Amazon-owned smart home firm Ring allegedly let employees have access to videos and live feeds of customers’ cameras, according to a pair of new reports this week.
Sources say some teams had unfettered access to unencrypted server-stored video files and even live feeds, even when that level of access was unnecessary, according to two separate stories by The Intercept and The Information.
Reportedly, this mishandling of customer data kicked off in 2016. That’s when Ring founder Jamie Siminoff moved much of the company’s infrastructure from the Bay Area to Ukraine to cut costs.
Videos recorded by Ring customer cameras were frequently sent without encryption, allowing them to be downloaded and shared. Some teams were even given access to databases that linked videos to individual customers. But that wasn’t the end of it.
High-level teams in the U.S. reportedly had access to “round-the-clock” live feeds from some customer cameras. All that was needed was a Ring user’s email address. Some sources indicated that Ring engineers teased each other about “who they brought home” after dates.
Back in Ukraine, employees there also had to take up some slack after issues with A.I. performance. Staff members reportedly had to manually tag objects in videos to train Ring’s machine learning algorithm.
The Ukraine team allegedly watched footage from both indoor and outdoor cameras, showed each other some of that footage, and labeled customer actions like “kissing, firing guns, and stealing.”
There weren’t any reports of actual privacy abuse, however. And after Amazon acquired the company, it placed security restrictions on some of that access — but Ring employees told The Information that they had ways around that security.
Ring pushed back
Actual privacy is becoming much rarer and more valuable in the digital era. But aside from covering your cameras and learning to delete your interactions with Amazon’s Alexa, your own level of privacy may largely be left up to the company you’ve entrusted it to — willingly or otherwise.