Waarschuwing: *Privacy niet inbegrepen bij dit product
Samsung offers many versions of their Galaxy earbuds. There's the Buds2, Buds Pro, Buds Live, and Buds+. That's a lot of Buds. And these tiny earbuds come in lots of shiny colors. They do the things earbuds do: sound good, cancel noise, let in ambient noise if you want, pair with a phone or computer over Bluetooth, get lost easily. You can use the Find My Earbuds feature in the app to help find them, but only if they are already connected to your phone, so don't lose these little guys if their battery is dead or you're more than 32 feet away. Oh, and FYI, Samsung is pretty bad at privacy, so maybe it's better if you lose these little guys after all.
Wat kan er gebeuren als er iets misgaat?
Not gonna lie, it sure seems Samsung likes to collect a lot of data on users, young and old alike (seriously, the children's data section in their Samsung account privacy policy seems nuts to us). When you talk, Samsung listens. Literally. Samsung can collect the recordings of your voice when you use voice commands. They can also collect your biometric information, geolocation, browsing history, the super-broad “sensory information” and information that you store on your device like your photos, contacts, text logs, and calendar information. Oh my! And that’s on top of the standard account information most companies collect, like your contact and payment information. They can also create “inferences” about you -- which are assumptions about your preferences and behavior based on other information they have. Samsung doesn’t stop there though, they can also collect information about you from third parties like social networks, data brokers, and more.
Like most companies that like to collect a lot of data, they may share some of that data all kinds of places -- with affiliates, business partners, marketing partners, and “data analytics providers.” They also reserve the right to sell your data for advertising purposes. Tisk tisk. They also say they can share information about you “to law enforcement authorities … if required or permitted to do so by law or legal process.” Hmm. Since it’s not usually illegal to share your data, that wording leaves the door open for your information to be shared pretty much at their discretion.
Oh, and parents, if you have a child please don't create a Samsung account for them. As we mention above, what Samsung says they can collect and share on your child if you create an account for this is crazy. They say they can collect things like video, images, geolocation information, health information, calls and messages. And then they go on to say they can use that information about your child for things like " delivering content and responses tailored to your child and the way your child interacts with the services and features," and the broadly defined "To operate, evaluate and improve our business, including developing new products and services, managing our communications, analyzing our services and customer base, aggregating and anonymizing data, performing data analytics and undertaking accounting, auditing and other internal functions." That's not all though. They also say they can share your child's information with subsidiaries, affiliates, service providers, and "our business partners, such as wireless carriers, as well as third parties who operate apps and services that connect with certain Child Services". This all seems like a lot of potential collection and sharing of your child's personal information that you probably don't want collected and sold. Poor form, Samsung, and the many others who share personal data willy nilly.
Speaking of “nilly,” Samsung also accidentally leaked sensitive data to ChatGPT in early 2023 when their employees reportedly pasted code into the AI chatbot asking for help -- to check and optimize it. Samsung banned its use on all company devices and devices that connect to their network when they found out. It’s a good reminder for everyone that what you share with ChatGPT and most other chatbots is not private.
One last gripe? We did not get off on the right foot with Samsung. If you search for Samsung’s privacy policy, you’ll find a bunch of different results that link to different Samsung websites -- with different policies for their accounts and for their services and products which is kinda confusing because most people who have one probably have the other, too. We based this review on their most recently updated policy (and its Californian counterpart) that says it covers their connected devices and services. Privacy researchers sure do have confusing privacy policy ecosystems because it makes our jobs hard, and because we know if we're struggling to find and understand it when it's our job, what chance do consumers have when they have little time to sort through everything. Do better Samsung!
It’s finally silver lining time! It seems like Samsung might (but probably not) extend the rights that protect users under California’s stronger privacy law, CCPA, to all of the United States, since they call them “US Consumer Privacy Rights” and the form where you can request to access or delete your data lets you choose different states. And Samsung users in Europe have those rights by default thanks to their own privacy protection law, GDPR. If you want to exercise them, you can kick off the request by choosing your country here. Unfortunately though, Samsung doesn’t make that promise to all its users (even in the US) in their privacy policy. They say those rights are “subject to applicable law” so they’re not guaranteed no matter where you live. That’s a shame. And to put another damper on that potential silver lining -- completing that form to try and excercise your rights to have your data deleted is nearly impossible without a computer science degree. Again, Samsung, do better!
What could go wrong? Well, Samsung likes to show ads tailored to you through various ad networks, and say they do a lot of tracking of your online activities to do so. These headphones come with a voice assistant named Bixby that will listen for your voice commands. Samsung may use your interactions with Bixby to learn more about you and then target you with ads or share this data with others who may use it to target you. That means it's possible that if you keep asking Bixby the same question over and over again, Samsung might “infer” that you have a bad memory (rude) and then target you with a bunch of ads for herbal remedies that make you doubt yourself. Not cool. OK, this is probably not likely, but also not impossible in our digital ad economy. Also, there are way worse things that could happen with all the huge amounts of data that Samsung collects on you. Especially given there not so great track record at protecting all that data.
Tips om uzelf te beschermen
- Use privacy settings for Galaxy
- Consider using your headphones without connecting it to an app. This way, you may decrease amount of data collected
- Do not sign up with third-party accounts. Better just log in with email and strong password.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
- Keep your app regularly updated
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
- When starting a sign-up, do not agree to tracking of your data if possible.
Kan het me bespioneren?
Camera
Apparaat: Nee
App: Nee
Microfoon
Apparaat: Ja
App: Nee
Volgt locatie
Apparaat: Nee
App: Ja
Wat is er nodig om u aan te melden?
E-mailadres
Ja
Telefoonnummer
Nee
Account van derden
Nee
Welke gegevens verzamelt het bedrijf?
Persoonlijke
Identifiers: identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, and other similar identifiers. Additional Data Subject to Cal. Civ. Code § 1798.80: signature, bank account number, credit card number, debit card number, and other financial information Protected Classifications: characteristics of protected classifications under California or federal law, such as age and sex. Location information: Information about nearby Wi-Fi access points, cell towers, and, with your separate consent, your device’s GPS signal, may be transmitted to us when you use certain Services. In addition, for certain Services, zip codes or postal codes and inferred locations using IP addresses may be transmitted to us when you use such Services. Inferences: inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, and behavior (for example, when you use the Customization Service or in connection with personalized ads served to you).
Lichaamsgerelateerd
"Sensory Information: audio, electronic, visual, and similar information. Voice information: Recordings of your voice that we make and collect on our servers when you enable this function and use voice commands to control a Service are covered by the separate Bixby privacy policy. "
Sociale
Hoe gebruikt het bedrijf deze gegevens?
Hoe kunt u uw gegevens beheren?
Hoe staat het bedrijf bekend als het gaat om het beschermen van gebruikersgegevens?
In April 2023, internal, sensitive data was leaked to ChatGPT from Samsung. As the result of the leak, Samsung banned use of generative AI tools at the company.
In early 2022, Samsung fell victim to the Lapsus$ cybergang, which boasted to have stolen 190 Gb of data from the tech giant. The data breach notice conspicuously notes that the breach “did not impact Social Security numbers or credit and debit card numbers.”TechCrunch asked Samsung if it collects and stores Social Security numbers and that this data is unaffected, but the company declined to say — only that the issue “did not impact” Social Security numbers. Samsung collects Social Security numbers as part of its financing options and as a requirement for users of Samsung Money.
In February, 2020, Samsung had a data breach on it UK customer account pages, affecting less than 150 people.
Privacyinformatie voor kinderen
Kan dit product offline worden gebruikt?
Gebruikersvriendelijke privacy-informatie?
Trying to find, navigate, read, and understand's Samsung's various privacy policies is a nightmare.
Koppelingen naar privacy-informatie
Voldoet dit product aan onze minimale beveiligingsnormen?
Versleuteling
Sterk wachtwoord
Beveiligingsupdates
Beheert kwetsbaarheden
Privacybeleid
Dieper duiken
-
Galaxy users, take note: Samsung's probably selling your dataJR Raphael
-
Samsung Bans Staff’s AI Use After Spotting ChatGPT Data LeakBloomberg
-
Samsung bans use of generative AI tools like ChatGPT after April internal data leakTechCrunch
-
How Samsung Galaxy Cameras Combine Super Resolution Technologies With AI Technology to Produce High-Quality Images of the MoonSamsung Mobile Press
-
Samsung cops to data leak after unsolicited '1/1' Find my Mobile push notificationThe Register
Opmerkingen
Hebt u een opmerking? Laat het ons weten.