Consumer Reports has found that many smart TVs are vulnerable to hacking if proper security measures are not put in place (i.e., a secure home Wi-Fi network).

Your TV is considered smart if it connects to the internet so you can stream content from third-party services such as Netflix, Pandora, Hulu, YouTube, and/or even web browsers.

Consumer Reports’ security and privacy testing identified that certain brands, including—Samsung, those made by TCL, any TV that uses the Roku smart-TV platform, and Roku streaming devices—are at risk. (Full disclosure: Roku feels the magazine got it wrong.)

What a hacker can do

According to Consumer Reports, if there was unauthorized access to your smart TV, a bad actor could, for example, change the channel, play offensive content, change settings, or modify the volume. While this may be concerning by itself, what’s probably even more concerning is it indicates other devices on your home Wi-Fi network may also be hacked. This poses an even greater risk related to what could be controlled by a bad actor or what information they may have access to.

Regardless of what model TV you own, Consumer Reports notes there are privacy risks that come with this smart technology.

Privacy remains a BIG concern

These devices have something called automatic content recognition (also known as ACR) that continually collects data about what you’re viewing. TVs do this by looking for digital “fingerprints” on the shows you watch. That means your TV knows exactly what you’re watching and when.

When third-party services use this technology, they can better recommend other content that could be of interest to you. Your TV’s manufacturer can use the information a little differently. For example, it can sell the info to content makers or Nielsen, the audience-tracking company, or the information could be used for ad targeting.

Clearly, this is pretty valuable data—and TV manufacturers know it. In fact, Vizio was slapped with the $2.2 million fine by the FTC a year ago because it had installed software to collect viewing information without properly disclosing it to consumers.

What you can do

Consumer Reports has a number of recommendations to help you keep your smart TV from watching you.

To prevent hacking on your smart TV:

  • Update your TV regularly. Samsung responded to Consumer Reports article saying it would address any concerns with an update in the near future.
  • Consider changing some settings. If you have a Roku, Consumer Reports says you should turn off your Roku’s External Control Feature in the Settings menu. (That’s the feature that Consumer Reports stated they exploited in their testing).

To maximize your privacy:

  • Reset your TV. You’ll go back to the set-up process and you can change your privacy settings for only the most basic.
  • Turn off the ACR in the settings. Consumer Reports has assembled a how-to list for most popular brands of TVs. Roku’s official position was that ACR is not enabled by default on Roku TVs.
  • Investigate the privacy policy before you buy. Consumer Reports says that Sony, for example, makes you agree to a privacy policy and terms of service before you can even complete the set-up of the TV. Don’t buy what you don’t want to agree to.


Leave a Comment