The FTC has proposed an order that will see Ring cough up $5.8 million (£4.7 million) to settle the matter.Īmazon has also agreed to pay $25 million (£21 million) to settle the Alexa-and-kids-related allegations. Unfortunately for Amazon, the US Children’s Online Privacy Protection Act requires parents to be informed of how data about kids under-13 is used, and such data is to be expunged if it is no longer needed to provide a service “And even when a parent sought to delete that information… Amazon failed to delete transcripts of what kids said from all its databases.”Īmazon argued the data retention was necessary to, among other things, train Alexa’s underlying AI models to improve the recognition of children’s voices. “Amazon retained children’s recordings indefinitely-unless a parent requested that this information be deleted,” the FTC alleged. The FTC also took on Amazon over its Alexa devices’ data-retention policies. The FTC’s complaint pointed out that Ring’s main marketing message was that it's products improve safety, yet its actions meant its products did the opposite. The complaint points out that customers were warned that Ring gave itself extensive rights to access their videos in its Terms of Service and Privacy Policy, but criticizes those documents as being a “buried half-explanation” that gave people “no reasonable way of knowing that hundreds of Ring employees and third-party contractors in Ukraine had unfettered access to live streams and stored videos.” We've previously reported stories of miscreants breaking into victim's Ring devices to terrorize them in their own homes, and of workers being fired for abusing their access to the equipment. The complaint details even nastier attacks – skip pages 13 and 14 to avoid references to incidents of a sexual nature. 90+ orgs tell Slack to stop slacking when it comes to full encryption.Amazon expands end-to-end video encryption to battery-powered Ring devices.Swatting suspects charged with subverting Ring doorbell cams and calling cops.Voice assistants failed because they serve their makers more than they help users.On another occasion “a hacker told an individual through her camera that the hacker had killed the individual’s mother and then directly threatened the individual: ‘Tonight you die’.” “Several women lying in bed heard hackers curse at them,” the complaint states, and “several children were the objects of hackers’ racist slurs.” Those breaking into people's accounts thus were able to interact with customers via their Ring devices. The miscreants also had access to users’ accounts, which is where things get worse because Ring devices provide real-time messaging and communications, the FTC pointed out. 55,000 US-based Ring customers’ accounts were therefore compromised, meaning “bad actors gained access to hundreds of thousands of videos of the personal spaces of consumers’ homes.” The FTC complaint also alleges Ring knew its cloud services were susceptible to credential stuffing and brute-force attacks but did little to stymie such efforts. Ring responded to that 2017 incident by restricting some access to vids for customer service staff, but other employees retained access to vids, the watchdog said. “Only after the supervisor noticed that the male employee was only viewing videos of ‘pretty girls’ did the supervisor escalate the report of misconduct.” Amazon opens its ad-hoc Wi-Fi-sipping Sidewalk mesh to all manner of gadgets READ MORE
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |