Why cord cutting is a privacy minefield

The decentralization of TV has led to more choices and better content, but it also invites unchecked levels of data collection.

Why cord cutting is a privacy minefield
[Photo: Kelly Sikkema/Unsplash]

When you sit down to stream a TV show on a Roku player or Amazon Fire TV Stick, it’s easy to assume the data is only flowing in the direction of your eyeballs.


In reality, the streaming boxes and smart TVs that we use to cut cable allow for widespread data collection. Recent research has shown that popular streaming apps help themselves to all kinds of data that advertisers can tie back to streaming device users and what they’ve watched, then ship it off to trackers associated with Google, Facebook, and others. In a handful of cases, apps even collected the email addresses associated with users’ accounts. And while some devices have settings that are supposed to limit data collection, those options didn’t always stop it from happening.

Such is the inherent trade-off with streaming video over the internet: With so many different apps, each with their own array of tracking and advertising mechanisms, figuring out what’s happening to your data becomes practically impossible to understand. Unless streaming TV platforms intervene in a meaningful way, users will have little ability to control where their viewing data goes.

Tracking the trackers

The idea that streaming TV devices are watching what you’re watching is not new, but it gained new attention last month after researchers at Princeton University and University of Chicago documented the behavior of trackers on Roku and Amazon’s Fire TV platforms.

By setting up a system to automatically download and interact with popular streaming apps, then intercepting the data those apps were sending back out, the researchers uncovered a sprawling network of trackers. Some apps allowed third-party trackers to see specific titles of videos being played, and in a handful of cases, apps gathered the account holder’s email address as well. Some apps tied this information to “static” identifiers such as the device’s serial number, thereby preventing a factory reset from dissociating the data with the devices. Fire TV devices would sometimes send out Wi-Fi network names, which could in theory be associated with other devices in the home for tracking.

“Trackers are getting access to what you’re watching, and how long you spend time on certain programs,” says Hooman Mohajeri Moghaddam, one of the Princeton researchers who worked on the study. “So basically, it’s another dimension of data that’s added to your profile.”


A lot of this collection still happens even when users turn on Roku’s “limit ad tracking” option or Amazon’s “disable interest-based ads” option. On Roku, some apps seemed to circumvent this by gathering serial numbers instead of the advertising ID that Roku provides. On Fire TV, some apps just kept right on collecting the device’s advertising ID, along with lots of other information. And in both cases, the apps continued to communicate with trackers, suggesting that ad targeting might continue regardless of users’ settings.

“These privacy modes might not be delivering what the user thinks they’re delivering,” Moghaddam says.

Inside the online video ad machine

Scary as it sounds, people inside the streaming video ad business say that all this tracking is essential to the way advertisers measure eyeballs online.

With traditional TV, advertisers had to guess at how many people would see a given campaign, using TV ratings as a rough guide. It was a “spray and pray model,” says Jessica Berman, the senior product manager for SpotX, a company that fills ad spots on connected TV devices. (SpotX was also named as one of several trackers that turned up in the Princeton and University of Chicago study.)

By comparison, online video allows advertisers to count exactly how many people see an ad, which makes sense given that anyone could be watching an on-demand video at any time. “If advertisers are advertising on [connected] devices, they want to know if an impression was served and watched so that they pay for it,” Berman says.


Reporting to an advertiser that someone has seen their ad inevitably involves an exchange of data, but online advertising can also go further than that. Advertisers might, for instance, want to limit how many times an ad appears in a given device, so you don’t wind up watching the same Coke commercial five times in a row. That requires a unique identifier to discern one device from another. They might also want to assign a particular ad to a certain kind of programming, such as a sporting event. That would naturally require information about what’s playing when an ad spot comes up.

All of this means that when a streaming app requests an ad from a supplier like SpotX, it has to include some information about the device that’s streaming and possibly what it’s playing. Without this information, experts say advertisers wouldn’t pay to have their ads delivered in the first place, because they wouldn’t know how many people watch a particular commercial—especially on demand.

“All those rules, they can’t be accomplished without being able to identify the device with some uniqueness,” says Sean Doherty, the CEO of Wurl, a company that provides a suite of tools for distributing and monetizing online video. “You have to have some rules, otherwise there’d be no ads.”

Potential for invasiveness

Given that most people would be glad not to see the same ad over and over, the problem isn’t so much that tracking exists at all on streaming TV platforms, but that it exists in a way that eludes transparency and accountability. If you’re using an app on Roku or Fire TV, you might not realize it’s sending data to Google and Facebook, let alone realize what they’re doing with it. Maybe it’s for something innocuous, like counting the number of people who’ve seen an ad, or maybe it’s going into a broader user profile that those firms can use for ad targeting down the line. For users, every individual app is its own black box, with its own inscrutable privacy policy.

Both Wurl’s Doherty and SpotX’s Berman say that in general, tracking firms aren’t keeping the information they collect, but no one’s actually enforcing this or requiring companies to purge whatever they might keep. Hypothetically, if a company like Facebook was building up a history of everything you’d watched on Fire TV, you’d have no way to know it was happening or do anything about it.


Industry experts also acknowledge that a long-term goal for online video advertising is to retarget users with persistent ads as they move across devices. We’re now starting to see firms like Steelhouse and Sabio promise cross-device targeting, which would necessitate gathering and retaining more data about users’ behavior. Roku’s own privacy policy gives the company latitude to do this kind of tracking as well.

“The story that everyone tells is that we’ll each get a different ad when we watch Seinfeld because the system knows information about us and what we’re interested in,” Doherty says. “You’ve got to start with laying the tracks, which is basically what we’ve got right now.”

No simple answers

Princeton’s Moghaddam says he doesn’t have any complete solutions for the prevalence of trackers on streaming devices. The research is more of a starting point, he says, for developers, researchers, and users to make sense of what’s happening.

“I think our paper is trying to shed some light, and basically promote this conversation about what it means for these platforms to provide some sort of reasonable privacy measure,” he says.

The closest the researchers come to a hard recommendation is the idea of an “Incognito Mode” for streaming devices, which would theoretically let users mask what they’re watching. You would still see advertising, but it wouldn’t be targeted based on your online behavior, and it would stop companies from collecting information about your viewing habits. Another approach might be an activity manager for deleting your viewing data, similar to what Google offers for activity on its websites and apps.


These kinds of ideas, however, would require buy-in from a lot of different parties. Platform holders like Roku and Amazon would have to require that all tracking be associated only with an advertising ID, which it assigns to each user and can be reset at any time. App makers would have to go along with that plan even if it meant losing some control over their tracking, and advertisers would have to accept that advertising ID as a valid unique identifier, even if it’s less reliable than, say, a device’s serial number.

As of now, there’s no sign of companies like Amazon and Roku moving in that direction. Reached for comment, Amazon provided a statement saying that if users opt out of interest-based ads, advertisers aren’t supposed to use the device’s advertising ID to build profiles for targeting. Per the research from Princeton and University of Chicago, that policy doesn’t seem to accomplish much.

Roku didn’t have much to add. “We are watching the industry and thinking about this area ourselves, but we don’t have anything new to share on this front,” spokeswoman Tricia Mifsud said via email.

None of this is to say that cord-cutters should go running back to cable, which has its own history of quietly collecting and monetizing data about users’ behavior. But as we reckon with widespread data on our phones, tablets, and computers, made possible by an endless number of apps and services, we should realize that streaming players are just as guilty.