Yes? That's exactly the attack that was being discussed -- plugging into a device that did that by default/without telling you/without giving the option to disable it, and possibly not even knowing it was happening.

It sound from other discussions here that maybe that isn't very likely given that the network support sounds like it was seldom if ever implemented, but it's certainly a valid concern and the type of scenario I've come to expect from adversarial consumer device vendors who now seem focused less on their products than on how their products can be a conduit for data mining their 'customers'.