Amazon’s Ring Security Camera Let Employees Spy on Customers

An investigation by The Intercept claims that beginning in 2016, Ring gave its Ukrainian R&D team “virtually unfettered access to a folder on Amazon’s S3 cloud storage service that contained every video created by every Ring camera around the world.” The video files were left unencrypted because Ring leadership felt that encryption would make the company less valuable. The Ukranian team doing the R&D was also provided with “a corresponding database that linked each specific video file to corresponding specific Ring customers.”

This data wasn’t limited to just the engineers working on the cameras. The Intercept writes:

Ring unnecessarily provided executives and engineers in the U.S. with highly privileged access to the company’s technical support video portal, allowing unfiltered, round-the-clock live feeds from some customer cameras, regardless of whether they needed access to this extremely sensitive data to do their jobs. For someone who’d been given this top-level access — comparable to Uber’s infamous “God mode” map that revealed the movements of all passengers — only a Ring customer’s email address was required to watch cameras from that person’s home.

Why did Ring grant its engineers access to this data? In part, apparently, because its facial recognition software and AI capabilities were terrible. One of Ring’s leading features is called Neighbors. It claims to provide real-time crime and safety alerts to your entire neighborhood (assuming, of course, your neighbors all use Ring) with features that “proactively keep you in the know.” But making this work correctly requires sophisticated facial recognition and processing techniques. The company’s customers were complaining that the Neighbors feature didn’t actually work very well at all, misidentifying cars driving by or leaves falling from trees. So Ring started hiring folks to manually identify and flag everything they saw in video streams, trying to build out a satisfactory machine learning data set with on-the-fly training.

There was, according to the Intercept, precious little data security. Interior and exterior cameras were used for training. Employees shared choice data clips amongst themselves. When contacted for comment, Ring claimed to have established robust safeguards for data privacy and security, but would not comment on how its policies might have changed or what kinds of activity had previously been permitted. Ring’s public advertising doesn’t even mention facial recognition — to discover that the company is even using the data it gathers from you for this purpose, you have to check the privacy policy, which states, “You may choose to use additional functionality in your Ring product that, through video data from your device, can recognize facial characteristics of familiar visitors.”

Nothing in that paragraph implies that your home is being watched by a Ukrainian lab for the purpose of developing better facial recognition technology. Nothing in any policy acknowledges that other people have access to your data stream at all, much less that they have it on an ongoing real-time basis with nothing more than email address required to access it.

After the Intercept story went live, Ring contacted the Intercept to claim “Ring employees never have and never did provide employees with access to livestreams of their Ring devices.” The Intercept states this claim is contradicted by multiple sources. It’s definitely contradicted by a report from The Information, which opens by describing how, back in 2016, Ring executives flew to the Ukraine to ask its engineering staff what they needed to help them develop the product more effectively.

While the story is paywalled, the paragraph you can see certainly implies what happened next.

One of the engineers in the room said that to improve Ring’s software, the Kiev office needed access to customer video feeds. The information trove contained images from security cameras pointed at home entrances across the globe that could be traced back to individual customers.