Update! Roku has asked TechCrunch to remove an inaccurate statement and tells us: “Roku does not collect data from a customer’s WiFi network nor collect data from any other devices on a customer’s WiFi network.” Move along on, folks! Original story follows:
Assuming neither TechCrunch nor Roku misspoke, our streaming boxes (and sticks) will soon begin snooping on us. As Roku looks to generate revenue beyond meager hardware margins, they’re getting serious with measurement and advertising. And I get the need to monetize. However, the incoming ad platform piloted on Crackle is all sorts of creepy:
These interactive ads can also be personalized using data like a user’s location, as well as by tracking information collected on devices running on a household’s Wi-Fi network using traditional means.
Geo-targeting is a generally accepted practice to fine-tune offers, but sniffing my network to see what other devices I might be running is well out of bounds. Further, what other data will be passed along? For example, as Roku ramps up their analytics business, how might folks linking a Plex library or having installed an “adult” channel feel?
If TC’s nugget holds true, Roku will clearly need to update their privacy policy. It was last revised in March, to accomodate Nuance’s voice search, but makes absolutely no mention of identifying my location or scanning my network — something I imagine privacy groups, the EFF, and others would want to be aware of.
View Comments
Roku... Unplugged! Haha
Well, undeniably creepy, and a serious blow to trust in Roku, but one technical question:
"These interactive ads can also be personalized using data like a user’s location, as well as by tracking information collected on devices running on a household’s Wi-Fi network using traditional means."
Since my Roku is plugged into Ethernet, and doesn't have the credentials to access my WiFi network, I'm not sure how on earth they can sniff any kind of data from me, at least, other than addresses of other devices on the LAN. Unless I have a profound misunderstanding of how the underlying tech functions, of course.
Further, again, unless I have a profound misunderstanding of how the underlying tech functions, I'm baffled at what kind of "traditional means" any WiFi device on the LAN can employ to sniff anything beyond the basic specs of what other devices exist on the LAN. A WiFi device can 'track information collected on other devices'? WTF?
If my understanding is flawed, it would mean that any WiFi device on your LAN can compromise the security of every device on that LAN, which is a concept I've never run across before.
So color me massively befuddled on that short, and highly non-specific passage. (Unless it's purely about seeing if you have a Nest thermostat hooked up, and the Roku can somehow sniff its existence.)
-----
"For example, as Roku ramps up their analytics business, how might folks linking a Plex library or having installed an “adult” channel feel?"
Yeah, that's more of a concern that actually makes sense to me...
Again, assuming the intentions are what we think they are yet having no idea what "traditional" refers to, scanning would depend how your network is configured and how wireless/wifi bridge. If your Ethernet is provided by the same wireless router, versus a second router or subnet, it'd likely be traversed or at least identified by router in any sort of scan. A possibly easy way to test *in the other direction* is load up Net Analyzer or iNet app on an iOS device and see if any of your hardwired devices pop. I do assume they mean Wf-Fi in the generic "network" sense and suspect most Rokus are wireless.