Over-the-Top (“OTT”) streaming devices such as Roku and Amazon Fire TV are cheap alternatives to smart TVs for cord-cutters. Instead of charging more for the hardware or the membership, Roku and Amazon Fire TV monetize their platforms through advertisements, which rely on tracking users’ viewing habits. Although tracking of users on the web and on mobile is well studied, tracking on smart TVs and OTT devices has remained unexplored. To address this gap, we built a tool to automatically interact with OTT devices and conducted the first large scale study of tracking on OTT platforms. In our paper (to appear in the ACM CCS 2019 conference), we found that major online trackers such as Google and Facebook are also highly prominent in the OTT ecosystem. However, OTT channels also contain niche and lesser known trackers such as adrise.tv and monarchads.com. We also showed that the information shared with tracker domains includes video titles, channel names, permanent device identifiers and wireless SSIDs and the countermeasures made available to users on these platforms are ineffective at preventing tracking. Finally, we found a vulnerability in Roku that allowed malicious web pages visited by Roku users to geolocate users, read device identifiers and install channels without their consent.

Learn More

Download our paper and read our blog post.

Code and Data

Our code is now available on our GitHub repo. To access our data please use this form.


This project received coverage on Wired, Ars Technica, Financial Times, Consumer Report, Science Friday, Schneier on Security, The Verge, Fast Company, The New York Times, The Atlantic and the morning paper.


You can use the following BibTeX to cite our paper.

 author = {Mohajeri Moghaddam, Hooman and Acar, Gunes and Burgess, Ben and Mathur, Arunesh and Huang, Danny Yuxing and Feamster, Nick and Felten, Edward W. and Mittal, Prateek and Narayanan, Arvind},
 title = {Watching You Watch: The Tracking Ecosystem of Over-the-Top
TV Streaming Devices},
 booktitle = {Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security},
 series = {CCS '19},
 year = {2019},
 location = {London, UK},
 publisher = {ACM}


The following team of researchers at Princeton University contributed to this project: