- March 22, 2016
- Posted by: Kerry Tomlinson, Archer News
- Category: Posts with image, Privacy, Vulnerabilities
But use of the silent listening code has already spread beyond the company’s apps, according to the FTC.
For some, it is a direct way to find exactly what you’re watching on TV, to hone advertising and marketing.
For others, it is a deep invasion of privacy, using your phone’s microphone to silently gather info abut you.
Now, the company behind the app that harnessed your microphone to listen in on your habits says it is shutting down the project.
India-based SilverPush sent a statement to Archer News, saying its “Unique Audio Beacon” project, where your phone “hears” tones from TV shows and ads, is over, and the company is not actively using the technology with any companies in the U.S.
“We wish to inform that SilverPush has exited from all UAB (Unique Audio Beacon) based business and shifted its business to a newer product line as a company keeps exploring new avenues of growth as a part of its overall strategy,” the statement said.
SilverPush identifies itself as a “technology-marketing platform for brands to understand and connect with their customers.”
Some privacy advocates were concerned about the SilverPush app’s ability to silently monitor your activity.
SilverPush said it informed people downloading the app that they would be monitored.
“Allowing access to microphone would enable the app to hear for TV ads. By allowing access you will get exclusive offers and deals about those ads,” one of the SilverPush app screens says in small print, according to Forbes.
But the Federal Trade Commission said last week that a dozen other apps were using secret listening code, and were not informing people about their app’s spying capability. The agency sent the developers warning letters, saying they could be breaking the law.
The FTC said the app developers appeared to be using SilverPush-style code, though it did not say the app developers were connected with SilverPush.
“These apps were capable of listening in the background and collecting information about consumers without notifying them,” said Jessica Rich, the FTC’s Bureau of Consumer Protection Director in a press release. “Companies should tell people what information is collected, how it is collected, and who it’s shared with,” she said.
An FTC spokesperson told Archer News that he could not name the apps because it could give the appearance that the app developers were guilty of violating the law, when in fact the FTC had simply sent them warning letters.
Cutting all ties
SilverPush wants you to forget it about its connection to the silent listening project, according to its statement.
“We would appreciate if SilverPush is not associated with UAB based business going forward,” the statement said.
“This is however to clarify that this has not been done due to privacy concerns as we were never intruding privacy and adhering to all regulations,” the statement added.
The company said it never actually listened to people’s voices, but instead was “matching our own watermarks.”
“Was the data we captured intrusive?” the company asked. “The data taken up by cookies (enabled on almost every site) and other marketing data from Internet giants such as Google, Facebook, Vizio, Drawbridge, Tapad and any smart TV manufacturer has is far more intrusive.”
SilverPush applauded the FTC’s move to send warning letters to the developers using similar code.
“This is a welcome move that FTC is taking a stand on user privacy and issuing warning and we are also investigating whether any app developer had pushed an application with our code in the United States,” said the statement.
New SilverPush project
SilverPush told Forbes that its new television and advertising project, called Parallels, does not track people.
“We do not know if the user is watching TV. We just target user [sic] on the basis of micro moments,” said Piyush Bhatt of SilverPush, according to Forbes.
SIlverPush’s website describes how Parallels works. The company says it monitors live TV events across all channels. If it detects an event that is “meaningful” to an advertiser’s brand, it will deploy a digital ad within seconds.
SilverPush’s statement says that a company could run a mobile ad at the same time that its TV ads are running, for added push, or could run mobile ads at the same time a competitor is running ads on TV, to try to combat the TV message.
“Why is this helpful to big brands?” the statement asks. “This helps them achieve high SOV [share of voice] at the time when their audience has received the highest impact about their ad and close the customer journey cycle.”
Warning for app users
The SilverPush-style code, however, may still be in use, according to the FTC. Silent listening may still exist—in app stores and even on your own phone—even if SilverPush has moved on.
The FTC warning “highlights that organizations and individual users can no longer depend on the myth of 100% secure operating systems and 100% secure app stores,” said David Jevans, vice president of mobile security at Proofpoint.
“Recent months have shown conclusively that app stores have thousands of malicious apps, and there are thousands more to be discovered on both iOS and Android,” he said to Archer News.
He said malicious apps can expose people and work systems to data theft, privacy violations and more.
The FTC said the 12 apps with the secret SilverPush-type code were available on Google Play.
“A static approach of ‘trust the OS and the app store’ doesn’t work anymore.” Jevans said.