Visit the Ring website, and you’ll see the word “security” everywhere. Ring, an Amazon company, manufactures popular video doorbells and residential security cameras. As it turns out, security doesn’t really seem to matter much to them. According to an article from The Intercept, Ring may be watching your cameras more than you do.
All-Access Video Pass
“Beginning in 2016, according to one source, Ring provided its Ukraine-based research and development team virtually unfettered access to a folder on Amazon’s S3 cloud storage service that contained every video created by every Ring camera around the world.”
It gets worse. In addition to the entire video library, the team also had access to a database that linked each video to the correct customer. On top of that, decision-makers at Ring opted against encrypting the videos. The reason? Basically, it cost too much and would make the company less valuable.
All Employees Need Is An Email
At the same time, Ring provided access to live feeds of customer cameras to their own executives and engineers. Users only needed the customer’s email address to access their cameras. According to The Intercept’s source, “If [someone] knew a reporter or competitor’s email address, [they] could view all their cameras.”
Ring’s Recognition “Software”
Ring granted the Ukrainian team access in order to improve their facial and object recognition software. Apparently, the software doesn’t work that well. Part of the Ukrainian team’s job was tagging items in videos manually. Operators would draw boxes around people, cars, and other objects. The job required the ability “to recognize and tag all moving objects in the video correctly with high accuracy”.
Employees not only watched footage from outdoor and doorbell cameras but also watched footage from indoor cameras as well. Consequently, employees would often share videos with each other internally. They observed people kissing, firing guns, and even stealing items.
Yassi Shahmiri, Ring’s spokesperson, refused to answer any questions on the matter. He only offered the following statement.
“We take the privacy and security of our customers’ personal information extremely seriously. In order to improve our service, we view and annotate certain Ring videos. These videos are sourced exclusively from publicly shared Ring videos from the Neighbors app (in accordance with our terms of service), and from a small fraction of Ring users who have provided their explicit written consent to allow us to access and utilize their videos for such purposes.
We have strict policies in place for all our team members. We implement systems to restrict and audit access to information. We hold our team members to a high ethical standard and anyone in violation of our policies faces discipline, including termination and potential legal and criminal penalties. In addition, we have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them.”
After his initial public response, Shahmiri later contacted The Intercept. Shahmiri stated, “Ring employees never have and never did provide employees with access to livestreams of their Ring devices.” Multiple sources contradict this claim, so we’re left figuring out who to believe.
What Should You Do?
These conflicting statements leave many wondering who to believe and where to go from here. This only adds fuel to the fire started by the rumors surrounding Amazon’s facial recognition software. Ring’s respect for privacy seems questionable at best. Do you keep your Ring cameras? Are they watching inside your house? We’ve written about privacy issues with security cameras before. We can’t tell you what to do. However, if you like to dance like no one’s watching, just remember… someone might be watching after all.