Smart TVs – Getting Smarter At Watching You
Kindus has described how connected devices harvest personal data and how that can be misused or breached either by the hosting body or others who they have sold that information to. An October 2024 report by Ars Technica highlights how streaming services are improving how they gather and monetise information from the viewing device.
The data that can possibly be harvested is limited by what the user allows. Although some televisions do have customer facing cameras and microphones it is highly unlikely that these would be of use to the service provider. Corporate or other users with high security needs should consider the risks from hacking smart TVs and networks that access them. In such cases there could be a case for a hacker spying on the viewer and harvesting corporate data. Any information that could possibly be gathered from a home user’s surroundings would be of little monetary use to a service provider.
Data that can be easily collected includes content shown on the screen, details of the device itself, timings and other information input by the user. Any screen content need not be restricted to that provided by an on-line provider but could include terrestrial signals and input from devices such as USB storage or local media servers. The information is used for targeted advertising. By aggregating and analysing data the collector hopes to make informed decisions.
The provider can better promote their advertising sales if these are more likely to lead to product purchases. This follows the web advertising model where the same time and space block can be sold multiple times and each viewer being served adverts that ‘might be of interest’. There is also the income from outright sales of information collected. With a steaming medium the provider has the ability to place fewer adverts when a program begins but increase the frequency as it continues to run knowing that a viewer is likely to want to stay watching and see any story conclude.
Recent developments allow the placement of adverts linked to the show being watched. Where the service includes a subscription model such as Amazon or Netflix a viewer could purchase an item through interacting with an advert using their remote control. Devices can also follow the Amazon model where adverts are displayed on the home screen; showing adverts when the user is browsing services or choosing channels to watch.
The ‘free’ streaming services such as Tubi, Pluto and device specific stores like LG Channels will not have access to financial information so are incentivised to collect and possibly sell-on viewer data. None of these solutions can properly be described as ‘free’ because the user is paying with their time in watching adverts to see the content they actually want. Someone, somewhere will be paying to run a service. The BBC for example is based on a compulsory license fee in the UK. Most such services have some sort of agenda behind providing a free service.
Not all streaming services require an account to be created. If personal information has not been input then it cannot be harvested. Some services will not work without an account and others will restrict the features available. On Tubi for example an account is required to resume watching from where it was left off. Otherwise the viewer would need to scroll through to where they left off if watching over more than one session; possibly suffering from additional adverts. Providers claim to customise adverts to their users so if an account must be used then it can be from a ‘throwaway’ email and with incorrect personal details; taking care to invent details that will promote more entertaining adverts.
Services exist that claim to block adverts on streaming services. YouTube have been in a battle against advert blockers as they constantly change their algorithms to stop browsers and add-ons from blocking their adverts. Blockers stop adverts at the input stage as they are routed into the viewers device. For example; using Pi-hole running as a DNS server attached to a network’s router. This system looks for known IP addresses that serve adverts and blocks them. It then forwards the filtered traffic onto the streaming devices attached to the same network. Internet adverts usually come from known advert providers who are responsible for choosing the ‘targeted’ adverts from their pool. Hence; there are relatively few addresses to monitor and such a list is easily updated. YouTube avoids this by setting up adverts at their end of the stream and embedding them so any local server sees the adverts and video as part of the same IP address source.