lapsus$ cybergang, which boasted to have stolen 190 Gb of data from the tech giant. The data breach notice conspicuously notes that the breach “did not impact Social Security numbers or credit and debit card numbers.”TechCrunch asked Samsung if it collects and stores Social Security numbers and that this data is unaffected, but the company declined to say — only that the issue “did not impact” Social Security numbers. Samsung collects Social Security numbers as part of its financing options and as a requirement for users of Samsung Money.
In February, 2020, Samsung had a data breach on its UK customer account pages, affecting less than 150 people.
Child Privacy Information
Can this product be used offline?
User-friendly privacy information?
Trying to find, navigate, read, and understand Samsung's various privacy policies is a nightmare.
Links to privacy information
Does this product meet our Minimum Security Standards?
The Galaxy SmartTag2 is here with big improvements but still limited to Samsung devicesAndroid Police
Samsung's New $30 SmartTag 2 Takes On Apple AirTagsCNet
Samsung Bans Staff’s AI Use After Spotting ChatGPT Data LeakBloomberg
Samsung bans use of generative AI tools like ChatGPT after April internal data leakTechCrunch
Galaxy users, take note: Samsung's probably selling your dataJR Raphael
Samsung SmartThings Update Aims to Prevent Tracker-Based StalkingMacRumors
Samsung cops to data leak after unsolicited '1/1' Find my Mobile push notificationThe Register
I found my stolen Honda Civic using a Bluetooth tracker. It’s the latest controversial weapon against theft.The Washington Post
5 Best AirTag Alternatives for Android UsersGuiding Tech
Got a comment? Let us hear it.