Ring employees may have been spying on your security cameras and doorbells

Ring Video Doorbell
Ring Video Doorbell (Image credit: Android Central)

A lot of smart home products have popped up over the last few years, one of the most popular being smart security cameras and video doorbells. Amazon-owned Ring has been one of the top players in these niches for a few years, but if you've purchased any of the company's products in the past, you may want to consider unplugging them and getting something else.

The Intercept published a report on Thursday, January 10, and in the report, it's said that Ring employees at the company's Ukraine research center have been able to view video footage from customers' cameras and doorbells with nothing more than an email address.

This all started back in 2016, with the report reading as follows:

Beginning in 2016, according to one source, Ring provided its Ukraine-based research and development team virtually unfettered access to a folder on Amazon's S3 cloud storage service that contained every video created by every Ring camera around the world. This would amount to an enormous list of highly sensitive files that could be easily browsed and viewed. Downloading and sharing these customer video files would have required little more than a click.

All of the videos were reportedly left unencrypted, which Ring's execs justified because "encryption would make the company less valuable." Furthermore, Ring employees were given data that connected video files with specific customers.

The report continues:

Only a Ring customer's email address was required to watch cameras from that person's home. Although the source said they never personally witnessed any egregious abuses, they told The Intercept "I can say for an absolute fact if I knew a reporter or competitor's email address, I could view all their cameras." The source also recounted instances of Ring engineers "teasing each other about who they brought home" after romantic dates. Although the engineers in question were aware that they were being surveilled by their co-workers in real time, the source questioned whether their companions were similarly informed.

A Ring spokesperson responded shortly after this story broke, saying:

We take the privacy and security of our customers' personal information extremely seriously. In order to improve our service, we view and annotate certain Ring video recordings. These recordings are sourced exclusively from publicly shared Ring videos from the Neighbors app (in accordance with our terms of service), and from a small fraction of Ring users who have provided their explicit written consent to allow us to access and utilize their videos for such purposes. Ring employees do not have access to livestreams from Ring products.We have strict policies in place for all our team members. We implement systems to restrict and audit access to information. We hold our team members to a high ethical standard and anyone in violation of our policies faces discipline, including termination and potential legal and criminal penalties. In addition, we have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them.

So, why did Ring give its employees access to all this information in the first place?

According to The Intercept, at least part of it was a result of Ring's facial and object recognition system not being as good as the company wanted. By giving this data to employees, the goal was to improve the software to be better at accurately determining what the cameras were seeing.

A never-before-published image from an internal Ring document pulls back the veil of the company's lofty security ambitions: Behind all the computer sophistication was a team of people drawing boxes around strangers, day in and day out, as they struggled to grant some semblance of human judgment to an algorithm. (The Intercept redacted a face from the image.)

Ring supposedly began to be stricter about this practice with its Ukraine employees following a visit from Amazon in May 2018, but that "staffers in Ukraine worked around the controls."

So, what should you do if you have a Ring camera?

This is obviously a huge invasion of privacy, but it's likely something you agreed to when you purchased a Ring camera and agreed to the company's terms of service and privacy policy.

Whether or not your own a Ring product now, does this change your thought of the company as a whole? Let us know in the comments below.

Smart home tech isn't just convenient — it's added security and peace of mind to my life

Joe Maring

Joe Maring was a Senior Editor for Android Central between 2017 and 2021. You can reach him on Twitter at @JoeMaring1.