Ry Crist, reporting for CNet:
Ring, the Amazon-owned video doorbell and home security
company, came under renewed criticism from privacy
activists this month after disclosing it gave video
footage to police in more than 10 cases without users’ consent
thus far in 2022 in what it described as “emergency
situations.” That includes instances where the police didn’t
have a warrant. [...]
The disclosure, released in response to questioning from
Sen. Ed Markey, a Democrat from Massachusetts, comes after
years of extensive and controversial partnerships between Ring
and various police institutions. Now privacy advocates at
organizations like the Electronic Frontier Foundation say that
warrantless footage requests endanger civil liberties.
While Ring stands alone for its extensive history of police
partnerships, it isn’t the only name I found with a carveout
clause for sharing user footage with police during emergencies.
Google, which makes and sells smart home cameras and video
doorbells under the Nest brand, makes as much clear in its terms
“If we reasonably believe that we can prevent someone from dying
or from suffering serious physical harm, we may provide
information to a government agency — for example, in the case of
bomb threats, school shootings, kidnappings, suicide prevention
and missing persons cases,” Google’s TOS page on government
requests for user information reads. “We still consider
these requests in light of applicable laws and our policies.”
Others, most notably Apple, use end-to-end encryption for user
video as the default setting, which blocks the company from
sharing user video at all.
“HomeKit Secure Video is end-to-end encrypted, meaning even Apple
cannot access it,” a company spokesperson said.
Surveillance camera systems that don’t use end-to-end encryption should have a policy where footage is shared with third parties if and only if device owners have explicitly opted in to sharing footage with any entity, including the police, including in emergencies, without a warrant. Not just some small print in a long terms of service agreement, but a simple explicit dialog box along the lines of Apple’s “Ask not to track” opt-in. And in all cases, owners should be immediately notified when footage has been shared, with all pertinent details: what footage, shared with whom, for what reason.
I don’t know what Amazon is thinking with regard to this cozy-with-the-police policy with Ring. It’s the number one reason people are saying “Fuck no” regarding their prospective acquisition of One Medical. I’m no expert on HIPAA, but it looks like the law here in the U.S. has several carveouts allowing/requiring medical providers to share personal health records with law enforcement. So as a consumer, what it comes down to is trust. I trust every doctor I have an ongoing relationship with, and if I didn’t, I’d find new doctors.
I think Amazon has a good reputation on privacy — except for their ongoing stewardship of Ring. And handing camera footage over to police without a warrant is a big exception. I don’t know what Ring is worth to Amazon financially, but I genuinely wonder if they’ve done more reputational harm to Amazon’s overall brand than Ring is worth dollar-wise.
★ Wednesday, 27 July 2022