Chinese TV maker: Yes, our Android TVs spied on customers [update]

Skyworth Q91 8K TV Hands on
(Image credit: Future)

Updated with comment from Skyworth USA.

A top Chinese TV maker that's made inroads into the North American market admits that its TVs have been spying on users, or at least users in China.

Skyworth, which made a big splash at CES 2020 in Las Vegas and sells at least six TV models in the U.S., said in a statement posted online last week that a third-party application called Gozen Service on its Android TVs had been collecting more data than it was supposed to.

According to an unnamed Skyworth TV owner who posted about it on a Chinese software-development forum, the Gozen Service app is developed by a company called Gozen Data. The app collects data about all of the internet-connected gadgets on the home wireless network, as well as the names of nearby Wi-Fi networks, and sends to a Gozen-run web server. 

"In other words," the poster said, according to Google Translate, the Gozen Service app gathers information about "what smart devices do you have at home, whether your mobile phone is at home, who is connected to the internet at home, what is the name of the neighbor's Wi-Fi, and you [the Gozen Service] can collect and upload it at any time."

All that information could in theory be used to geolocate the TV set and track the movements of residents' mobile devices, both physically and online.

"This thing scans my family's connected devices every 10 minutes, and sends back the hostname, MAC, IP and even the network delay time," the posting user added. "It also detects the surrounding Wi-Fi SSID names. The MAC address is also packaged and sent to the domain name of gz-data.com."

How, asked the poster, is this "not a spy service???"

Spying app may be limited to China

The South China Morning Post, which earlier reported this story, tried to reach out to the original forum poster but did not receive a reply. Skyworth said that its TVs sold in Hong Kong, where the South China Morning Post is based, never had the Gozen Data app pre-installed.

It's not clear whether Skyworth TVs sold outside China have the Gozen Data app installed, or any other kind of third-party data-collection app. Tom's Guide has reached out to Skyworth USA for comment, and we will update this story when we receive a reply. (Please see below.)

In its statement, Skyworth said it had "terminated the partnership" with Gozen Data, which "was limited to the surveying of domestic TV program ratings in Mainland China on a sampling basis. The violations beyond this scope were not approved nor authorized by SKYWORTH TV."

However, Chinese public financial records uncovered by Pandaily.com showed that Skyworth is a major investor in Gozen Data. Pandaily.com said Gozen Data also had partnerships with Philips, Sanyo, TCL and Toshiba, although we were not able to find any reference to those companies in the public records Pandaily.com linked to.

Global reach

The South China Morning Post said Skyworth is the third-largest TV maker in China, after Xiaomi and HiSense, and the fifth-largest TV maker worldwide. 

You can buy two Android-powered Skyworth TVs on the U.S. version of Amazon, as well as a cheaper Skyworth TV that doesn't seem to have any "smart" features. The Skyworth USA website lists at least three more Android TVs.

Sick Codes, a hacker based in Southeast Asia who last fall showed what appeared to be spying activity in TCL TVs, put us in touch with Gsmaster, a North African phone hacker who owns more than one Skyworth TV.

Sick Codes and Gsmaster scanned a Skyworth TV's internet connections and showed us an Nmap screengrab that indicated at least nine open ports that were being used for purposes unknown. It's not clear if Gsmaster's Skyworth TV was running the Gozen Data app, which Skyworth said is supposed to be only for the Chinese domestic market. 

Running afoul of Chinese authorities

This kind of data collection nevertheless runs counter to new user-privacy regulations that are being rolled out in stages in China this year. 

According to the South China Morning Post, the regulations mandate that users can decline data collection that is not necessary for an app or device to function. Pandaily said the regulations also stipulate that manufacturers and service providers notify users about any kind of personal data collection.

Pandaily speculated that even though Skyworth threw Gozen Data under the bus, the TV maker might still be required to notify users and authorities of the extent and scope of the personal data that was sent to third parties.

"Moving forward," said the Skyworth official statement, " we will implement more stringent reviews on the conduct of our partners and service providers to safeguard our users' privacy, data, rights, and interests."

Update: Skyworth comment

A Skyworth USA representative responded to our inquiry and provided us this statement:

"Skyworth North America operations is pleased to report that our parent company has responded decisively in ensuring our customers' privacy is a number one priority and that Skyworth TVs ... in the North America market were not subject to and do not feature the data app in question."

The representative then referred us to the official Skyworth company statement linked to and quoted at the beginning of this report.

TOPICS
Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.

Read more
tv remote in front of tv
A new feature is cropping up on several new smart TVs — and you’ll want to turn it off immediately
An Android bot next to an Android TV remote
Millions of Android TVs hijacked in massive botnet — how to see if yours is at risk
Green skull on smartphone screen.
Over 1 million Android devices infected with password-stealing, pre-installed botnet malware — how to stay safe
DeepSeek logo on smartphone in front of merging US and Chinese flags
DeepSeek AI banned by NASA, US Navy, and more over privacy concerns
TP- Link Archer AX55 sitting on desk
This Chinese router company with 65% market share in the US could be banned — what you need to know
Cartoon of person peering through US flag
Western governments want your data and big tech is happy to provide – how to slow them down
Latest in TVs
woman shopping for TV with retail worker giving advice
I've been testing TVs for a decade — 5 things to avoid when shopping for a cheap TV
All-new Roku TV unveiled at CES 2023
Roku is facing a huge backlash over auto-playing ads that pop up before the home screen
Apple TV hand gestures
Say goodbye to your TV remote — how interactive gestures and AI could reshape the way we watch
LG G4 OLED in living room
This is the one setting on your HDR TV most people don't know about — here's how to tweak it
Samsung Q60D QLED TV on console in living room
Here's why more sports games aren't broadcast in 4K — but streaming might have the answer
Hisense U7N Mini-LED TV
Best TVs for March Madness 2025 — OLED, QLED, and Mini-LED top picks
Latest in News
NYTimes Connections
NYT Connections today hints and answers — Wednesday, March 19 (#647)
Chromecast with Google TV connected to display
Google finally pushes out full Chromecast fix for users who factory reset — here’s what to do
A picture of a skull and bones on a smartphone depicting malware
Hundreds of malicious Android apps with 60 million downloads found spamming Android users with ads and stealing credentials
Switch 2 console and logo
Nintendo Switch 2 rumor just tipped possible release date — and it's much sooner than we thought
Hacker typing on laptop in darkened room
Hackers create "BRUTED" tool to attack VPNs – how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs