Skip to main content

Ring employees may have been spying on your security cameras and doorbells

A lot of smart home products have popped up over the last few years, one of the most popular being smart security cameras and video doorbells. Amazon-owned Ring has been one of the top players in these niches for a few years, but if you've purchased any of the company's products in the past, you may want to consider unplugging them and getting something else.

The Intercept published a report on Thursday, January 10, and in the report, it's said that Ring employees at the company's Ukraine research center have been able to view video footage from customers' cameras and doorbells with nothing more than an email address.

This all started back in 2016, with the report reading as follows:

Beginning in 2016, according to one source, Ring provided its Ukraine-based research and development team virtually unfettered access to a folder on Amazon's S3 cloud storage service that contained every video created by every Ring camera around the world. This would amount to an enormous list of highly sensitive files that could be easily browsed and viewed. Downloading and sharing these customer video files would have required little more than a click.

All of the videos were reportedly left unencrypted, which Ring's execs justified because "encryption would make the company less valuable." Furthermore, Ring employees were given data that connected video files with specific customers.

The report continues:

Only a Ring customer's email address was required to watch cameras from that person's home. Although the source said they never personally witnessed any egregious abuses, they told The Intercept "I can say for an absolute fact if I knew a reporter or competitor's email address, I could view all their cameras." The source also recounted instances of Ring engineers "teasing each other about who they brought home" after romantic dates. Although the engineers in question were aware that they were being surveilled by their co-workers in real time, the source questioned whether their companions were similarly informed.

A Ring spokesperson responded shortly after this story broke, saying:

We take the privacy and security of our customers' personal information extremely seriously. In order to improve our service, we view and annotate certain Ring video recordings. These recordings are sourced exclusively from publicly shared Ring videos from the Neighbors app (in accordance with our terms of service), and from a small fraction of Ring users who have provided their explicit written consent to allow us to access and utilize their videos for such purposes. Ring employees do not have access to livestreams from Ring products.We have strict policies in place for all our team members. We implement systems to restrict and audit access to information. We hold our team members to a high ethical standard and anyone in violation of our policies faces discipline, including termination and potential legal and criminal penalties. In addition, we have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them.

So, why did Ring give its employees access to all this information in the first place?

According to The Intercept, at least part of it was a result of Ring's facial and object recognition system not being as good as the company wanted. By giving this data to employees, the goal was to improve the software to be better at accurately determining what the cameras were seeing.

A never-before-published image from an internal Ring document pulls back the veil of the company's lofty security ambitions: Behind all the computer sophistication was a team of people drawing boxes around strangers, day in and day out, as they struggled to grant some semblance of human judgment to an algorithm. (The Intercept redacted a face from the image.)

Ring supposedly began to be stricter about this practice with its Ukraine employees following a visit from Amazon in May 2018, but that "staffers in Ukraine worked around the controls."

So, what should you do if you have a Ring camera?

This is obviously a huge invasion of privacy, but it's likely something you agreed to when you purchased a Ring camera and agreed to the company's terms of service and privacy policy.

Whether or not your own a Ring product now, does this change your thought of the company as a whole? Let us know in the comments below.

Logitech Circle 2 vs. Arlo Pro: Which should you buy?

When Joe isn't acting as the News Editor for Android Central, he can be found helping out with articles here and there at iMore. He was last spotted at Starbucks surrounded by peppermint mochas. Have a tip? Send an email to joe.maring@mobilenations.com!

6 Comments
  • I have no idea who Intercept is or how to gauge their credibility (Or the article). Obviously the claims made are quite troubling, if true. I own a Ring doorbell so, watching my dog set off the alarm is probably not worthy of concern😳😳. Nevertheless, privacy is always a concern.
  • I had the original Ring which barely worked. After many attempts to get satisfaction, they finally replaced it after many months with the next generation—that was crap, too, and I just left it installed (but not on) as a decoy. Wouldn’t try again after evil Amazon bought them, just like I’d never use Nest by evil google. It’s just common sense unless you don’t care about privacy.
  • It depends how much you care about privacy. I care about it, but not to the degree that I'm going to worry about Alexa recording my conversations, or a doorbell looking at what's outside my front door. Big companies have been collecting all sorts of data from me from when I started using the internet and even before that, it's not right, but at the same time it hasn't caused me any harm. The main thing for me is to keep sensitive data private, which is what I do.
  • Google Home and Amazon Echo is always listening to our conversations; our carrier sells our location data for as little as $8 and some change; and now, Amazon employees can view your cameras based on your email address. Congress needs to come up with privacy laws to protect all of us, from government AND private corporations. I refuse to use any smart home products until I know my privacy is guaranteed.
  • You guys just need to catch up with Europe, we have GDPR for that.
  • Sadly with a lot of these cloud services you don't really know what's happening with your data. I know you can set up video cameras without the use of a cloud service, so there's probably something similar for video doorbells.