Watching You Watch: The Tracking Ecosystem of Over-the-TopTV Streaming Devices
ABSTRACT The number of Internet-connected TV devices has grown signifi-cantly in recent years, especially Over-the-Top (“OTT”) streamingdevices, such as Roku TV and Amazon Fire TV. OTT devices offeran alternative to multi-channel television subscription services,and are often monetized through behavioral advertising. To shedlight on the privacy practices of such platforms, we developed asystem that can automatically download OTT apps (also known aschannels), and interact with them while intercepting the networktraffic and performing best-effort TLS interception. We used thissmart crawler to visit more than 2,000 channels on two popularOTT platforms, namely Roku and Amazon Fire TV. Our resultsshow that tracking is pervasive on both OTT platforms, with trafficto known trackers present on 69% of Roku channels and 89% ofAmazon Fire TV channels. We also discover widespread practice ofcollecting and transmitting unique identifiers, such as device IDs,serial numbers, WiFi MAC addresses and SSIDs, at times over un-encrypted connections. Finally, we show that the countermeasuresavailable on these devices, such as limiting ad tracking options andadblocking, are practically ineffective. Based on our findings, wemake recommendations for researchers, regulators, policy makers,and platform/app developers.
https://tv-watches-you.princeton.edu/tv-tracking-acm-ccs19.pdf