A widely publicized study, spearheaded by ECE graduate student Hooman Mohajeri Moghaddam, was honored at the 2021 Privacy Enhancing Technologies Symposium. The study uncovered malicious tracking in popular video-streaming systems such as Roku and Amazon Fire TV.
A widely publicized study, spearheaded by ECE graduate student Hooman Mohajeri Moghaddam, was honored at the 2021 Privacy Enhancing Technologies Symposium. The study uncovered malicious tracking in popular video-streaming systems such as Roku and Amazon Fire TV.
Named runner up(link is external) for the Caspar Bowden Award, the paper(link is external) details how such “over-the-top streaming devices” allow major online advertising platforms—in particular, Google and Facebook—to track users’ viewing habits in fine-grained detail. The tracking effectively monetizes peoples’ TV watching, sometimes without their knowledge or consent, producing valuable data used to sell targeted ads. The study also found that the countermeasures made available to users on these platforms did not always prevent tracking.
The paper first appeared(link is external) in the Association for Computer Machinery’s annual Conference on Computer and Communications Security, in 2019. It was later covered(link is external) by mainstream press outlets, including the New York Times, Wired, Ars Technica and The Atlantic, where the paper’s findings were tied to concerns over the use of tracking data in political campaigns.
While tracking by Google and Facebook has been well studied in the context of web browsers and mobile devices, TV streaming and over-the-top devices had gone largely unexplored. But, as the researchers pointed out in a subsequent blog post(link is external), more than one-third of households are thought to use these devices, either in lieu of or in combination with traditional cable TV service.
The move from cable to streaming has been celebrated as a form of “cord cutting.” But this work cast that shift in a more complicated light, raising questions about how these seemingly benign devices may infringe on users’ privacy and be used for powerful political and financial advantage.
The findings could help enforce privacy laws across the United States and Europe and pave the way for future privacy regulations.
Mohajeri Moghaddam, the first author, is co-advised by Prateek Mittal, associate professor of electrical and computer engineering at Princeton, and Nick Feamster, formerly a professor of computer science at Princeton and now at the University of Chicago. The study’s authors also included Gunes Acar, Ben Burgess, Arunesh Mathur, Danny Yuxing Huang, Edward Felten and Arvind Narayanan. Funding was provided in part by the National Science Foundation.
