Amazon’s smart-doorbell firm Ring has fired FOUR members of staff for snooping on customers’ video feeds without permission
- Amazon’s Ring responded to a letter sent to Jeff Bezos on its security practises
- Revealed that in the last four years Ring had terminated four employees
- It said the sacked staff had authorised access to video feeds as part of their job
- But they were deemed to have abused this ability and fired as a result
Amazon’s smart doorbell company Ring has admitted it fired four employees after they abused their ability to view customer video feeds.
Ring made the admission in a letter to five US senators, after they quizzed the tech firm on its security practices.
It revealed that, in the last four years, there had been four separate instances which resulted in termination.
Each individual had access to user video as part of their job role but was deemed to have ‘exceeded what was necessary for their job functions’.
It is unknown what footage the employees were viewing and what they were watching when judged to have overreached.
Scroll down for video
Ring revealed that in the last four years there had been four separate instances of staff abusing their ability to view customer video, which was part of their job role, and was deemed to have ‘exceeded what was necessary for their job functions’ (file photo)
Ring says that as well as terminating those who violated company policy, it has also restricted how much access employees have to customer video feeds.
The letter reads: ‘In addition to taking swift action to investigate and take appropriate disciplinary action in each of these cases, Ring has taken multiple actions to limit such data access to a smaller number of team members.
‘Ring periodically reviews the access privileges it grants to its team members to verify that they have a continuing need for access to customer information for the purpose of maintaining and improving the customer experience.’
The letter to Democratic Senators Ron Wyden, Edward Markey, Chris Van Hollen, Chris Coons, and Gary Peters was received this week.
It was a reply to a letter sent to Jeff Bezos on November 20 and in the intervening six weeks Ring has been struck with several privacy breaches.
In December, an eight-year-old girl in Mississippi had obscenities shouted at her through the doorbell after a hacker seized control of the device.
It has also been reported that more than 3,000 Ring cameras were left vulnerable to hackers due to a software flaw.
It is unknown the extent to which this flaw was exploited, but it is possible the login credentials of users were taken.
Senator Chris Coons also sent a letter to Facebook last month, along with Republican Senator Josh Hawley, which revealed the social media platform can track a person’s whereabouts even after they have opted out of precise location tracking.
Facebook stops tracking location data specifically when a user opts out but it admits that it can piece together various piece of information to determine where they are.
Tagged photos or locations as well as addresses for purchases on the site’s shopping section provide clues to where a user is, as well as IP address information.
WHAT ELSE DID RING REVEAL IN ITS LETTER TO US SENATORS?
Ring spoke in its letter to the five senators of how its security scandals have been portrayed.
In the introduction, it says: ‘As expected for any rapidly growing company, Ring’s data security and privacy practices have evolved over time.
‘Unfortunately, recent media reports have inaccurately portrayed Ring’s security practices, and we hope our letter today will correct some of those inaccuracies.’
When quizzed on how it used the footage and if it was encrypted for security, Ring replied with an emphatic ‘yes’.
It added: ‘Ring encrypts video footage both in storage and transmission, and Ring stores video on encrypted Amazon Web Services servers.’
Ting was more opaque when answering questions on its security testing.
Asked about if it conducts in-depth assessments of its security and if it has external audits and how often these were performed, both questions were answered with the preamble ‘Ring routinely conducts assessments’ – but failed to say how often this is done.
All it did say was that an internal team conducted two audits in 2019. The extent of these is unknown, a Ring cite the need for confidentiality in order to ‘protect against future attempts by bad actors’.
Ring also denied that its Ukraine-based R&D team unrestricted access to an Amazon web server with every Ring video ever created, refuting media reports.
‘The R&D team in Ukraine can only access publicly available videos and videos available from Ring employees, contractors, and friends and family of employees or contractors with their express consent,’ it writes in the letter.
And it revealed ‘a very limited number of employees (currently three) have the ability to access stored customer videos’. This, it claims, is to maintain its AWS infrastructure.
Ring also failed to rule out the possibility of adding Amazon’s controversial Rekognition facial recognition technology to its products.
Instead of clarifying if it would implement this feature in future models,it named rivals that offer facial recognition technology in their products.
However, none of these products use Rekognition, accused in 2018 of trying to sell its technology to ICE to help suppress immigrants in the US.
Ring stated that employees with access to video are unable to identify a person or vehicle from the information they have access to.
Ring revealed that in the last four years it was forced to terminate four members of staff who overstepped their reach when looking at customer video.
Source: Read Full Article