Your Smart TV is Watching You: A Decade of Privacy Violations From Vizio to Texas's 2025 Lawsuits

TL;DR: Texas Attorney General Ken Paxton's December 2025 lawsuits against Samsung, Sony, LG, Hisense, and TCL represent the culmination of a decade-long pattern of smart TV manufacturers secretly surveilling viewers. From Vizio's $17 million settlement to Samsung's voice recognition scandal, the smart TV industry has repeatedly chosen profit over privacy—transforming living rooms into data collection operations that capture screenshots every 500 milliseconds and sell your viewing habits to the highest bidder.

Texas Sues Five Major TV Manufacturers Over Smart TV Surveillance Without Consent

Bottom Line Up Front: Texas Attorney General Ken Paxton has filed lawsuits against Samsung, Sony, LG, Hisense, and TCL, alleging their smart TVs secretly spy on viewers through Automated Content Recognition (ACR) technology that captures screenshots every 500 milliseconds and sells that data to advertisers without meaningful consent—marking the

Compliance Hub WikiCompliance Hub

The Living Room You Didn't Know Was Watching Back

When you purchased your smart TV, you expected a device that would display content. What you actually brought into your home was a sophisticated surveillance system capable of capturing everything displayed on your screen, listening to your conversations, and monetizing your most intimate viewing habits.

The Texas lawsuits filed in December 2025 against five major TV manufacturers aren't an isolated incident—they're the latest chapter in a decade-long story of corporate surveillance, deceptive practices, and the systematic erosion of privacy in our connected homes.

This isn't about paranoia. This is about documented, proven, and repeatedly prosecuted violations of consumer privacy by an industry that has consistently prioritized ad revenue over user rights. The evidence spans multiple lawsuits, FTC settlements, class actions, and regulatory complaints that reveal a disturbing pattern: smart TV manufacturers knew what they were doing, hid it from consumers, and continued doing it even after getting caught.

As smart home IoT devices proliferate, smart TVs represent just one category in a broader ecosystem of connected devices that prioritize data collection over user privacy. The lessons from TV surveillance extend to every IoT device in your home.

2014-2017: The Vizio Scandal That Started It All

The Crime: 11 Million TVs, 100 Billion Data Points

The smart TV surveillance story begins with Vizio, a manufacturer that would later admit in SEC filings that it collected "highly specific viewing behavior data on a massive scale with great accuracy."

Starting in February 2014, Vizio embedded software into its smart TVs—and retroactively installed it on older models via remote updates—that captured second-by-second information about everything displayed on the screen. The technology, initially called "Smart Interactivity," tracked:

• Cable and satellite TV programming
• Over-the-air broadcast content
• Streaming services (Netflix, Hulu, Amazon Prime)
• DVDs and Blu-ray discs
• Gaming console content
• Any device connected via HDMI

But Vizio didn't stop at viewing data. The company enriched this surveillance with demographic profiles purchased from data brokers, attaching information like:

• Sex and age
• Income levels
• Education levels
• Marital status
• Household size
• Home ownership status
• Estimated home value

According to the Washington Post, Vizio touted this capability as "a revolutionary shift across all screens that brings measurability, relevancy and personalization to the consumer like never before." What Vizio called "revolutionary," regulators called illegal.

The Deception: Opt-Out by Default

Unlike Samsung and LG, which at least required users to opt-in to tracking features (albeit through deceptive interfaces), Vizio enabled surveillance by default. Consumers had to actively discover and disable the "Smart Interactivity" feature—something most never knew existed.

Even more concerning: Vizio shared viewing data "together with the IP address associated with the corresponding VIZIO television," allowing advertisers and data brokers to link viewing habits directly to specific households. The company did not encrypt these IP addresses before sharing them with third parties, making it trivially easy to identify individual households.

This created a digital surveillance infrastructure where:

1. Your TV recorded everything you watched
2. Vizio attached demographic data to your viewing profile
3. Third parties received your viewing history linked to your IP address
4. Data brokers combined this with other information about your household
5. Advertisers targeted you across multiple devices based on TV viewing

The Settlement: $17 Million and Policy Changes

In February 2017, the FTC and New Jersey Attorney General reached a $2.2 million settlement with Vizio for violations of federal law and state consumer protection statutes. But this was just the regulatory penalty.

A separate class action lawsuit resulted in a $17 million settlement in 2019—one of the largest privacy settlements in the country at that time. An estimated 16 million Vizio customers who owned smart TVs connected to the internet between February 1, 2014 and February 6, 2017 were affected.

The settlement required Vizio to:

• Delete all historical viewing data collected before March 1, 2016
• Obtain affirmative express consent before collecting any viewing data
• Prominently disclose data collection practices upfront
• Implement a comprehensive data privacy program with biennial assessments
• Prohibit misrepresentations about privacy, security, or confidentiality of consumer information

The Lesson Ignored: Profit Over Privacy

By 2021, Vizio reported something stunning in its earnings disclosures: the company made more profit from selling consumer data than from selling televisions.

Let that sink in. You paid hundreds or thousands of dollars for a TV. Vizio made more money selling your viewing habits than they made selling you the device.

This business model fundamentally redefines what a "television" is. You're not buying a display—you're installing a data collection appliance that happens to show pictures. The TV is the loss leader; your privacy is the product.

2015: Samsung's "1984" Moment—Voice Recognition Spying

The Revelation: TVs Recording Private Conversations

In February 2015, Samsung faced a massive privacy backlash after consumers discovered disturbing language buried in the company's SmartTV privacy policy:

"Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition."

The Electronic Frontier Foundation immediately drew parallels to George Orwell's 1984, noting that Samsung's privacy warning sounded eerily similar to descriptions of the telescreens that monitored citizens in their homes.

Samsung marketed its voice recognition feature as convenient and innovative. What the company didn't clearly disclose was that:

• Everything you said in front of the TV was recorded when voice recognition was enabled
• Conversations were transmitted over the internet to third-party company Nuance
• Samsung did not encrypt all voice recordings during transmission
• The company collected voice data even for purposes unrelated to providing the service
• Samsung retained voice recordings without clear disclosure of how long or where

The EPIC Complaint: Deceiving Consumers

The Electronic Privacy Information Center (EPIC) filed a formal complaint with the FTC in February 2015, alleging Samsung violated:

• The FTC Act (unfair and deceptive trade practices)
• Children's Online Privacy Protection Act (COPPA) (recording children's voices without parental consent)
• Electronic Communications Privacy Act (ECPA) (intercepting and disclosing oral communications)
• Cable Communications Policy Act (CCPA) (failing to obtain written consent for recording)

EPIC charged that Samsung "deceived consumers by not effectively disclosing the spying capabilities of its Smart TV, leaving the majority of consumers unaware that their privacy was being violated."

Samsung specifically marketed SmartTV features to young children, featuring programming for preschool-aged kids and encouraging parental interaction—all while recording children's voices without obtaining proper consent.

The Security Failure: Unencrypted Transmissions

Computer security researchers determined that Samsung was transmitting voice recordings in plaintext—without encryption. When confronted, Samsung admitted it had not deployed the software necessary to encrypt these transmissions.

This meant that anyone intercepting network traffic could:

• Capture private conversations happening in your living room
• Access sensitive information discussed near the TV
• Build profiles of household members based on voice patterns
• Potentially access financial information, health discussions, or private matters

Samsung's privacy policy claimed: "We employ industry-standard security safeguards and practices, including data encryption, to secure consumers' personal information and prevent unauthorized collection or use."

That was false. They weren't encrypting voice data.

The Class Action: WikiLeaks and CIA Hacking

In March 2017—just days after WikiLeaks released documents claiming the CIA had developed tools to hack Samsung smart TVs and use them as covert listening devices even when "turned off"—a class action lawsuit was filed against Samsung.

Plaintiff Joshua Siegel alleged Samsung engaged in "deceptive, misleading, and unconscionable practice of routinely and secretly intercepting and recording the private communications of consumers in their homes using hidden recording devices inside Smart TVs."

The lawsuit claimed Samsung:

• Failed to disclose that everything said in front of the TV was recorded when voice recognition was active
• Negligently failed to address security vulnerabilities that allowed third-party hacking
• Shared private conversations with third parties for profit
• Violated the New Jersey Consumer Fraud Act and multiple other statutes

While Samsung could theoretically turn off the recording when consumers disabled voice recognition, the WikiLeaks documents suggested the devices could be remotely activated as listening devices—a scenario Samsung never adequately addressed.

The Response: Damage Control, Not Fundamental Change

Samsung issued clarifications claiming:

• Voice recognition could be "activated or deactivated by the user"
• The TV could be "disconnected from Wi-Fi"
• Voice data collection was limited to "TV commands, or search sentences, only"
• The company "does not retain voice data or sell it to third parties"

But consumer advocates noted these reassurances didn't address the fundamental problem: consumers were never clearly told their televisions would record and transmit their conversations when they purchased the devices.

The damage control statements also didn't explain why Samsung marketed features to children while recording their voices, why voice data wasn't encrypted, or what security measures prevented unauthorized access to these recordings.

2017: The LG, Samsung, and Sony Class Action

Multiple Manufacturers, Same Surveillance

In March 2017, a separate class action was filed in New Jersey federal court against LG Electronics, Samsung Electronics America, and Sony Corporation, alleging these companies illegally collected information from customers' smart TVs through "automatic tracking software."

The complaint stated the smart TVs contained software that:

• Collected personally identifying information about consumers
• Tracked information identifying a person as having obtained or requested specific video materials or services
• Sold consumers' viewing data to third parties for targeted advertising
• Hid these tracking programs from customers
• Took consumers' personal information without permission

The lawsuit alleged violations of:

• New Jersey consumer protection laws
• Federal Video Privacy Protection Act (VPPA)
• Federal Electronic Communications Privacy Act
• Multiple other federal and state statutes

The VPPA: When Video Rental Privacy Became a Right

The Video Privacy Protection Act deserves special attention. Enacted in 1988 after a reporter obtained and published Supreme Court nominee Robert Bork's video rental history, the VPPA prohibits video service providers from disclosing customers' personally identifiable information to third parties.

The law was designed to protect the privacy of what people watch in their homes—a principle that should apply even more strongly in the smart TV era, where viewing happens inside your living room rather than at a video rental store.

The class action argued that smart TV manufacturers were clearly "video tape service providers" under the VPPA and that selling viewing data attached to IP addresses, MAC addresses, and other identifiers constituted disclosure of "personally identifiable information."

The Court Decision: Narrow Interpretation Lets Manufacturers Off

In a disappointing decision, the New Jersey federal court dismissed the VPPA and wiretap claims in October 2020, holding that:

• IP addresses, MAC addresses, and WiFi access points are not "personally identifiable information" within the meaning of the VPPA
• Manufacturers were a party to the transmission of programming through their smart TVs, so wiretap laws didn't apply
• The plaintiffs failed to tie allegations to specific manufacturers and device models with sufficient detail

The court adopted a narrow reading of "personally identifiable information," requiring that data "would, with little or no extra effort, permit an ordinary recipient to identify a particular person's video-watching habits."

This created a dangerous loophole: as long as manufacturers use technical identifiers like IP addresses instead of names, they can potentially avoid VPPA liability—even though combining an IP address with publicly available data easily identifies specific households.

The decision demonstrates how laws written for the video rental era struggle to address the surveillance capabilities of connected devices.

2025: Texas Strikes Back—The Current Lawsuits

Five Manufacturers, Same Playbook

On December 15, 2025, Texas Attorney General Ken Paxton filed lawsuits against Samsung, Sony, LG, Hisense, and TCL—essentially every major smart TV manufacturer except Vizio (which had already been prosecuted).

The complaints allege these companies use Automated Content Recognition (ACR) technology that:

• Captures screenshots of TV displays every 500 milliseconds (twice per second)
• Monitors viewing activity in real time across all content sources
• Transmits data to company servers without users' knowledge or consent
• Tracks content from streaming, cable, broadcasts, gaming consoles, and connected devices
• Sells viewing data to advertisers and data brokers for profit

As detailed in our comprehensive analysis, Texas alleges the manufacturers violated the Texas Deceptive Trade Practices Act through:

1. Misrepresentations about data collection practices
2. Failure to disclose ACR surveillance capabilities
3. Deceptive consent processes using "dark patterns"
4. Inadequate opt-out mechanisms requiring 15+ clicks through multiple hidden menus

The Chinese Connection: National Security Concerns

Texas placed special emphasis on Hisense and TCL—both based in China—arguing their Chinese ownership creates heightened national security risks under China's National Security Law.

The complaints allege these companies may be required to transfer Texas consumers' personal data to the Chinese government upon request, and that ACR data could be used to:

• Influence or compromise public figures including judges, elected officials, and law enforcement
• Conduct corporate espionage by surveilling critical infrastructure employees
• Support the Chinese Communist Party's efforts to destabilize American democracy

Whether you view these concerns as legitimate national security issues or political rhetoric, the technical capability is real: TVs manufactured by Chinese companies can capture detailed information about what government officials, business leaders, and everyday citizens watch in their homes.

The Pattern: A Decade of Deception

The 2025 Texas lawsuits reveal that the fundamental problems identified in the Vizio and Samsung cases were never actually fixed.

Despite regulatory settlements, class actions, and public scrutiny:

• Manufacturers still enable surveillance by default or use deceptive opt-in processes
• Companies still capture far more data than necessary for TV functionality
• Viewing data is still combined with demographic information and sold to third parties
• Privacy controls remain buried in complex menu systems requiring dozens of clicks
• Consumers still have no meaningful choice or clear disclosure about surveillance

The only thing that's changed is the technology has gotten more sophisticated—and more invasive.

The Technology: How ACR Actually Works

The Shazam for Everything You Watch

Automated Content Recognition operates like a video version of Shazam—the music identification app—but for television content.

Here's the technical process:

1. Screen Capture: The TV's processor captures either audio fingerprints or visual signatures from the screen every 500 milliseconds to several seconds
2. Fingerprint Generation: Captured data is converted into a unique digital fingerprint using algorithms that identify content regardless of format
3. Database Matching: Fingerprints are transmitted to cloud servers and matched against massive databases of known content
4. Metadata Enrichment: Once content is identified, the system attaches metadata including show titles, episode numbers, timestamps, and viewing duration
5. Profile Building: Data is combined with household demographics, device identifiers, and viewing history to build comprehensive user profiles
6. Monetization: Profiles are sold to advertisers, data brokers, and analytics firms for targeted marketing

What ACR Can Capture

The scope of ACR surveillance is breathtaking:

Content Sources:

• Streaming services (Netflix, Hulu, Disney+, Prime Video, YouTube)
• Cable and satellite television
• Over-the-air broadcast channels
• Gaming console output
• Blu-ray and DVD players
• Computers and laptops connected via HDMI
• Security camera feeds displayed on TV
• Video calls and conferencing
• Anything displayed on the screen, including banking information, passwords, and private documents

Data Collected:

• Exact content watched (show titles, episodes, movies)
• Viewing duration for each piece of content
• Time of day viewing occurs
• Channel surfing patterns
• Commercial-skipping behavior
• Pause and rewind patterns
• Second-screen device usage
• Household viewing demographics

Data Enrichment:

• Combined with IP address location data
• Linked to demographic information purchased from data brokers
• Connected to cross-device identifiers for advertising
• Merged with social media profiles
• Analyzed for interests, political leanings, and purchasing intent

Research has documented that ACR systems operate with remarkable precision. Studies found:

• LG TVs send digital fingerprints every 15 seconds to tracking servers
• Samsung devices transmit data every minute
• ACR can identify content even when encrypted streaming services like Netflix are being watched
• The technology works across all HDMI inputs, capturing external device content

Why Manufacturers Claim They Need ACR

TV manufacturers justify ACR technology with several rationales:

Content Recommendations: ACR enables personalized content suggestions based on viewing history

Nielsen-Style Ratings: Manufacturers provide viewing data to networks and studios for audience measurement

Interactive Features: ACR powers second-screen apps that provide additional content related to what's playing

Ad Attribution: Advertisers can measure whether TV commercials drive actions on other devices

But here's the critical point: none of these features require selling your viewing data to third parties or building comprehensive surveillance profiles. Recommendations can be generated locally on the device. Ratings can be provided anonymously. Interactive features can work without data sales.

The real reason manufacturers implement comprehensive ACR surveillance is simple: data is more profitable than hardware.

The Business Model: When the TV Isn't the Product

The Economics of Surveillance Capitalism

Vizio's 2021 admission that it made more profit from data sales than TV sales revealed the fundamental economics of the smart TV industry.

Here's how the business model works:

Step 1: Subsidize Hardware Manufacturers price TVs aggressively—sometimes selling at or below cost—to get devices into homes. The TV is a loss leader or minimal profit product.

Step 2: Collect Comprehensive Data ACR technology captures every second of viewing behavior, creating profiles worth far more than hardware margins.

Step 3: Enrich Profiles Manufacturers combine viewing data with demographic information from data brokers, creating detailed household profiles including income, education, age, ethnicity, and purchasing behavior.

Step 4: Monetize at Scale Enriched profiles are sold to:

• Advertising networks for cross-device targeting
• Data brokers who resell to anyone willing to pay
• Media companies for content strategy and pricing decisions
• Political campaigns for micro-targeted messaging
• Insurance companies for risk assessment
• Financial services for creditworthiness evaluation

Step 5: Recurring Revenue Unlike hardware sales (one-time revenue), data sales generate ongoing passive income as long as the TV remains connected to the internet.

The Numbers Behind Surveillance

While manufacturers don't disclose exact revenue per TV, industry analysts estimate:

• $1-3 per month per TV in data monetization revenue
• $12-36 per year from each connected household
• Over a 5-7 year TV lifespan: $60-250 in data revenue per device

For context, TV profit margins range from 10-20% on hardware. A $500 TV might generate $50-100 in hardware profit but $60-250 in data revenue.

The incentive structure is clear: maximize surveillance, minimize disclosure.

The Regulatory Vacuum: Why This Keeps Happening

Federal Privacy Law: Outdated and Inadequate

The United States lacks comprehensive federal privacy legislation comparable to Europe's GDPR. The patchwork of existing laws wasn't designed for IoT surveillance:

Video Privacy Protection Act (1988): Written for video rental stores, courts have interpreted it narrowly to exclude smart TV surveillance when technical identifiers are used instead of names.

Electronic Communications Privacy Act (1986): Predates the internet and struggles to address data collected by device manufacturers who are "parties" to transmissions.

Children's Online Privacy Protection Act (1998): Requires parental consent for collecting children's data online but has limited application to broadcast TV features.

Federal Trade Commission Act: Prohibits "unfair or deceptive" practices but requires case-by-case enforcement and provides limited penalties.

State Laws: Inconsistent Patchwork

State privacy laws vary dramatically:

Texas: Strong enforcement under the Deceptive Trade Practices Act and Texas Data Privacy and Security Act, which is why AG Paxton can pursue manufacturers aggressively.

Illinois: Biometric privacy protections through BIPA have led to massive settlements but don't directly address viewing data.

California: CCPA/CPRA provide consumer rights but enforcement has been limited for IoT devices.

Most States: Minimal or no specific IoT privacy protections.

The inconsistent landscape allows manufacturers to:

• Design products for the most permissive states
• Challenge enforcement in jurisdictions with stronger laws
• Engage in forum shopping for favorable legal interpretations
• Continue collecting data while lawsuits slowly progress through courts

Industry Self-Regulation: The Fox Guarding the Henhouse

The smart TV industry's primary trade group, the Consumer Technology Association (CTA), promotes "best practices" that are effectively voluntary and unenforceable.

Their recommendations include:

• "Clear disclosures" about data collection (manufacturers define "clear")
• "User choice" about features (manufacturers design the interface)
• "Reasonable security" for collected data (manufacturers determine "reasonable")

History shows these self-regulatory approaches fail. Every major smart TV privacy violation involved manufacturers who claimed to follow industry best practices.

The Real-World Impact: What This Means for Your Home

Privacy Erosion in Practice

Smart TV surveillance affects real people in concrete ways:

Political Targeting: Your viewing habits reveal political leanings. Watching Fox News vs. MSNBC, selecting certain documentary topics, or streaming particular shows creates a political profile used for micro-targeted campaign advertising and potentially suppressing voter turnout.

Insurance Discrimination: Insurers increasingly purchase data broker information. Watching shows about dangerous hobbies, health conditions, or risky behaviors could theoretically affect insurance rates or coverage eligibility.

Financial Profiling: Banks and lenders use "alternative data" for creditworthiness assessments. Viewing patterns indicating unemployment, financial stress, or lifestyle changes could influence loan decisions.

Employment Screening: Some employers purchase consumer data for background checks. Your viewing history could reveal information about health conditions, substance use, political views, or lifestyle that influences hiring decisions.

Domestic Situations: In homes with domestic violence or stalking concerns, ACR data could expose viewing patterns that reveal escape planning, support network research, or location information.

Children's Privacy: Kids watching TV in your home are profiled and tracked, with data sold to advertisers targeting children—regardless of parental consent.

The Chilling Effect: Self-Censorship

Perhaps most insidiously, surveillance changes behavior.

When people know they're being watched, they self-censor. You might:

• Avoid watching controversial content
• Stop researching sensitive health topics
• Hesitate to explore political viewpoints different from your known positions
• Worry about watching content that could be embarrassing if revealed
• Feel unable to relax and watch freely in your own home

This is the "chilling effect" of surveillance: the modification of behavior not through direct coercion but through awareness of monitoring.

Your living room should be a private space. Smart TV surveillance has destroyed that privacy.

The Broader IoT Privacy Crisis: TVs Are Just the Beginning

Every Connected Device is a Potential Surveillance Point

Smart TVs represent just one category in the $110 billion smart home market that's projected to reach over $150 billion by 2028.

Consider the surveillance ecosystem in a typical connected home:

Audio Surveillance:

• Smart speakers (Amazon Echo, Google Home) continuously listen for wake words
• Smart TVs with voice recognition
• Connected security cameras with audio recording
• Smart doorbells capturing conversations
• Baby monitors and nanny cams

Visual Surveillance:

• Security cameras inside and outside the home
• Video doorbells
• Smart TV cameras (on some models)
• Connected baby monitors
• Smart appliances with cameras (refrigerators showing contents)

Behavioral Surveillance:

• Smart thermostats learning when you're home
• Connected lighting systems tracking occupancy
• Smart locks recording access times
• Fitness trackers monitoring sleep and activity
• Connected appliances tracking usage patterns

Network Surveillance:

• Routers logging all connected devices
• Smart home hubs tracking device communications
• ISP monitoring of unencrypted traffic
• Apps and services collecting usage data

Each device collects data. Each manufacturer has different privacy policies. Each creates another potential security vulnerability. Together, they form a comprehensive surveillance infrastructure that would make authoritarian governments envious.

The Summer 2025 smart home security retrospective documented how the BADBOX 2.0 botnet infected millions of IoT devices—including smart TVs and streaming boxes—with malware, many of which came pre-installed from manufacturers. If security vulnerabilities are this pervasive, how can we trust manufacturers to protect surveillance data?

The Workplace Parallel: Office IoT Surveillance

The same surveillance dynamic playing out in homes extends to professional environments. Smart office technology creates similar privacy concerns:

• Conference room displays with cameras and microphones
• Occupancy sensors tracking employee presence
• Smart lighting systems monitoring workspace usage
• Connected access control revealing movement patterns
• Desk sensors tracking when people arrive and leave

Unlike home surveillance—where at least consumers theoretically have choice—workplace IoT is deployed without meaningful employee consent. Employees can't opt out of surveillance systems their employers install.

The workplace automation revolution mirrors the smart home experience: convenience and efficiency are prioritized while privacy implications are ignored until it's too late.

What You Can Do: Practical Steps to Protect Yourself

Immediate Actions: Disable ACR on Existing TVs

If you already own a smart TV, disabling ACR is your first priority. Our comprehensive guide covers all major brands, but here's a quick reference:

Samsung TVs: Settings → Support → Terms & Policy → Privacy Choices → Uncheck "Viewing Information Services" and "Interest-Based Advertisements" (May require 10-37 clicks depending on model)

LG TVs: Settings → General → System → Additional Settings → Live Plus → Toggle Off (Also check under "AI Service" on newer models)

Sony TVs (Google TV): During setup choose "Basic TV" instead of "Google TV," or Settings → Privacy → Disable advertising features

Roku TVs: Settings → Privacy → Smart TV Experience → Uncheck "Use info from TV inputs"

Vizio/Others: Check under Privacy, Smart Interactivity, or similar settings menus

Important: After disabling ACR, verify settings weren't reset after firmware updates.

Network-Level Protection: Block Surveillance at the Router

Setting up a secure home network provides more comprehensive protection:

Network Segmentation: Create a separate network for IoT devices isolated from computers and phones containing sensitive information. This prevents compromised TVs from accessing other devices.

DNS-Level Blocking: Implement Pi-hole or similar DNS filtering to block known tracking domains at the network level. This can prevent ACR data transmission even if the TV feature is enabled.

Firewall Rules: Configure router firewall rules to block connections to known ACR domains:

• Samsung: acr*.samsungcloud.tv, *.samsungcloudsolution.com, *.samsungacr.com
• LG: *.alphonso.tv (LG's ACR provider)
• Vizio: *.vizio.com tracking domains

VPN Considerations: Some users route smart TV traffic through VPNs, though this can break streaming service functionality and may just move trust from your ISP to the VPN provider.

Assessment Tools: Understand Your Risk

Before taking action, assess your current exposure:

Smart Home Security Scorecard: Comprehensive assessment of your IoT ecosystem security and privacy risks

Biometric Data Risk Assessment: Evaluate what biometric identifiers you're sharing with devices and services

PII Exposure Evaluation: Assess what personal information you're exposing through connected devices

The Nuclear Option: Don't Connect It

The most effective protection is also the simplest: don't connect your TV to the internet.

Use External Streaming Devices Instead:

• Apple TV (better privacy practices than most manufacturers)
• Roku streaming stick (separated from TV OS)
• Amazon Fire TV stick
• Nvidia Shield
• Chromecasts

External devices:

• Limit surveillance to the device itself rather than everything on screen
• Can be more easily replaced when security vulnerabilities emerge
• Separate the display function from the smart features
• Put control in your hands rather than the TV manufacturer's

Factory Reset and Disconnect: If your TV is already set up:

1. Factory reset to clear existing data collection
2. During setup, skip the network connection step
3. Use external devices for all streaming needs
4. Leave the TV as a "dumb" display

Yes, you lose smart TV features. But you gain privacy, security, and peace of mind.

Purchase Decisions: Vote With Your Wallet

When buying a new TV:

Research Privacy Policies First: Before purchasing, read the manufacturer's privacy policy. Look for:

• What data is collected
• Whether it's shared with third parties
• Whether it's sold to advertisers
• How long it's retained
• Whether children's data receives special protection

Prioritize Brands With Better Privacy: While no manufacturer is perfect, some are better than others. Research recent lawsuits, settlements, and privacy violations.

Consider Commercial Displays: Professional/commercial TVs designed for business use often lack smart features and surveillance capabilities. They cost more but provide better privacy.

Demand Better From Manufacturers: Contact manufacturers to express privacy concerns. Companies respond to consumer demand—if enough people demand privacy-respecting products, manufacturers will adapt.

The Regulatory Path Forward: What Needs to Change

Federal Comprehensive Privacy Law

The United States needs GDPR-style comprehensive federal privacy legislation with:

Meaningful Consent Requirements:

• Opt-in by default, not opt-out
• Clear, plain-language disclosures
• Specific consent for data sales
• Easy revocation mechanisms

Data Minimization Principles:

• Collect only what's necessary for product function
• Ban surveillance that goes beyond service provision
• Prohibit combining viewing data with demographic profiles
• Restrict data sales to third parties

Strong Enforcement:

• Meaningful penalties that exceed profits from violations
• Private right of action allowing consumers to sue
• Regular audits of manufacturer practices
• Criminal penalties for executives who knowingly violate laws

Special Protections for Children:

• Strict limits on collecting children's data
• Enhanced parental consent requirements
• Prohibition on targeting children with advertising
• Criminal penalties for violations

IoT Security Standards

Beyond privacy, comprehensive IoT security standards are essential:

Mandatory Security Requirements:

• Encryption for all data transmission
• Regular security updates for device lifetime
• Secure by default configurations
• Vulnerability disclosure processes

Labeling Programs: The U.S. Cyber Trust Mark program should be mandatory rather than voluntary, with clear standards that devices must meet.

Manufacturer Accountability: Liability for security breaches and privacy violations should extend to corporate officers, creating personal consequences for surveillance business models.

State-Level Action

While waiting for federal action, states should:

Strengthen Existing Laws: Texas's aggressive enforcement demonstrates state AGs can hold manufacturers accountable under existing consumer protection laws.

Enact Specific IoT Privacy Laws: State legislatures should pass laws specifically addressing IoT surveillance, with clear requirements for disclosure, consent, and data protection.

Ban High-Risk Practices: States can prohibit the most egregious practices like selling viewing data combined with personal identifiers or collecting data from children.

Support Texas's Current Lawsuits: Other states should file similar actions or join Texas's lawsuits, creating a coordinated multistate pressure campaign.

Conclusion: The Privacy Battle for Your Living Room

The decade from Vizio's 2014 surveillance program to Texas's 2025 lawsuits reveals a disturbing pattern: smart TV manufacturers have repeatedly chosen profit over privacy, deception over disclosure, and data collection over consumer trust.

They've been caught. They've been sued. They've paid settlements. They've agreed to policy changes.

And they've kept doing it anyway.

The Texas lawsuits represent a critical moment. If Attorney General Paxton secures settlements comparable to the multi-billion dollar amounts Texas has won from Google and Meta, it could finally create financial incentives strong enough to change manufacturer behavior.

But ultimately, this isn't just about smart TVs. It's about the broader transformation of our homes into surveillance environments where every device collects data, every interaction is monetized, and privacy becomes a premium feature rather than a fundamental right.

Your living room should be private. You should be able to watch whatever you want without corporations building profiles to sell to the highest bidder. You should be able to have conversations in your home without worrying about voice recordings being transmitted to third parties.

The smart TV industry has proven it won't protect your privacy voluntarily. It took lawsuits to make Vizio stop surveillance. It took public backlash to make Samsung address voice recording. And it's taking Texas's aggressive legal action to force accountability for ACR tracking.

The surveillance will continue until consumers and regulators force it to stop.

Disable ACR on your devices. Protect your network. Support privacy legislation. Demand better from manufacturers. And recognize that the convenient "smart" features often come at the unacceptable cost of your fundamental right to privacy in your own home.

The TV is watching. Now you know what to do about it.

Additional Resources

Privacy Assessment Tools

• Smart Home Security Scorecard - Comprehensive IoT security assessment
• Biometric Data Risk Assessment - Evaluate biometric identifier exposure
• PII Risk Assessment - Assess personal information exposure through devices

Smart Home Security Guides

• How to Set Up a Secure Home Network
• Setting Up Pi-hole and Other DIY Security Tools
• The Growing Risk of Smart Home Hacks
• Summer 2025 IoT Security Retrospective

Privacy Law & Enforcement

• Texas vs. Allstate: Data Privacy Battle
• Texas Sues Biggest TV Makers Over Smart TV Surveillance
• Texas Data Privacy and Security Act Guide
• Understanding CUBI: Biometric Privacy Protection
• Texas's $1.375B Google Settlement

Workplace IoT Privacy

• The Surveillance Blind Spot: Smart Offices Eroding Privacy
• $110 Billion Smart Office Security Crisis
• AI-Powered Smart Offices: Balancing Innovation and Security

EU Privacy Regulations

• EU Data Act Impact on Smart Home IoT

About SecureIoT.House: We provide practical guidance on securing your smart home and understanding your rights in the connected device ecosystem. Stay informed about IoT security, privacy regulations, and best practices for protecting your digital home.