Ring Updates Device Security and Privacy—But Ignores Larger Concerns
Amazon’s surveillance doorbell company Ring has announced extra layers of security and control for users after a wave of backlash from civil liberties and cyber security organizations like EFF and Mozilla. Organizations raised major concerns over Ring’s lack of effort in protecting the data and security of users, including permitting multiple log-in attempts that allowed bad actors to take control of people’s Ring cameras; not requiring two-factor authentication; and allowing a number of undisclosed third-party trackers to harvest data from the Ring app.
Ring’s announcement declared that the company is making two-factor authentication mandatory for users—meaning that when a person logs in to their Ring account, they will have to enter a code emailed or texted to them to verify that they are the person attempting to log in.
After EFF’s report on Ring’s use of the third-party trackers, the company also has announced that they are temporarily pausing the use of most third-party trackers and are working on a way to allow users to further limit information sharing. The announcement further states that customers will be able to opt out of sharing information with third-party trackers specifically for the purpose of receiving personalized ads.
These privacy reforms are a good step forward. However, the density of surveillance networks created by Ring cameras combined with the rapid proliferation of partnerships between law enforcement agencies and Ring —with limited, if any, oversight, transparency, or restrictions—continue to pose grave threats to the privacy of all communities, and not just Ring’s users. There are still a number of key reforms that Ring must make to signal that they are seriously considering fundamental problems that their technology poses.
First, Ring should end its rapid expansion of law enforcement partnerships. Giving police direct access to request private footage endangers communities and facilitates near-constant surveillance by local police, encourages an atmosphere of mistrust between police and residents, exacerbates racial profiling and overpolicing, and may chill the exercise of First Amendment-protected activities such as canvassing and community organizing. It also provides a way for police to access a widespread CCTV network without having to go through democratic processes or be subject to traditional oversight. If these partnerships are being created, they should be decided by the elected officials and communities who would be surveyed by these cameras every day.
Second, Ring should implement measures that require warrants to be issued directly to device owners in order for law enforcement to gain access to footage. This would limit the ability of the police to implement widespread, sweeping surveillance. This is akin to traditional surveillance systems, where law enforcement had to approach the owners of the footage directly, and in so doing inform them of the fact their footage is being requested and the scope of the request. One way to do that would be for Amazon to employ end-to-end encryption. However, since Amazon currently stores Ring footage on their cloud, Ring should create a company-wide policy that requires that users be informed when police or other law enforcement agencies present a warrant to the company for footage and/or audio. With this change, Ring users would know exactly who has access to their data, when, and why. This provision would also require users to be informed when law enforcement agencies go to Ring to flag specific footage for preservation past its retention time.
Third, if any Ring users choose to share footage with a law enforcement agency for the purpose of aiding a specific investigation, police should not be able to share that footage with other agencies for unspecified purposes without the user’s knowledge.
Fourth, as a company, Ring has long maintained that it protects the privacy of its users—but the privacy of other members of the communities in which Ring operates are also in jeopardy. In order to protect the privacy of Ring users, their neighbors, and passerbys, Ring’s default settings should be adjusted to turn off automatic audio recording whenever the device is motion activated. This will limit the number of conversations being surreptitiously and randomly recorded inside and outside of homes. This small change will decrease the chance of accidentally recording private conversations in situations where sound travels, but the people being recorded may not see the camera.
Fifth, under no circumstances should Ring integrate face recognition software into its cameras, which would enable the worst type of privacy invasion of individuals. Face recognition technology would mean that every person approaching a Ring doorbell would have their face scanned and cross-checked against a database of other faces without their consent. If connected to government-run databases, this could make it impossible for people who have had encounters with the criminal justice system to do jobs that require approaching people’s front doors or walking in residential neighborhoods. Face recognition on Ring cameras would also give users, police, and Ring employees the ability to track the whereabouts of people who walk through the neighborhood and identify when people are in or out of their homes or otherwise deviate from their usual routines.
Ring is creating an environment where every time a person walks down a public street, their movements are being recorded, stored, and made accessible to a whole host of individuals, law enforcement agencies, and Amazon. Ring’s technical reforms will better guard the security of customers, but do little to address the bigger threats to privacy that Ring poses.