Vizio Smart TVs spy on you by default – here’s how to stop them

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

Vizio Smart TVs spy on you by default - here's how to stop them

As more and more manufacturers are jumping on the internet of things bandwagon, it’s clear that many cannot resist the temptation of finding a way to make money out of their customers’ data.

The latest offender is smart TV manufacturer Vizio, which changed its privacy policy at the end of last month:

Beginning October 31, 2015, VIZIO will use Viewing Data together with your IP address and other Non-Personal Information in order to inform third party selection and delivery of targeted and re-targeted advertisements.

You may think that that’s unwelcome enough, but Vizio is going one step further – grabbing your IP address so it can identify you on any device that you use to access the internet from home, sharing data with third parties, and meaning you may start to see customised ads on other devices use such as your home PC, smartphone or tablet:

As of October 31, 2015, VIZIO will share Viewing Data, together with the IP address associated with the corresponding VIZIO television, with limited third parties with whom we have specifically partnered. These third parties may combine this information with other information about devices associated with that IP address, in order to customize the advertisements displayed on those other devices.

As Ars Technica explains, an obvious concern is that the IP information could be combined with other data collected about you on the internet, to paint a valuable picture for advertisers.

In predictably depressing fashion, Vizio has enabled the feature – which it shamelessly calls “Smart Interactivity” – by default.

Vizio isn’t the first company to use its Smart TVs to spy on its customers’ viewing habits of course.

In 2013, LG was found to be logging details of programmes being watched, and the filenames found on connected USB drives, regardless of whether customers had disabled the data collection via the user interface. The data was transmitted to LG in unencrypted, showing an even greater disregard for user privacy.

Sign up to our free newsletter.
Security news, advice, and tips.

Like Vizio, LG was gathering the data for the purposes of advertising.

And earlier this year, Samsung found itself in the firing line over concerns that the voice control systems built into some of its Smart TVs were sending conversations to third parties so they could be analysed.

Vizio has described on its website how to disable Smart Interactivity – a step that I would recommend for any of its customers.

If your Vizio TV uses the VIA TV interface:

  • Press the MENU button on your TV’s remote.
  • Select Settings.
  • Highlight Smart Interactivity.
  • Press RIGHT arrow to change setting to Off.

If your Vizio TV uses the VIA Plus TV interface:

  • Press the MENU button on your TV’s remote or open HDTV Settings app.
  • Select System.
  • Select Reset & Admin.
  • Highlight Smart Interactivity.
  • Press RIGHT arrow to change setting to Off.

I’m sick of companies showing such a lack of respect for its customers. If we really benefit from intrusive ads and being tracked online, then maybe you should give us the option to enable these features rather than always being forced to try to find a way to opt out?


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

3 comments on “Vizio Smart TVs spy on you by default – here’s how to stop them”

  1. David L

    The whole online advertising ecosystem is way out of line. Device manufactures, telcos, and other service providers ALL want a piece of the action (YOU) ! My beef is, if they want to spam me,then I want a free phone,(oops,just got one) and a free TV, and free services! Besides the privacy violations, the information these products and services collect, are also subject to the government snoops too. And the security,or lack there of, opens us all up to exploitation by the bad guys as well.

    Now, I, myself,have opted out where ever,and when ever I can from "relevant" ads, and routinely change my advertising id number, use several different blocking technologies. And smile when the advertisers try selling me women's shoes ! And no,I'm not a secret cross dresser, but do occasionally look up things for the wife.

  2. coyote

    It's quite a bad way to go about it, yes; opt-out is always bad because you might not know about it in the first place (but certainly wouldn't approve of it if you knew). There are other reasons it is bad (it is an assumption based on arrogance and selfish greed). But we could all look on the bright side: we've seen nothing yet (ironically that might not exactly be a positive but naturally this is deliberately worded).

    Just imagine when ebay or paypal come out with 'smart devices'. They change their privacy policies frequently and often making it much worse than it already is (and was). Then there is Facebook. Just wait. When Facebook starts making their own phones, TVs or who knows what else, there will be a lot of privacy issues (and my understanding is it would be especially complicated; do I want A selected or B selected ? If I select B do I …. ).

  3. The_mole

    For once perhaps the EU will bring some protection to this. The new European General data protection Regulation comes into effect on 25th May. The proposed jurisdiction and territorial scope of the Regulation is significantly different. Under the current Directive, EU DP law only applies to an entity established outside the EU if it uses a means of processing located within the EU (e.g. a computer server or data-centre physically present). Under the Regulation the definition is much wider and applies if the entity is offering goods or services to EU residents or monitors the behaviour of EU residents.

    How then will organisations such as LG, Sony Corp, Vixio et al demonstrate compliance with the Regulation? Will they simpl,y pay up? Given the scale of fines to be imposed I think not.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.