Is Trakt.tv Putting You At Risk?

If you are streaming with Exodus or SALTS and use the Trakt.tv integration, learn about this potential privacy risk and some steps to help protect yourself.

If you are streaming TV shows and movies with Kodi unofficial add-ons and use the Trakt.tv integration, you are potentially putting your privacy at risk!

Fortunately, there are some simple steps you can take to help protect yourself.

In this post, I will show you how to safely use Trakt with Kodi add-ons.

How to Use Trakt.tv with Kodi Add-ons

There is a new trend in Kodi unofficial video streaming add-ons.  The trend is the use of a 3rd party service called Trakt.tv to managing TV Show and Movie lists, subscriptions, and watched statuses.

Many Kodi add-ons make use of the Trakt.tv API to sync all your show lists and what you’ve already watched.

The feature itself is actually very awesome when you get to using it.  Gone are the days where your library of shows with their watched statuses are stored on one computer (or on one MySQL server).  In those cases, you risk losing everything and having to manually add your shows again and mark everything you’ve watched as watched.

But with Trakt.tv, you can try out any of the add-ons that support it and even go back and forth between them, and you’ll always have the most up-to-date shows and watched status.

Note: To have Trakt.tv keep track of your watched status, you actually need to install the Trakt.tv standalone add-on from the Kodi official repository.  By default the streaming add-ons only use Trakt to get the watched status and of course to get the show lists.

The Privacy Issue with Trakt.tv

So, the issue is that Trakt.tv is tracking your TV show activity and actually publishing that on its website.  You can actually see what shows are being watched right now and see the users who are currently watching it.

That, in itself, is not a huge security risk because it’s fairly anonymous.  However, let’s take a look at Trakt.tv’s privacy policy

Compliance with Laws and Law Enforcement. Trakt cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Trakt or a third party, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable.

According to this, if a copyright holder sees users who are watching their show or movie obviously or even suspiciously illegally, then they can get a subpoena and Trakt will hand over everything they know about those users.

Pretty scary, right?

Is it as Bad as it Sounds?

When I first hear about this, thanks to an anonymous comment on KodiNews, I was a bit skeptical.

  1. If Trakt.tv was so dangerous for pirates to use, then why would the developers of these streaming add-ons build such tight integration with Trakt.tv?
  2. You could install the the Trakt.tv standalone add-on and then watch a movie that you purchased and ripped to your hard drive for personal use, Trakt.tv would just see that you watched that movie.  Does it know where that movie was located?  Does it know if it was acquired illegally or legitimately purchased?  I tend to think it can’t know these answers, but I can see how it could possibly track the source path or URL of the video.

How to Protect Your Privacy When Using Trakt.tv

Whatever the answers to those previous questions, there is no doubt that there is a possible risk in using Trakt.tv.  However, there are some ways to mitigate that risk.  Here are some suggestions.

Set Your Trakt.tv Profile to Private

The easiest thing you can do is set your profile to Private.  What that does is make it so your profile and viewing activity is not published to the public for any copyright holder to browse.

To set your Trakt.tv profile to private:

  1. Hover over your username in the top right corner
  2. Click on “Settings”
  3. At the top of the settings page is the Private check box.  Check it and click Save.

Hide Your IP By Using a VPN

The above method of setting your profile to private is a good and simple step to do, but there’s still a potential for Trakt.tv handing over your information even though your activity was not published publicly.  Even though it wasn’t public, Trakt.tv is still storing the data and that risk will still be there.

The best way to protect yourself is to use a VPN.  What it does is tunnel all your traffic through a server somewhere else in the world, so Trakt.tv can’t see what your IP address is, but it would see some random IP of a data center where a VPN service is running.  This is important in the event that your information is provided to a government or copyright holder because it would make your anonymous trakt.tv account truly anonymous by not allowing them to track where you are located.

If you want to give a VPN a try, I personally use and recommend IPVanish VPN.

Let’s Hear From You

It was a commenter like you that tipped me off to this topic in the first place, so please leave your comment.  I’d love to hear from you.

13 thoughts on “Is Trakt.tv Putting You At Risk?

  1. Thanks! I’m new to Kodi/Exodus and there are several things which make the entire setup feel like there are potentials for privacy violations – Trakt being one possible pitfall. Your article was very helpful.

  2. Hi Rick, so I’m using Exodus and Trakts…. set myself as “Private” and I’m using IPVanish… but doesn’t Trakt still store the “saved” TV Shows and Movie data and can use that information against me if it wanted to?

  3. I would be very worried if I was a citizen of Great Britian and proclaimed in publicaly in Trak. But it truly is the best way to organize viewing, just does take some housework. Wished it linked into Hulu, YouTube, Netflix and Amazon.

  4. Is there another add on that can save your movies and shows and keep it accessible at all times? Two times I used trakt and for whatever reason I was able to access the shows no problem then out of the blue it won’t let me access them which is annoying considering the time u spend adding all your favorites to trakt. If there’s a more reliable add on please let me know.

  5. The short answer is, no, it’s not putting you at any risk. The long answer is that the API only accepts certain parameters. Those acceptable parameters are a matter of public record because their API documentation is out there for all the world to see. There is no such parameter in the mark_as_seen() method, or the scrobble methods that allows the developer to say “this dudes’ media came from a torrent, arrest him”. It simply doesn’t exist. In mark_as_seen() we can send 1 parameter and that parameter is only to determine whether it was marked as seen within trakt or from an api request. The scrobbler methods only accept a few params. Specifically, these params are a progress param and then a media center name and media center build param. We could assume this would be something like scrobble(50, ‘kodi’, ‘krypton’) and, since it’s not illegal to view media on Kodi, that’s not enough information to incriminate you.

    Lastly, it is not illegal to watch media, it is illegal to store media that you do not have a right to (downloading something that you haven’t bought a right to download for instance). While, technically, SALTS “downloads” media from shady sources, it is not storing that media and therefore, the client (you) are not committing any illegal acts. Immoral? Perhaps. Illegal? Not yet.

    So, who is committing a crime here? You? No. SALTS? No… The only entity in this type of setup that is committing an actual punishable crime is the HOST of the media that you are streaming… and even that may not be true if they have the rights to distribute that media (which is rarely the case in this type of setup).

    1. MAybe it depends on your specific location, but I completely disagree on this comment. It IS illegal to stream media illegally. So streaming via Kodi addons or similar is in fact a violation of law, but the streamer and likely also the addon developer.

      If you are concerned about privacy and illegal content, you need to look closely at the streamer as well as the source of the stream, as ALL are at risk for their part in the activity. Even intermediaries like SALTS, although not the actual source restoring any media, can be liable for the piracy it helps facilitate.

  6. The problem pops up again in 2019. Every area is growing (streaming, kodi, Netflix, etc) and so is Trakt.tv. I’ve made my info “private” as you have suggested but it still lists the number of shows I watch over a time frame and a list of those shows. This info is only available to me and not you. But can the government approach Trakt.tv and ask for list of free subscribers who have watched a certain number of shows of a certain kind over a period of time. Trakt.tv would have not problem doing that search and turn over the millions of users with those credentials. All Trakt.tv has for me is name and email. I’ve used a VPN for several years but that is immaterial for this analysis. The only reason I use Trakt.tv is to check mark the TV shows I watch. It is a big convenience. Possible the kodi developers could offer a software patch to provide a sign that a movie or TV show has been watched on the users kodi platform. I would no longer need Trakt.tv and feel good about it.

    1. George, those are good points.
      Kodi does manage watched status, but only within the library. But, add-ons don’t work with that, unless you do library integration. But, even with that, it won’t carryover the watched status to other devices that run Kodi or carryover after wiping Kodi clean (if need be).
      I can see the hypothetical risk of the government demanding the data from Trakt.tv, but I’m not sure if they can necessarily tell how you watched the TV show or movie. For all they know, you could have watched your own purchased content.

Leave a Reply

Your email address will not be published.