Amazon’s Ring agrees to pay $5.8 million to settle FTC spying suit
Image: Ring
Amazon’s Ring unit has agreed to pay $5.8 million to settle Federal Trade Commission allegations that its doorbells illegally spied on users.
The settlement addresses a lawsuit filed by the FTC Wednesday accusing Ring of unlawfully deceiving its customers over the privacy of their data and the videos collected by its products. According to the agency’s complaint, Ring failed to restrict employees and contractors from accessing customer videos and used them to train algorithms without user consent.
“Ring’s disregard for privacy and security exposed consumers to spying and harassment,” FTC Bureau of Consumer Protection director Samuel Levine said in a statement Wednesday. “The FTC’s order makes clear that putting profit over privacy doesn’t pay.”
The FTC’s complaint alleges that Ring failed to implement meaningful guardrails to protect employees and third-party contractors from accessing customer videos. In one case, the FTC claims a Ring employee viewed “thousands of video recordings” originating from female users that “surveilled intimate spaces in their homes,” like their bedrooms and bathrooms. This offending behavior continued until it was discovered by another employee, the FTC said.
Under the FTC’s proposed order, Ring would be required to delete all data and algorithms that originated from unlawfully viewed videos. Ring must also create a new privacy and security program barring workers from viewing customer videos except under specific law enforcement circumstances. The order would also ban the company from using some geolocation and voice information to help improve or create products.
Before Ring can formally settle the case, a federal court must approve the proposed settlement.
The complaint also accuses Ring of illegally failing to prevent multiple cyber attacks, like two 2017 and 2018 credential stuffing attacks. After gaining access to around 55,000 customer accounts, the FTC alleges that hackers were able to “harass, threaten, and insult customers” through their devices.
“For example, hackers taunted several children with racist slurs, sexually propositioned individuals, and threatened a family with physical harm if they didn’t pay a ransom,” the FTC’s Wednesday press release said.
In a statement to The Verge Wednesday, Ring spokesperson Emma Daniels said that the company did not deny the FTC’s claims but that the company “promptly addressed these issues on its own years ago, well before the FTC began its inquiry.”
“While we disagree with the FTC’s allegations and deny violating the law, this settlement resolves this matter so we can focus on innovating on behalf of our customers,” Daniels said.
Image: Ring
Amazon’s Ring unit has agreed to pay $5.8 million to settle Federal Trade Commission allegations that its doorbells illegally spied on users.
The settlement addresses a lawsuit filed by the FTC Wednesday accusing Ring of unlawfully deceiving its customers over the privacy of their data and the videos collected by its products. According to the agency’s complaint, Ring failed to restrict employees and contractors from accessing customer videos and used them to train algorithms without user consent.
“Ring’s disregard for privacy and security exposed consumers to spying and harassment,” FTC Bureau of Consumer Protection director Samuel Levine said in a statement Wednesday. “The FTC’s order makes clear that putting profit over privacy doesn’t pay.”
The FTC’s complaint alleges that Ring failed to implement meaningful guardrails to protect employees and third-party contractors from accessing customer videos. In one case, the FTC claims a Ring employee viewed “thousands of video recordings” originating from female users that “surveilled intimate spaces in their homes,” like their bedrooms and bathrooms. This offending behavior continued until it was discovered by another employee, the FTC said.
Under the FTC’s proposed order, Ring would be required to delete all data and algorithms that originated from unlawfully viewed videos. Ring must also create a new privacy and security program barring workers from viewing customer videos except under specific law enforcement circumstances. The order would also ban the company from using some geolocation and voice information to help improve or create products.
Before Ring can formally settle the case, a federal court must approve the proposed settlement.
The complaint also accuses Ring of illegally failing to prevent multiple cyber attacks, like two 2017 and 2018 credential stuffing attacks. After gaining access to around 55,000 customer accounts, the FTC alleges that hackers were able to “harass, threaten, and insult customers” through their devices.
“For example, hackers taunted several children with racist slurs, sexually propositioned individuals, and threatened a family with physical harm if they didn’t pay a ransom,” the FTC’s Wednesday press release said.
In a statement to The Verge Wednesday, Ring spokesperson Emma Daniels said that the company did not deny the FTC’s claims but that the company “promptly addressed these issues on its own years ago, well before the FTC began its inquiry.”
“While we disagree with the FTC’s allegations and deny violating the law, this settlement resolves this matter so we can focus on innovating on behalf of our customers,” Daniels said.