Personal data stored by Ring doorbells deeply concerning

A data request submitted by the BBC has set alarm bells ringing about the data privacy regulations of doorbell company Ring.

Ring doorbells, owned by Amazon, use your home WiFi to secure your property, with an overall mission to reduce crime in communities.

But a recent data request reveals the sheer amount of data stored by the security company, including personal details.

The data record provided the documented use of a Ring 2 Video Doorbell for 129 days, from 28 September 2019 until 3 February 2020.

There were 1,939 individual "camera events" recorded and stored over the period, including:

  • A ring of the doorbell, when its button had been pressed
  • A motion picked up by the cameras' sensors
  • An "on-demand" remote action by the user to see live footage and audio of the visitor
  • An "on-demand" remote action by the user to speak to the visitor
  • The length of time the device was activated

Use of the Ring application, described as 'home security at your fingertips', was also stored in huge quantities. 4,906 actions were documented over period, including:

  • Each time the app was opened
  • Every time the user "zoomed in" to see the footage more clearly
  • Details of the beginning and end of each live-view
  • A range of different-classed screen taps
  • The model of the device used
  • The version of the device's operating system
  • The type of mobile data-connection involved
  • The network supplier

And it is not just the quantity of data stored that's concerning, but the nature of the information, and what it discloses, that is particularly worrying.

Frederike Kaltheuner, privacy expert, says: "What's most interesting is not just the data itself, but all the patterns and insights that can be learned from it.

"Knowing when someone rings your door, how often, and for how long, can indicate when someone is at home.

"If nobody ever rang your door, that would probably say something about your social life as well.

"This isn't just about privacy, but about the power and monetary value that is attached to this data".

The question is: how can Amazon use this information to potentially manipulate users in the future? What's at stake for the consumer?

The data Ring stores is rather intrusive, as it keeps a record of its customers' life.

Still, the data record does not show the full picture. Kaltheuner comments: "Data access requests only ever show us the tip of the iceberg of the amount of data that companies collect about us.

"There's huge value - and power - in collecting non-personal data for all sorts of purposes: market research, training and AI.

"Even anonymous data can have privacy implications, for instance about the collective privacy of, say, a housing block, a group of people, or a household unit".

The data companies log about us can have direct implications on our privacy and safety. The information could easily be misused and shared, possibly putting the user at risk.

People must be made aware of what information is obtained, stored, how it is used and what precautions they can take to protect themselves in this data-centric age.

This is a summary of the BBC article Amazon's Ring logs every doorbell press and app action by Leo Kelion