Amazon fined for customer spying

The spying was done through the Ring cameras

Amazon has agreed to pay $5,8 million in a settlement after the Federal Trade Commission found it illegally spied on its customers and failed to stop hackers from taking control of users' Ring cameras.

amazon ring doorbells spy

The FTC's investigation concluded that Ring, which was acquired by Amazon in 2018, "violated customer privacy by allowing any employee or contractor to access consumers' private videos and failing to enforce basic privacy protections and security".

Η της ιδιωτικής ζωής των χρηστών από την Ring έγινε σε πολλαπλά μέτωπα, καθώς η Ring απέκρυψε αυτές τις πληροφορίες στους όρους χρήσης και στην πολιτική απορρήτου της, οπότε οι χρήστες της Ring πιθανότατα δεν γνώριζαν ότι η εταιρεία χρησιμοποιούσε τα βίντεό τους για “βελτίωση και ανάπτυξη προϊόντων”. Με άλλα λόγια, τα βίντεο των πελατών δεν χρησιμοποιούνταν μόνο για την εκπαίδευση αλγορίθμων, αλλά τα έβλεπαν και οι υπάλληλοι και οι εργολάβοι της Ring.

Η FTC διαπίστωσε ότι οι υπάλληλοι της Ring είχαν προβάλει χιλιάδες βίντεο με γυναίκες πελάτες στα υπνοδωμάτια και τα μπάνια τους σε αρκετών μηνών. Ο υπάλληλος σταμάτησε μόνο όταν άλλοι υπάλληλοι ανακάλυψαν τι έκανε- η Ring δεν παρακολουθούσε την πρόσβαση των υπαλλήλων στα βίντεο και, ως εκ τούτου, δεν μπορούσε να διαπιστώσει αν άλλοι υπάλληλοι παραβίαζαν την ιδιωτική ζωή των χρηστών με τον ίδιο τρόπο.

Further privacy breaches occurred due to a lack of security: the FTC found that hackers used a combination of credential stuffing and brute force attacks to gain access to customer accounts. Essentially, the hackers used credentials leaked in other security breaches to discover passwords for Ring accounts using an automated password estimation system.” Ring didn't implement multi-factor authentication until 2019, and even then, "the sloppy implementation of additional security measures hampered its effectiveness" It wasn't a good idea to do so.

In total, about 55.000 Ring customers in the US had their accounts and video views compromised by hackers. However, in some cases, the “bad actors” harassed, threatened, and insulted customers, including children and the elderly—the FTC stated that “the hackers racially taunted many children, made sexual advances to individuals, and threatened physical harm to families.” if no ransom was paid".

Amazon has now imposed a privacy and security program on Ring, requiring the company to delete all customer data (acquired before 2018), models and algorithms derived from videos it has detected infringing way. The FTC is also calling for “new safeguards for human review of videos” going forward, as well as multi-factor authentication on both customer and employee accounts. The $5,8 million paid by Amazon will be used to refund customers. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).