Update 14/01/2019: Ring has reached out with a statement to MobileSyrup regarding the issue. The below text has been amended with Ring’s statement.
“We take the privacy and security of our customers’ personal information extremely seriously. In order to improve our service, we view and annotate certain Ring video recordings. These recordings are sourced exclusively from publicly shared Ring videos from the Neighbors app (in accordance with our terms of service), and from a small fraction of Ring users who have provided their explicit written consent to allow us to access and utilize their videos for such purposes. Ring employees do not have access to livestreams from Ring products.
We have strict policies in place for all our team members. We implement systems to restrict and audit access to information. We hold our team members to a high ethical standard and anyone in violation of our policies faces discipline, including termination and potential legal and criminal penalties. In addition, we have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them.”
Amazon-owned Ring, the maker of smart home products including video doorbells, is under scrutiny for mishandling footage from its cameras.
According to The Intercept, Ring has been storing videos from all user’s smart camera products in an unencrypted cloud folder that is freely available to employees.
One of the groups inside of Ring that allegedly had access to these videos is a Ukraine-based research and development arm. These “data operators” were able to use the stored videos to teach Ring’s products to more accurately identify objects and, in some cases, even people.
The Intercept reported that the R&D group has been working on this project since 2016.
In rebuttal, Ring says that “These recordings are sourced exclusively from publicly shared Ring videos from the Neighbors app (in accordance with our terms of service), and from a small fraction of Ring users who have provided their explicit written consent to allow us to access and utilize their videos for such purposes.
The Ukraine team reportedly had a database that allowed them to connect a video with the customer from which the video originated.
An unnamed source who spoke with The Intercept said that Ring employees in the U.S. are even able to type in a user’s email address and get access to the user’s camera’s live feed. Ring has reached out to MobileSyrup and says “Ring employees do not have access to livestreams from Ring products.”
The company reportedly passed around this sensitive data because it wanted to improve its ‘Neighbours’ service to better identify objects.
Neighbours is an app that links Ring users in a single neighbourhood so that an event that occurs at one house can trigger a notification that proliferates throughout the other members of the community.
According to The Intercept, Ring’s Neighbours service struggled with object identification, leading to the employment of the Ukrainian team to help teach the cameras to identify things correctly. Ring reportedly still employs Ukrainian data operators to manually process video footage.
Ring employees who spoke with The Intercept did mention that Amazon’s acquisition of Ring led to better privacy controls.
The Intercept also reported that Ring’s overview of the Neighbours platform has no mention of facial recognition and no mention of a team of employees that use footage to improve the company’s object recognition system.
There’s no mention if the manual video training system in the policy.
Source: The Intercept