Amazon Acknowledges Sharing Ring Data With Police Without Informing Users
Amazon has provided US law enforcement agencies with data from Ring video doorbells nearly a dozen times since the start of 2022. While Amazon’s policy states that police may not view recordings without the explicit permission of the devices’ owners, that policy is superseded by subpoenas and emergency requests. Amazon confirmed that they had shared Ring footage in a letter responding to questions posed by US Senator Ed Markey (D-Massachusetts).
Amazon’s response to the Senator shows Amazon has evolved to a balanced response between user demands for privacy and law enforcement (and often user) demands for using stored doorbell video to catch thieves and criminals. Worth showing your Chief Legal Counsel if your company provides any product or service storing such data. From a Work at Home security viewpoint, Amazon Ring is the largest vendor but only has about a 15% market share. The top 5 vendors overall only represent 30% of the market – 70% of devices are sold by dozens of tiny vendors who are likely not being as diligent as Amazon. The good news from WAH point of view is many of the smaller ones don’t offer long cloud storage of video/audio but most will over time. WAH security awareness should include tips on how employees can minimize risk.
Make sure that you understand who can view your doorbell or other security footage, and under what conditions. And this reminds us that they have direct access to the data to override those processes if needed. Amazon has their Neighbors Public Safety Service which allows users to elect to share footage with law enforcement as well as a process where they will share footage in response to a court order or emergency request. In this instance, Amazon (Ring) made a good faith determination that sharing the footage was warranted, but those requests cannot be linked to a court or emergency order. If you're uncomfortable consider solutions where the footage is stored locally and only you have access to view it.
Police and other government agencies will always look to gather whatever data they can when investigating crimes or individuals. That is why strong privacy laws are so important to ensure that any such access is provided in a controlled, informed, and transparent manner and it is beyond time that the US introduced strong federal privacy laws. Privacy laws are not there to hinder police or government agencies, they are there to protect the human rights of us all.
Their "terms of service" almost universally permit holders of data to respond to "lawful" requests, i.e. warrants and subpoenas. If that is a problem for you, then do not share the data. Holders of data should be transparent about the number of such requests it receives and how they responded. Such transparency is essential to maintaining the necessary level of public trust.