Ring Fined for Allowing Illegal Surveillance of Customers

A white security camera is mounted on the wall

The Federal Trade Commission (FTC) has been looking into Ring, the home security camera company, for compromising its customers’ privacy. A complaint against Ring said that the company deceived its customers by failing to restrict access to customer videos and other problems. The FTC have released a proposed order, to be approved by the federal court, requiring Ring to abide by a number of provisions and pay a fine. 

Complaint

The complaint raised a number of concerns with practices taking place with the home security camera company. The FTC said they deceived customers by:

  • Failing to restrict employees’ and contractors’ access to its customers’ videos
  • Using customer videos to train algorithms, among other purposes, without consent
  • Failing to implement security safeguards.

It was stressed that these failures amounted to violations of users’ privacy. One major example that was mentioned referenced an employee who was able to view thousands of video recordings belonging to female users from intimate areas of their homes such as bathrooms and bedrooms. The employee wasn’t stopped until another member of staff discovered the misconduct.

Even after Ring implemented stricter access on who could access customer videos, they had no way to establish how many other employees had been accessing videos inappropriately. This was due to their inability to implement basic monitoring and detection measures. 

Another major issue that was raised was that Ring took no steps to notify customers or obtain consent for their videos to be used for various purposes, including training algorithms. Steps were only taken in January 2018, but the complaint stated that Ring buried the information in its Terms of Service and Privacy Policy. 

Security Failures

Further concerns were raised regarding Ring’s security measures. The complaint stated that Ring failed to protect customers from common and well-known threats. Even after the company suffered attacks in 2017 and 2018 Ring didn’t implement any basic features, like multi-factor authentication, until 2019. But the implementation was described as sloppy and therefore meant they were not as effective. This led to around 55,000 US customers still being impacted by hacking efforts resulting in some customers even being harassed, threatened, and insulted customers through their security system. 

Proposed Order

The FTC have said that Ring should be required to delete data products such as data, models, and algorithms that it derived from videos that were viewed unlawfully. They will also need to implement a privacy and security program with more safeguards on who can review videos and better security controls. 

Additionally, the FTC have said Ring should be required to pay $5.8 million to refund impacted customers. Ring will also be required to submit compliance reports for 10 years and annually certify to the FTC they are compliant with the order for 20 years. 

A blue gradient background which is darker in the bottom right and lighter in all other corners. In the centre is a logo for Value Privacy. It is value privacy written in white, privacy is bold, value is not and there is a yellow fullstop after privacy. Underneath this logo is written "Making Privacy Simple" in yellow

Value Privacy’s experts are on hand to make sure that you and your company aren’t caught out by new or existing privacy laws.

You can find out more about the services we offer or just get in touch with us directly with any questions you have about how privacy laws impact you.

Total
0
Shares
Previous Post

Montana Bans TikTok

Next Post

Online Advertising Prepares for Google’s Privacy Sandbox Initiative

Related Posts
Total
0
Share
en_USEN