Amazon Ring

(Source – Shutterstock)

No lord for the Ring as Amazon gives data to police without user consent

Up until now, businesses have been collecting as much information as they can about the preferences, routines, and identities of their existing and potential consumers, transaction by transaction – frequently and at most times without the customers’ awareness. However, when it comes enforcement agencies seeking data, it may be a different scenario.

According to a report by Reuters, Amazon’s Ring doorbell device, which records videos of a homeowner’s home’s exterior, has so far this year given footage to police enforcement 11 times without the user’s consent.

The information was revealed in a letter from the company that was recently made public by Senator Edward Markey, a lawmaker interested in privacy. This development is sure to cause more privacy and civil liberty concerns regarding the company’s video-sharing agreements with US police departments.

“In each case, Ring made a good-faith determination that there was an imminent danger of death or serious physical injury to a person requiring disclosure of information without delay,” said Brian Huseman, Amazon’s vice president for public policy, in the letter.

Interestingly, Ring, which Amazon acquired in 2018, has frequently stated that police cannot access recordings unless they are supplied with them directly or are made publicly available. However, this does not apply to subpoenas and other urgent requests. Although the company’s policy permits sharing of this information without user consent, this letter marks the first time the corporation has acknowledged that it has done so.

The company added 2,161 law enforcement organizations to its Neighbors Public Safety Service, which enables law enforcement and other parties to request footage from Ring owners.

Reuters reported that Senator Markey stated in a statement that “increasing law enforcement reliance on private surveillance creates a crisis of accountability.”

Amazon’s Ring said in a statement that it adhered to the law.

Apart from Amazon Ring, how do other companies use users’ data?

When compared to other IoT camera brands on the market, Arlo’s stands out since they publicly announced on International Privacy Day in 2019 that they will never share, sell, or otherwise monetize the data of their users. This sounds like a slight dig against Amazon’s Ring, which also was grappling with a variety of privacy concerns at the time.

A merger, acquisition, reorganization, sale of assets, a spinoff of assets into a separate business, or similar transaction, or in the event of insolvency or bankruptcy, are the only situations in which Arlo would sell, transfer, or otherwise share some or all of its assets, including Personal Information.

Better yet, if anything were to happen, Arlo would notify their users.

The fact that this issue dates back several years ago only serves to demonstrate that Amazon Ring is adhering to its existing privacy policy.

Although, they have a reason for doing so. The company has stated that “the law authorizes companies like Ring to provide information to government entities if the company believes that an emergency involving danger of death or serious physical injury to any person, such as a kidnapping or an attempted murder, requires disclosure without delay.”

Huseman denied explaining when Ring technology can record audio or how sensitive the audio recordings are in the letter. He noted that audio can be simply disabled by users.

He also denied promising that Ring data will always be encrypted from beginning to end. While end-to-end encryption is an option, several features would be disabled.

Markey stated that he and others had introduced a bill aimed at limiting law enforcement access to such information and expressed his concern that Amazon and other tech companies would start using biometric data in their systems.

How might this impact consumers in Asia?

Just like the EU’s GDPR, Asian privacy laws are starting to become stricter, especially in data management and data transfer. China for example will be implementing stricter data transfer regulations in the coming months while countries in Southeast Asia also continue to ensure privacy is a priority when dealing with data.

While most IoT recording devices like cameras in public places, CCTVs, and such are used for surveillance purposes, devices at home are meant to be private. However, it is important to note that the network these devices are on could be potentially hacked, giving cybercriminals access to such devices.

One thing is for certain, most Asian laws require consent in order to collect, use, and distribute personal data about individuals. Therefore, users should feel secure knowing they won’t ever, hopefully, experience this problem.