What information is Apple TV and Roku collecting when using Emby app?

[schnappi 0]

Is anyone familiar with exactly what information AppleTV and Roku are collecting while using the Emby apps? Are they collecting information about watched media or more broadly just that the app is being used? Maybe somewhere in between (Bitrates, ect.)?

 

Actually more concerned about Roku and than Apple. The Roku general privacy policy (read both of them) is extremely broad while Apple actually is more specific about what is collected and what is done with collected information. The issue is that nothing in either policy refers or references information collected from the usage of individual apps on each platform.

 

 

[Luke 37028]

 

 

Are they collecting information about watched media or more broadly just that the app is being used? Maybe somewhere in between (Bitrates, ect.)?

 

None of that at all. We don't collect any information about your media, what you watch, when you watch, bitrates, or anything like that.

[Luke 37028]

In fact I'm happy to say the apps have zero telemetry. The only information we have is what the app stores give us - things like install numbers, uninstall numbers, etc.

[ebr 14905]

Of course, we don't know what Apple and Roku are collecting themselves but we never track anything about your media.

[darkassassin07 418]

Knowing apple I wouldn't be surprised at all if they are tracking what goes through their devices so some extent. Not sure about roku. Im also not sure what information those devices are capable of tracking from emby without emby specifically providing them with info.

Probably not much more than what media is actually played (like title, file name, or a generic stream name maybe?), plus how long it is.

[speechles 1917]

Here is what roku tracks, this is the information available to me in the blue neon night app.

 

 

Everything roku can tell a developer

 

 

Basic stuff developers need to better know their audience. You can see by the metrics in the first picture that all you get are neat graphs and charts. Not really what was done in the app, just when the app is used, and how long.

[ebr 14905]

Knowing apple I wouldn't be surprised at all if they are tracking what goes through their devices so some extent. Not sure about roku. Im also not sure what information those devices are capable of tracking from emby without emby specifically providing them with info.

Probably not much more than what media is actually played (like title, file name, or a generic stream name maybe?), plus how long it is.

 

They would potentially have access to the URL to the media that is played.  We don't know for sure if they look at this but it is potentially possible.  This is why we never direct play remote urls from the store apps.

[ebr 14905]

Here is what roku tracks, this is the information available to me in the blue neon night app.

 

 

Everything roku can tell a developer

 

 

Basic stuff developers need to better know their audience. You can see by the metrics in the first picture that all you get are neat graphs and charts. Not really what was done in the app, just when the app is used, and how long.

 

That is what they are exposing to you as a developer.  They could potentially be gathering information other than that internally and, based on screenshots we've seen from the OS (where they potentially block an app based on the content it is accessing), it is possible they are.  Again, Emby never direct plays remote URLs from the store apps.

[Guest asrequested]

Apple is mephistophelean. I wouldn't trust them. I will never use any of their products.

[schnappi 0]

Always liked Goethe. Despite the misgivings of Apple and the factual nature of the above Apple clearly lays out what data is turned over and how it is used (and in likelihood they probably follow this most of the time). So the Devil is (somewhat) honest. The alternative is Roku (and most other companies) whose policy is so broad that it basically says nothing and there are absolutely no internal limits.

 

That being said none of these policies really matter. Companies will break them when necessary. What impressed about Apple (and this is not coming from a fan) is that they made a point of not making an exception in San Bernardino, when they probably could have gotten away with breaking their own privacy policy. When an established policy is interpreted uniformly as written rather than molded and re-written to fit any given situation it is a good sign, but nothing more. A capable bad guy with known limits that are adhered to may be preferable to an unpredictable one though.

 

Think take away is that both Roku and Apple can probably see everything going on in Emby Apps, whether they choose to or not who knows. However this probably applies to all iOS and Google Play apps too.

Edited July 27, 2018 by schnappi

[darkassassin07 418]

Like most companies 'terms are subject to change without notice'

 

 

Heres an excerpt from apples own terms for example: (this is the terms from the site, but they are pretty similar for their other devices and services)

 

"Apple reserves the right to do any of the following, at any time, without notice: (2) to modify or change the Site, or any portion of the Site, and any applicable policies or terms"

 

 

"Apple may make changes to any products or services offered on the Site, or to the applicable prices for any such products or services, at any time, without notice"

 

"You understand that any message or information you send to the Site may be read or intercepted by others, even if there is a special notice that a particular transmission (for example, credit card information) is encrypted"

 

They can give away anything they like, as long as they say it was stolen. Even if they had removed the security (without notice to you) to allow that 'theft'. Or they can just change the terms to allow them to give away your data. Odds are you will just click accept even if they did notify you.

 

Apple could decide tomorrow to make every bit of info they have public and there wouldn't be a whole lot you could do about it.

Edited July 27, 2018 by darkassassin07

[Waldonnis 148]

What impressed about Apple (and this is not coming from a fan) is that they made a point of not making an exception in San Bernardino, when they probably could have gotten away with breaking their own privacy policy.

 

...yet they turned over iCloud data     Yeah yeah, warranted search, but still, don't think Apple's stance had anything to do with privacy.  Ultimately, it was based on the still-legally-untested (that I know of) ability of the government or courts to compel Apple (or any company) to create tools/OS versions to circumvent encryption or security measures in their products.  Such an order, if issued, would've sparked a huge, very-public (and costly) privacy rights fight and likely ended up in higher courts (read: lots of time the FBI didn't have).  I think SB was just one of those cases and times where the PR interests of Apple happened to line up with their own ability/desire to do the task asked of them...combined with the hairy nature of the law in this area.  It would've effectively forced Apple to dedicate resources to solve the FBI's problem (with no compensation, contract, nor precedent for doing so), which is something Apple naturally wasn't going to cooperate with unless it was legally obligated to do so.

 

Personally, I neither fault or applaud them for their stance, since it was not really about users' privacy and was never properly resolved from a legal standpoint...thus the question as to whether or not the government can compel Apple/whomever to do anything like that in the future remains unanswered.  What's also unknown is if Apple would've eventually caved if the FBI hadn't withdrawn their request and Apple was faced with the cost of fighting such an order.  Let's also not forget that had the FBI not goofed by asking the county to reset the iCloud password, nearly the entire issue would've been moot since Apple had no issue with handing over that data (resetting the password in iCloud without being able to enter the PIN on the phone prevented the phone from backing up the latest data).

 

Meh, mostly the whole debate will be irrelevant at some point.  There's always someone in the US government proposing a "mandatory back door" bill and, sure enough, looks like they're at it again (talks about it circa April in committees, and there's precedent in other countries already).  Eventually, the circumstances and climate will allow one of these abominations to get passed and Apple et. al. will turn over keys in addition to the cloud data they already relinquish when served with a warrant and nobody will notice.  If they can't compel Apple judicially, they'll just force it legislatively...and I don't have faith that ANY corporation would spend their money to fight that particular approach throughout the courts unless they had significant "skin" in the game (read: encryption-reliant products that generated revenue).  Hilariously, Facebook would be a likely company to fight it for that reason...but probably still wouldn't bother.

 

Long story short: No company is looking out for your privacy over their own existence and certainly aren't going to martyr themselves or spend boatloads of cash on legal challenges unless their interests are at equal or greater risk.  Apple (or whomever) may not have that "you are the product" business model like a Facebook or Google does, but they're only concerned with your privacy until it starts to cost them somehow (money or in PR).  The only entity that has a vested interest in looking out for your privacy above all other concerns is you.