Amazon Will Pay Millions in Settlements for Privacy Violations with Ring Cameras and Alexa Devices

By B.N. Frank

While Amazon may not be the only company guilty of collecting private data with their devices on people of all ages without their consent, last month the Federal Trade Commission (FTC) announced the agency was taking legal action against it for this and perhaps other offenses as well.  Nevertheless, approximately two weeks later, the company started offering American developers the opportunity to also collect data on people without their consent.  Only time will tell if that opportunity will still be available now that Amazon must pay 30M+ to settle with the FTC.

From CNBC:

Amazon to pay over $30 million in FTC settlements over Ring, Alexa privacy violations

Lauren Feiner@lauren_feiner

Annie Palmer@in/annierpalmer/@annierpalmer

Key Points

  • Amazon’s Ring doorbell unit will pay $5.8 million to settle with the FTC over privacy violations.
  • Amazon will also pay $25 million to settle a separate privacy suit over Alexa.

Amazon will pay the Federal Trade Commission more than $30 million to settle allegations of privacy lapses in its Alexa and Ring divisions, according to filings on Wednesday.

The agency filed a lawsuit alleging Amazon’s Ring doorbell unit violated a portion of the FTC Act that prohibits unfair or deceptive business practices, which Amazon settled by agreeing to pay $5.8 million.

As part of the proposed settlement, Ring is required to delete any customer videos and data collected from an individual’s face, referred to as “face embeddings,” that it obtained prior to 2018. It must also delete any work products it derived from those videos.

A separate suit alleges Amazon violated the FTC Act and Children’s Online Privacy Protection Act by illegally retaining thousands of children’s information through their profiles with the Alexa voice assistant. Amazon paid $25 million to settle that suit.

Become Bulletproof Online Today With ZERO RISK!

The Department of Justice filed the Alexa complaint and proposed settlement on behalf of the FTC. The government alleged that Amazon kept voice and geolocation information associated with young users for years while preventing parents from using their rights to delete their kids’ data under the COPPA Rule.

Under the proposed settlement, Amazon will have to delete inactive child accounts as well as some voice recordings and geolocation information. It also would be prohibited from using that information to train its algorithms.

Amazon has faced scrutiny over the data that’s collected by its kids-oriented Echo smart speakers, which use Alexa to respond to commands.

The FTC said in a press release that kids’ speech patterns could have been especially valuable to Amazon since they differ from those of adults. That means the recordings of kids’ voices could have provided an important training dataset for the Alexa algorithm to better respond to kids’ voices. The government alleged Amazon failed to create an effective system to honor data deletion requests.

Alongside the $25 million civil penalty, if approved by the court, Amazon will be prohibited from using children’s voice information and geolocation data subject to deletion requests for creating or improving any data product. Amazon will also be required to delete inactive child accounts on Alexa, notify users about the government action against the company and of its retention and deletion practices. Amazon will also have to implement a privacy program to govern its use of geolocation information.

Both settlements must be approved by a court to take effect. The FTC’s ability to pursue monetary relief for consumers is limited by a 2021 Supreme Court ruling that narrowed the scope of the types of financial remedies it can impose.

Amazon didn’t immediately respond to a request for comment.

What allegedly happened with Ring

While Ring has claimed its products help keep customers safer with its doorbell security cameras, the FTC alleged that Ring instead comprised customer information by giving third-party contractors access to customer videos, even when it was unnecessary to perform their jobs.

Ring employees and those who worked for a third-party contractor in Ukraine could access and download every customer’s videos, with no technical or procedural restrictions on the practice before July 2017, the FTC alleged.

The agency claims Ring did not have any privacy or data security training before 2018, even as the company’s employee handbook prohibited misuse of customer data. It also alleges Ring failed to implement basic security measures to protect users’ information from online threats like “credential stuffing” and “brute force” attacks, despite warnings from employees, external security researchers and media reports.

In one instance, a Ring employee allegedly viewed thousands of videos from at least 81 different female users from cameras labeled for use in intimate spaces, like “Master Bedroom,” “Master Bathroom” and “Spy Cam.” Between June and August 2017, the FTC alleged, the employee looked through the videos for often at least an hour a day on hundreds of occasions.

Another employee who reported the alleged inappropriate access was told by a supervisor that it was ”‘normal’ for an engineer to view so many accounts,” according to the complaint. “Only after the supervisor noticed that the male employee was only viewing videos of ‘pretty girls’ did the supervisor escalate the report of misconduct,” the complaint alleges, and the employee was ultimately fired.

Ring narrowed employee access to customer videos in September 2017, the complaint says, so that customers had to consent to customer service agents accessing their videos. But even then, the FTC alleged, Ring allowed hundreds of employees and Ukraine-based contractors to continue accessing all video data.

“Importantly, because Ring failed to implement basic measures to monitor and detect inappropriate access before February 2019, Ring has no idea how many instances of inappropriate access to customers’ sensitive video data actually occurred,” the complaint alleges.

Amazon acquired Ring for a reported $1 billion in 2018 and the company now operates as a subsidiary of Amazon. The deal has helped Amazon grow its presence in the smart home and home security categories. But Ring has also drawn criticism from privacy and civil liberties advocates over a controversial partnership with thousands of police departments across the country.

Ring’s security protocols have been criticized previously. In 2020, Ring said it fired four employees for peeping into customer video feeds after reports from The Intercept and The Information found that Ring staffers in Ukraine were given unfettered access to videos from Ring cameras around the world.

The company strengthened its security measures after a series of incidents wherein hackers gained access to a number of users’ cameras. In one case, hackers were able to watch and communicate with an 8-year-old girl. Ring blamed the issue on users reusing their passwords.

In addition to the flagrant privacy violations and security risks associated with installing and operating these types of devices in homes and everywhere else, “smart”, wireless, Bluetooth, and IoT devices also emit harmful electromagnetic and wireless radiation and manufacturers are required to warn users about this.  In fact, a U.S. federal court ruled in favor of organizations and petitioners that sued the Federal Communications Commission (FCC) for NOT adequately protecting Americans from wireless radiation exposure (including 5G) in 2021.   More recently one of the organizations petitioned the agency to comply with the now almost two-year-old court-ordered mandate.  Organizations have also petitioned the Food and Drug Administration (FDA) for “violating its own law” for NOT protecting Americans from wireless radiation exposure from electronic devices.

Got pets?  Exposure is bad for their health too!

Activist Post reports regularly about privacy invasive and unsafe technologies.  For more information, visit our archives and the following websites:

Top image: ACLU

Become a Patron!
Or support us at SubscribeStar
Donate cryptocurrency HERE

Subscribe to Activist Post for truth, peace, and freedom news. Follow us on SoMee, Telegram, HIVE, Flote, Minds, MeWe, Twitter, Gab, What Really Happened and GETTR.

Provide, Protect and Profit from what’s coming! Get a free issue of Counter Markets today.

Activist Post Daily Newsletter

Subscription is FREE and CONFIDENTIAL
Free Report: How To Survive The Job Automation Apocalypse with subscription

Be the first to comment on "Amazon Will Pay Millions in Settlements for Privacy Violations with Ring Cameras and Alexa Devices"

Leave a comment

Your email address will not be published.