[Update: Ring has now responded to the claims made by The Intercept, claiming the report to be 'factually inaccurate'. The original story follows below and has also been updated with the full statement.]
A report by The Intercept claims that smart home security company Ring gave its employees full access to its customers' live camera feeds – inside, and outside the home.
Best known for its smart video doorbells, Ring was acquired by Amazon in 2018 for over $1 billion, and recently debuted its new Ring Door View Cam at CES 2019, which turns your door's peephole into a security camera.
According to The Intercept, the claims are that some Ring employees have seemingly unfettered access to customers' live camera streams, with one team set up to improve object-based recognition capturing “people kissing, firing guns, and stealing.”
As well as that, the source claims some US employees specifically have access to a video portal of customer cameras to allow them to give technical support; however, according to the report, even employees that didn't deal with customers had access to it.
A huge privacy concern
A source told The Intercept that, “I can say for an absolute fact if I knew a reporter or competitor’s email address, I could view all their cameras”. The source went on to talk about engineers “teasing each other about who they brought home” after romantic dates.
It seems that the security problem was widespread within the company, with the report claiming a group of Ukraine-based researchers had access to a folder containing “every video created by every Ring camera around the world", as well as a “corresponding database that linked each specific video file to corresponding specific Ring customers.”
In response, Ring released a statement, saying:
“We take the privacy and security of our customers’ personal information extremely seriously. In order to improve our service, we view and annotate certain Ring video recordings.
"These recordings are sourced exclusively from publicly shared Ring videos from the Neighbors app (in accordance with our terms of service), and from a small fraction of Ring users who have provided their explicit written consent to allow us to access and utilize their videos for such purposes.
"Ring employees do not have access to livestreams from Ring products.
"We have strict policies in place for all our team members. We implement systems to restrict and audit access to information.
"We hold our team members to a high ethical standard and anyone in violation of our policies faces discipline, including termination and potential legal and criminal penalties.
"In addition, we have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behavior, we will take swift action against them."
It's clear that data privacy and security is a growing concern for consumers with smart devices. In October 2018, Facebook was forced to admit that its flagship video chat devices, the Portal and Portal + listen in on video calls, with the social media giant potentially using the information for ad targeting.