Skip to main content

Ring camera privacy breaches see Amazon fined – but only $6M

Ring camera privacy has been under fire since 2019, with two separate issues leading to a formal complaint to the Federal Trade Commission (FTC). That has now resulted in Ring owner Amazon being fined – but only $5.8M.

The company was also fined $25M for using Alexa data from children to train its algorithms, something the FTC said was clearly illegal …

Ring camera privacy breaches

There were two issues, relating to access by both Amazon employees and police departments. The FTC investigation and fine relates only to the first of these.

Video footage from Ring security cameras is stored on cloud services. These first issue is that these videos were unencrypted, letting staff access live and recorded feeds from customer cameras around the world. Reportedly, the only information needed to gain access was a customer’s email address.

The company failed to control or monitor access by its staff, with multiple employees fired for unauthorized viewing of customer videos. In one case, an employee was said to have viewed thousands of hours of sensitive footage of female Ring owners.

“One employee over several months viewed thousands of video recordings belonging to female users of Ring cameras that surveilled intimate spaces in their homes such as their bathrooms or bedrooms. The employee wasn’t stopped until another employee discovered the misconduct,” the FTC alleged. 

The company finally started offering end-to-end encryption last year, to render footage inaccessible to employees, though this did come with some significant compromises.

Amazon told us:

Our focus has been and remains on delivering products and features our customers love, while upholding our commitment to protect their privacy and security. Ring promptly addressed these issues on its own years ago, well before the FTC began its inquiry. While we disagree with the FTC’s allegations and deny violating the law, this settlement resolves this matter so we can focus on innovating on behalf of our customers.

Second, Ring provided customer email addresses to police departments seeking footage to help them solve crimes.

Footage from doorbell and other security videos can often play an important role in identifying criminals, and providing evidence that helps to convict them. For example, motion sensors might trigger video recordings when someone breaks into a neighboring property.

However, the concern here was that by allowing police to make direct contact with doorbell owners, there was no transparency around the number or nature of these requests. Footage may include uninvolved neighbours and passersby, and video of them may then end up being held indefinitely on police systems.

Amazon subsequently changed its policy in the US, giving greater transparency, and checking that such requests are not overly broad.

Amazon fined $5.8M

CNET reports that the FTC has now fined Amazon $5.8M for the first of these privacy breaches.

The FTC on Wednesday leveled a $5.8 million penalty against Amazon’s Ring. Ring, which was acquired by Amazon in 2018, sells video doorbells, indoor and outdoor cameras and home security services. It has long been criticized for its privacy practices, including sharing doorbell footage with police departments across the US. The settlement announced Wednesday related to allegedly failing to restrict access to customers’ videos across its employees and contractors and using those videos to train its algorithms without consent.

9to5Mac’s Take

Given the egregious nature of the company’s failings, a fine of less than $6M seems appallingly low.

Amazon not only allowed employees to view intrusive video footage inside and outside people’s homes, but its failure to even log such access means that the company couldn’t even tell the FTC how many employees accessed footage inappropriately.

That’s an utterly absurd failing for any company, let alone one the size of Amazon. The FTC should have levied a fine large enough to act as a genuine deterrent against future privacy lapses.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications