I was under the assumption that because of GDPR (which is in effect..).. or current "end-user metadata storage" best practices.. if you (a website/or app) didn't immediately disclose to the user what data is being used,stored, and why it is -- then you shouldn't store it at all.
If you agree that the world needs better examples today, then Samsung has definitely showed one.
GDPR is dead in the water.