Back in July last year, this blog wrote about Amazon’s Ring series, whose key product is a small Internet-connected camera built into a doorbell. At that time, it was already clear that the system posed a serious threat to privacy, particularly in the urban context. Since then, there has been a massive rise in the number of Ring installations in the US, with often dozens along a single street. At the same time, the number of US police departments that have partnered with Ring’s law enforcement network has also increased greatly. In addition, new problems with the system have emerged. For example, Gizmodo discovered that network traffic from the associated Neighbors app, advertised as a way to receive real-time crime and safety alerts from the local police, also contained unexpected data. It includes hidden geographic coordinates that are connected to each post – latitude and longitude with up to six decimal points of precision, accurate enough to pinpoint “a square inch of ground”.
An investigation by the Electronic Frontier Foundation (EFF) found that the Ring doorbell app for Android was “packed with third-party trackers sending out a plethora of customers’ personally identifiable information”. The EFF’s research discovered that four main analytics and marketing companies were receiving information from the app that included things such as the names, private IP addresses, mobile network carriers, persistent identifiers, and sensor data on the devices of paying customers. Also potentially concerning is the fact that Amazon keeps records of every motion detected by its Ring doorbells, as well as the exact time they are logged down to the millisecond. Conscious of the growing concerns about privacy, Amazon has improved account security and privacy control, although not significantly.