It might not come as much of a surprise that a smart TV product shares user data. However, how prevalent the sharing is and the sharing conditions might surprise you.
Researchers recently looked at the user data sharing by a number of IoT devices, including smart TV products.
The results indicated smart TVs and set-top boxes are some of the most prolific. While Amazon and Google appeared to be the companies most often contacted by devices, the study found data is also shared with companies a user has no direct involvement with.
Is your smart TV sending your data?
The study was conducted by researchers at Northeastern University in the U.S. and Imperial College London in the UK. The full paper can be viewed here.
The study focused on eighty-one devices in total. That's IoT devices in total. In terms of TV products, the list included smart TVs by Samsung and LG, along with a variety of smart set-top boxes. The STBs came in the form of Apple TV, Amazon Fire TV, and Roku OS devices.
The results pointed to smart TVs and STBs as some of the most prolific in terms of reporting back. This was particularly true in terms of third-party services. For example, on third-party contact, the study found the TV category (sets and boxes) made "the largest number" of contacts across "all device categories." The researchers pointed to TV content (and ad) customization as a possible reason.
The study also found the use of VPNs had no real effect on the results. Basically, it did not change the number of contacts made, just who and where a device contacts.
Netflix watches you, even when you don't watch Netflix
What might be more concerning was Netflix. The researchers explained that almost every device in the TV category contacted Netflix. That might not initially seem surprising considering the number of Netflix users and devices that come with Netflix preinstalled. However, an active Netflix subscription was not in use during testing.
In other words, the researchers discovered TV devices are sharing data with Netflix, irrespective of whether the user has a Netflix account set up, let alone enabled. Again, as Netflix is so readily available on devices, this will affect the majority of devices within the TV category.
Netflix is not the only app or service that does not need to be in use to send user data. For example, the bulk of the tests conducted on TV devices consisted of menu browsing, voice commands and/or adjusting the volume. It was mainly these actions that the level of contact was based on.
A positive noted in the study was the elevated use of encryption in general. This is good from a user point of view as it should mean less prying eyes. However, that's not quite what's being discussed here as the companies contacted were technically, invited eyes.
To put this point into perspective, the higher levels of encryption did stop the researchers from properly understanding what information was being shared. It did not stop the actual information from being shared.
What about Android TV?
You may have noticed Android TV was conspicuously missing from the testing. For whatever reason, it was. However, that's not to assume Android TV is any safer in this respect. After all, Android TV is Google, and Google was one of the companies data was most often shared with. Along with Amazon, Netflix, and Microsoft.
What's more, Google has never been shy on making direct Android TV appeals to operators, device-makers and advertisers. Therefore, you can probably assume an Android TV device would generate similar results to those found in the study. This seems to be especially true when it comes to services like Netflix considering almost every device with Netflix installed, contacted Netflix.
Again, that's regardless of whether the user is a Netflix subscriber or uses the app.