Amazon Ring Video Doorbell

Warning: *privacy not included with this product

Smart Home Video Doorbells

Amazon Ring Video Doorbell

Amazon
Wi-Fi

Review date: Nov. 8, 2021

|
Mozilla researched 8 hours
|

Mozilla says

|
People voted: Super creepy

These little HD video capturing, motion-detecting, two-way talking video doorbells let you be Big Brother in your own home. See who is at the door on your phone, tablet, or PC. Ask the UPS person to drop the package off behind the planter when you're still at the office. Or catch video of the neighborhood porch pirate to share with the cops. Just beware, even though Amazon Ring did address some of our privacy concerns with updates earlier in 2020 like adding mandatory two-factor authentication, these cameras still have some noted potential privacy issues that worry us.

What could happen if something goes wrong?

Amazon’s Ring security cameras and video doorbells are the most widely used home video cameras in many parts of the world today. As one expert from US privacy org the Electronic Frontier Foundation put it, "Ring has steadily been becoming one of the largest surveillance apparatuses in the nation.” And as wise comic book profit Stan Lee reminds us, “With great power comes great responsibility.” Has Amazon Ring lived up to that great responsibility? Not exactly.

Ring has a history of not protecting users' privacy. At one point they reportedly stored customer data--including video recordings--unencrypted on an Amazon cloud server and employees could access any of this data. There have also been reported data leaks and concerns that the Ring Doorbell app is full of third-party trackers tracking a good amount of personal information that Amazon Ring doesn’t disclose. They have gotten more transparent in their privacy and data deletion practices, which we appreciate. And they added two-factor authentication to help protect users in 2020, which was a great step forward. One we here at Mozilla pushed hard for.

Then there is the problematic relationship Ring has with law enforcement where questions of racism, warrantless surveillance, and police overreach still linger. While Amazon says they are distancing themselves from law enforcement access to users' video and requiring more transparency in the process, they are still facilitating law enforcement access with this product and the Neighbors app and that leaves us concerned.

Finally, there are the questions of privacy violations of the neighbors of people who use home surveillance cameras — not just Ring but all of home surveillance cameras. A recent court case in the UK highlighted this when a woman sued her neighbor for infringing on her privacy when his Ring security cameras were found pointed at her home. Not only could his cameras see her, they could also listen to her as well. She won her case and $137,000.

All in all, these security cameras still raise too many questions about transparency, data protection, public safety and racism in our opinion and we feel could come with *privacy not included.

Tips to protect yourself

  • Turn on Two-factor Authentication
  • Check if your address is exposed through the Neighbor app
  • Don't share your login-in information
  • Review sharing options for your data, if you have multiple people in the neighborhood
  • Make sure you are comfortable with the fact that local police may require the footage. Think about all of the personal events cameras inside and outside of your home will capture.
  • Use strong passwords & unique usernames
  • Delete footage as often as you can
  • Limit third-party trackers in the Ring app
mobile Privacy warning Security A.I.

Can it snoop on me? information

Camera

Device: Yes

App: Yes

Microphone

Device: Yes

App: Yes

Tracks location

Device: Yes

App: Yes

What can be used to sign up?

What data does the company collect?

How does the company use this data?

Ring says they do not sell data. However, it shares it with numerous third parties, for purposes that include marketing. In January 2020, Electronic Frontier Foundation (EFF) found out the Ring app is sharing data with many others trackers not mentioned in the policy. Also, EFF discovered that the data shared with the trackers included full names, email addresses, device information such as OS version and model, whether Bluetooth is enabled, and app settings such as the number of locations a user has Ring devices installed in. Even small amounts of information allow tracking companies to form a “fingerprint” that follows the user as they interact with other apps and use their device, allowing trackers to spy on a user’s digital life.

How can you control your data?

You may delete your recordings from Ring Protect at any time by accessing your account. In addition, to the extent required by applicable law, you may have the right to request access to or delete your personal data (that is, if you are covered by CCPA or GDPR). No retention details are provided.

In addition, law enforcement can make a video request in the Neighbors app to ask the community to assist in an investigation. Police who download videos from customer cameras may be able to keep them indefinitely, depending on local laws.

What is the company’s known track record of protecting users’ data?

Needs Improvement

In November 2019, a security vulnerability in Amazon's Ring Video Doorbell Pro devices could have allowed attackers to exploit the internet-connected doorbell to intercept the owner's Wi-Fi credentials.

In 2019, Motherboard reported on how Ring's weak security and compromised email addresses and passwords left Ring cameras easy to hack.

In December 2020, a class action lawsuit was filed alleging lax security measures at Ring, allowed hackers to take over their devices.

In August 2020, security researchers from Check Point pointed out a flaw in Amazon's Alexa smart home devices that could have allowed hackers access to personal information and conversation history. Amazon promptly fixed the bug.

In October 2020, Amazon fired an employee for leaking customer email addresses to an unnamed third party.

In October 2019, Forbes reported that Amazon employees were listening to Amazon Cloud Cam recording, to train its AI algorithm.

In April 2019, it was revealed that thousands of employees, many of whom are contract workers and some not even directly employed by Amazon, had access to both voice and text transcripts of Alexa interactions.

Can this product be used offline?

No

User-friendly privacy information?

Yes

Ring has a webpage dedicated to explaining its privacy pillars and answering frequently asked questions

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

Videos are encrypted in storage and during transmission. Ring is offering end-to-end encryption. https://blog.ring.com/2020/09/24/ring-announces-end-to-end-encryption-privacy-security-and-user-control-updates/

Strong password

Yes

Two-factor authentication is now mandatory after major pressure from Mozilla and other groups.

Security updates

Yes

Manages vulnerabilities

Yes

Amazon has a bug bounty program, which means that anyone who finds a security issue and discloses it responsibly may get paid.

Privacy policy

Yes

Ring has a webpage dedicated to explaining it's privacy pillars and answering frequently asked questions

Does the product use AI? information

Yes

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Ring cameras use camera-based motion detection to start recording.

Is the company transparent about how the AI works?

Can’t Determine

Does the user have control over the AI features?

No

News

Ring's police problem never went away. Here's what you still need to know
CNET
On the eve of one of the biggest events of the year for the video doorbell developer, questions still linger about its commitment to privacy and security.
Ring doorbell 'gives Facebook and Google user data'
BBC
The Electronic Frontier Foundation found the Ring app was "packed" with third-party tracking, sending out customers' personally identifiable information.
Ring Neighbors Is the Best and Worst Neighborhood Watch App
New York Times
Security cameras and doorbell cameras can make people feel safer, but they also raise privacy concerns. Over the past year, a rash of news stories have focused on Neighbors, a feature that’s part of the Ring ecosystem. Specifically, the Internet has been abuzz over Amazon’s decision to work with law enforcement, which allows agencies to push emergency information out to users, but also can provide a direct feed of public user activity to connected police departments. We share our readers’ concerns and skepticism over some of the company’s practices and claims.
Ring doorbells to send live video to Mississippi police
BBC
Police in Jackson, Mississippi, are asking residents to connect their smart doorbells to a real-time surveillance centre, in an effort to fight crime. The mayor said the video streams would only be looked at if a crime was committed in the area. Amazon, which owns the best-selling smart doorbell Ring, said that it was not an official partner in the scheme
Ring's new privacy and security features prove that hardware isn't the only important thing
CNET
Smart home device maker Ring has been one of my biggest challenges as a product reviewer to date. It certainly isn't alone: Facebook, I'm looking at you. But testing Ring doorbells and security cameras has raised so many additional questions for me about a reviewer's role in recommending -- or not recommending -- a product.
Amazon’s Ring is the largest civilian surveillance network the US has ever seen
The Guardian
In a 2020 letter to management, Max Eliaser, an Amazon software engineer, said Ring is “simply not compatible with a free society”. We should take his claim seriously. Ring video doorbells, Amazon’s signature home security product, pose a serious threat to a free and democratic society. Not only is Ring’s surveillance network spreading rapidly, it is extending the reach of law enforcement into private property and expanding the surveillance of everyday life. What’s more, once Ring users agree to release video content to law enforcement, there is no way to revoke access and few limitations on how that content can be used, stored, and with whom it can be shared.
Poll: How Americans Feel About Nextdoor, Neighbors, and Police Partnerships
Mozilla
The United States is in the midst of a reckoning with racism and policing. At the same time, an array of neighborhood-based social platforms — like Nextdoor and Neighbors by Ring — purport to keep American neighborhoods safer by partnering with local police. But often, these platforms and partnerships deepen division rather than quelling it.
Amazon's helping police build a surveillance network with Ring doorbells
CNET
If you're walking in Bloomfield, New Jersey, there's a good chance you're being recorded. But it's not a corporate office or warehouse security camera capturing the footage -- it's likely a Ring doorbell made by Amazon. While residential neighborhoods aren't usually lined with security cameras, the smart doorbell's popularity has essentially created private surveillance networks powered by Amazon and promoted by police departments.
Amazon hit with major data breach days before Black Friday
The Guardian
Amazon has suffered a major data breach that caused customer names and email addresses to be disclosed on its website, just two days ahead of Black Friday.
Amazon Fired Employee for Leaking Customer Emails
Vice
Over the past few days Amazon has informed some customers that it has fired an employee for leaking customer email addresses to an unnamed third party.
Ring, 2FA, and a Win for Consumers
Mozilla
Today, Amazon announced that two-factor authentication (2FA) is now mandatory for all Ring users. In recent months, several stories have emerged about Ring users being hacked, harassed, and spied on. This extra layer of security will help prevent further episodes.
Ring Doorbell App Packed with Third-Party Trackers
EFF
Ring isn't just a product that allows users to surveil their neighbors. The company also uses it to surveil its customers. An investigation by EFF of the Ring doorbell app for Android found it to be packed with third-party trackers sending out a plethora of customers’ personally identifiable information (PII). Four main analytics and marketing companies were discovered to be receiving information such as the names, private IP addresses, mobile network carriers, persistent identifiers, and sensor data on the devices of paying customers.

Related products

Arlo Video Doorbell

Arlo

Arlo Video Doorbell
Netatmo Smart Video Doorbell

Netatmo

Netatmo Smart Video Doorbell
Blink Video Doorbell

Amazon

Blink Video Doorbell
Eufy Video Doorbells

Eufy

Eufy Video Doorbells

Comments

Got a comment? Let us hear it.