Media streaming services and security
20 Oct 2021 | Rozsano V. Ayson
Today’s widespread use of media streaming services is well-documented. It is becoming part of the routine of a growing number of individuals and households with access to the internet. For many of them, it is now their preferred way of watching TV shows, movies, and even listening to music.
The technology itself can be traced back to the 90’s when live radio began broadcasting via the internet, allowing people to listen in using their personal computers. It was developed by media companies trying out some innovations using their existing products.
These days, media streaming can refer to video or audio materials, whether transmitted live or pre-recorded. As a service, it is now available in practically every country there is. With a mere tap on a device—be it a smart remote, phone, or tablet—one can get immediate access to a seemingly bottomless well of constant entertainment. Content is primarily accessible via the media company’s website or app. In many cases, interested viewers are required to pay a certain amount and become subscribers. Among the more notable examples of streaming companies include Netflix, Amazon Prime Video, HBO Go, Disney+, and Spotify. Youtube is generally free, but then offers premium subscriptions for those who want to do away with the ads.
Like any other online application or platform—especially the fee-based ones—media streaming outfits also collect personal data (i.e., that of their customers). Before they can start using the promised services, subscribers usually need to provide personal data like their name, email address, contact number, and payment details. Sensitive information like birthdates are frequently collected as well. And then, while their services are being used, streaming companies also record and log usage data, like their customers’ streaming history, playlists, IP addresses, and even geolocation data.
All these data processing activities generate a lot of attention among fraudsters and other cybercriminals who then end up targeting the platforms and their customers, posing a significant threat to security and privacy. In a survey conducted in 2020, more than one in ten users claimed to have already experienced having their accounts hacked. According to the victims, different methods were used to facilitate the attacks. Phishing, in particular, was very effective. It has been used to steal log-in credentials, including payment information, which then get sold online, often at the so-called dark web.
Some data protection concerns lie with the streaming companies themselves and their practices. One good example is their data sharing activities, which usually involve the usage data they collect and eventually share with third-party partners, to be used for marketing purposes. The nature of their business also entails plenty of cross-border data transfers. This makes managing data breaches and other security incidents a nightmare task, not just for them but for regulators, too.
Of course, sometimes it’s the subscribers who expose themselves to potential dangers. Common practices like the sharing of one’s streaming account details with other people automatically give rise to security risks. This is because people tend to focus on the advantages it brings, and choose to ignore the dangers until their accounts have already been compromised.
To avoid or at least minimize all these risks, those in the streaming business and their customers must work together and steer clear of their dangerous—and frequently unnecessary—practices.
For starters, all streaming companies must commit to firm up their platforms’ security, which includes keeping their customers’ data safe and used only for the declared purpose of their collection. Subscribers, on the other hand, must also revisit their culture of account sharing. They need to keep that to a minimum and entrust their data only to those they can absolutely entrust it with. While they’re at it, they should also educate themselves with the terms that govern the processing of their personal data by patiently reading the privacy policies and terms of service. They are there for a reason. While these documents are often too long for comfort, being familiar with them can also help make appropriate choices between competing platforms.
From the looks of things, the streaming industry will continue to grow as internet connectivity around the world improves. In many ways, it is a good thing. It’s just that the entertainment it brings can sometimes make people forget the security risks it comes with. That is one thing that needs to be addressed as soon as possible.
Security needs to stop taking a backseat in favor of convenience and entertainment. And it’s going to take the complementary efforts of the business entities and their users to come up with effective protective measures and a lasting solution.