Amazon has agreed to pay the Federal Trade Commission (FTC) $5.8 million to settle claims that staff and subcontractors in its Ring division had wide-ranging and unregulated access to clients’ videos for many years thus violating their privacy.
FTC Lawsuit Reveals Ring’s Unregulated Access to Client Videos
On Wednesday, the FTC filed a lawsuit against Ring claiming that the company had illegally misled its users about the privacy of their data and the videos that were being captured by its surveillance products.
According to the complaint, Ring did not put in place sufficient safeguards to prevent staff members and independent contractors from accessing client footage. The FTC alleges that a Ring employee in one instance viewed “thousands of video recordings” of female customers that “surveilled intimate spaces in their homes,” such as their restrooms and bedrooms.
The FTC added that this unlawful conduct persisted up until another employee became aware of it and the employee was then fired.
Ring gave “every employee — as well as hundreds of Ukraine-based third-party contractors — full access to every customer video, regardless of whether the employee or contractor actually needed that access to perform his or her job function,” said FTC.
The FTC is under fire for what seems to many like a tiny fine for such misconduct.
A $5.8 million fine for giving “every employee — as well as hundreds of Ukraine-based third-party contractors — full access to every customer video” seems like a slap on the wrist. https://t.co/RbMGppZ6Uv
— Adam Levin (@Adam_K_Levin) June 1, 2023
The Commission further stated that the employees could not only view the videos, “but they could also readily download any customer’s videos and then view, share, or disclose those videos at will.”
The lawsuit also accused Ring of failing to safeguard their users’ accounts from cybercriminal attacks. The FTC reportedly discovered that hackers employed a mix of brute force and credential stuffing to access client accounts.
In essence, a hacker used credentials exposed in earlier security breaches to employ an automated password-guessing method to find the password for Ring accounts.
Ring allegedly also allowed the use of simple and ineffective passwords such as 12345678, which made brute-forcing accounts simpler. Despite the reports of account intrusion, the Commission alleges that the company did not take action sooner to stop them.
As a result, approximately 55,000 Ring users in the US had their accounts stolen overall, and hackers were able to view their recordings. However, there were instances where the hackers would go as far as to harass, intimidate, and insult customers, including children as well as senior people.
“Hackers sexually harassed people, threatened a family with physical harm if they didn’t pay a ransom, and taunted several children with racist slurs,” the FTC said.
Amazon Agrees to Ring FTC Settlement
In the settlement, Amazon agreed to pay the $5.8 million which will be used to refund the affected customers. Moreover, Amazon will also be required to implement a privacy and security program that mandates that the Ring destroys all customer data obtained prior to 2018, along with the models, and algorithms created from any video material it inappropriately watched.
In addition, the FTC mandated that moving forward, “novel safeguards on human review of videos” as well as multi-factor authentication for both consumer and employee accounts, be put in place.
The injunction will also prohibit the company from using some voice and geolocation data to produce or improve products. However, a federal court must approve the settlement before Ring can formally resolve the dispute.
In a statement regarding the lawsuit, Ring said that although the firm did not dispute the FTC’s allegations, it had “promptly addressed these issues on its own years ago, well before the FTC began its inquiry.”
“While we disagree with the FTC’s allegations and deny violating the law, this settlement resolves this matter so we can focus on innovating on behalf of our customers,” the company said.
Related articles:
- Google Wallet Adds New Boarding Pass, QR Code Loyalty Cards, And More in New Update
- How to Buy Amazon Stock in 2023
- US Air Force Official Reports Incident Where AI-Piloted Drone Killed its Operator
What's the Best Crypto to Buy Now?
- B2C Listed the Top Rated Cryptocurrencies for 2023
- Get Early Access to Presales & Private Sales
- KYC Verified & Audited, Public Teams
- Most Voted for Tokens on CoinSniper
- Upcoming Listings on Exchanges, NFT Drops