Is my smart TV spying on me? (AV guide)

Yes, you can’t stop your smart TV spying on you; it is not at all benign. It is monetising your viewing habits and exposing your home network devices.

Before you get upset, let me say that you have no option but to submit to spying if you want to use a smart TV – except perhaps to disconnect it from the internet and make it a free-to-air only TV. And even these have hidden telemetry that drives the TV program rating’s engine.

Why is your smart TV spying on you?

In its most basic form, smart TVs collect and send data, including:

  • The device make/model and a unique Advertising ID.
  • Its IP address and, therefore, location.
  • What you watch – minute by minute.
  • Some TVs have motion sensors, so they know if you are sitting in front of the screen or not.
  • Some TVs have webcams and mics so they can see you, and it would be possible to perform facial recognition and voice recognition.
  • Installed Apps and the way you use them.
  • What other devices are on the home network? Where a router should not exfiltrate this data, there are no rules for a TV to tell that you own Google/Alexa/Siri devices, make/model of security cameras, or make/model of IoT devices, etc.

Then we have the various Apps – from Netflix to digital TV

  • Each App requires a login, email address and password (at a minimum).
  • Some ask you to set up a profile for each user (against a family login) to ‘better serve you content you like’.
  • Some ask for demographic data, again to altruistically help suggest shows that you may like
  • Many have Thumbs Up/Down to refine further what you like
  • And all data-harvest similar things to the smart TV

What do smart TV makers do with your data?

Plain and simple – forget the marketing BS about trying to help provide more relevant content suggestions for you. It is all about owning the customer, creating more loyalty, and selling your data.

For example (and we won’t single out any brand as they are all guilty).

  • One TV maker has a huge advertising sales department that sells the ability to get to any target you want. Imagine that you watch a lot of sports. You will be targeted with online betting, sports equipment, alcohol and venue advertisements. These appear on the home screen but more recently as pop-up banners in the dead space above or below non-standard 16:9 content. Some appear as watermarks, and we understand that subliminal advertising is also being used (advertising in the areas between frames you can’t see but feel).
  • One has a contract with Facebook to feed this data into its profile to enable Facebook to laser focus content and advertising to you.
  • Google/Android TV, of course, adds that to its massive Android user database.
  • Other TV OS include Samsung (Tizen), LG and others (WebOS), Hisense (VIDAA), Roku (Telstra TV), Fire TV (Amazon), Apple TV, Foxtel, and Fetch (now Telstra). These are all operating systems in that you must start from a home screen and have an account to use them. Some of these are selling data about your use of IoT to enable IoT manufacturers to specifically feed you advertisements about smart, internet-connected appliances.

Smart TVs want more

As it turns out, family data is not enough to make big bucks. In 2021 we started to see Voice Assistants being used more to turn on the TV and select content. Regardless of whether you have personalised it, those voice assistants know who you are by your voice, and hence they can reliably add this data to your profile.

As mentioned, newer smart TVs have sensors to see if you are viewing or have taken time out to have a cuppa. Some have a web camera that identifies all the people watching via facial recognition.

This invasion of privacy won’t stop

TV makers want more because they want to own the customer. TV is now nothing more than a data vacuum.

Next, we will see TV shopping with the ability to use the TV remote to click through an advertisement and buy. It will auto-fill your credit card and delivery details and pause TV during the transaction. That opens up a new can of worms about children and others misusing that service and racking up debt when the parents are not there.

What can you do to minimise smart TVs spying on you?

There are many TV operating systems and Apps, so we cannot be specific.

Disable Automatic Content Recognition

It may not be called ACR but turn off any switch to disable focused content recognition.

Disable or reset the Advertising ID

Each TV and each profile you set up has a unique Adverting ID that you can turn off and clear the data. Again, all that means is advertising will not be laser-focused.

Set up a junk email address and profile

Go to Gmail or any free email provider and set up a junk address. You can set it to forward emails to your real address. Use this for any sign-on to any TV OS or App. At least the profile it builds cannot link back to the real you.

Never use Facebook, Apple or Google credentials to log in

If you do, data is automatically shared with them, and you don’t want that.

Read the Privacy terms (ha-ha)

We know you never will reject them because you need to agree for the smart TV to work but get into the habit because some are better than others. For example, in 2017, for Roku devices, you agreed that it could sell personally identifying data.

Don’t use the Smart TV for more than TV.

The TV makers want you to make the TV (and its soundbar) the centre of home automation and audio/video content. That simply gives this less secure device more power. Don’t put a webcam on it – ditto. Disable motion sensors – ditto.

Put it on a guest network so it can’t see the rest of the home network

If you can, use the Guest network or even a second router to isolate the TV from the home network. At least it can’t report what other devices you have.

Consider an Ad Blocker

A TV maker rarely allows you to run an  Ad Blocker on a smart TV, but Google/Android TV does allow AdGuard (paid) to run. Install it from the TV app’s screen.

Consider running an ad blocker on your home network. I run a Trend Internet Home Security hardware box connected to the router that can help block ads and stop IoT devices from exfiltrating data. It catches most injected ads.

AdGuard seems to be one of the most recommended App based Ad Blockers.

Many routers offer site blocking

Enter this preliminary list in site blocking, and you may block 90% of annoying ads. It won’t stop embedded ads in some apps.   

I use Ghostery add-on for Firefox in Windows to identify ad servers and trackers and update this list.

AdGuard also has a list of DNS servers that you can change in the router that should stop adverts.

CyberShack’s view – smart TV spying is giving up your privacy

It annoys the crap out of me when any IoT device requests more permissions than it needs to do its job. All this smart TV data vacuuming is unnecessary to watch TV, but we let TV makers and Apps do it. It is wrong and should be stopped. We get no benefit – no cheaper TV.

Worse still, we do not have a choice. Rtings reviewed hundreds of TVs, and every 2021-22 TV had suggested viewing content, and the majority had retail advertising content with no way to opt-out.

Australia has a Privacy Commissioner, and you can lodge a privacy complaint online. If enough of us do this, we may see action before we are too much older and greyer.

CyberShack Guides