Ring doorbells are very useful to most people when it comes to checking out and surveilling their surroundings, neighbors, and homes. However, not many customers know the doorbells are also being used to check out their stuff and are being shared with third-parties. This means the company uses their doorbells to surveil the customers themselves. This is according to the Electronic Frontier Foundation (EEF) who does security-related investigations and studies. The app in question is the Android version of the Ring Doorbell app.
The mobile app has been discovered to be full of third-party trackers that send out personal information of customers—without the knowledge of the customers. The data being sent out are mainly personally identifiable information. The destinations include four analytics and marketing groups.
Information being received by the companies include names, mobile carriers, sensor data, and persistent identifiers on devices. All the information paints a picture of the user’s mobile device. They turn into something like a unique fingerprint that anyone can follow for tracking.
The customers have not been informed about being tracked. No consent was given and so it becomes problematic. There is no leak or misuse of data reported yet but there is clearly mismanagement of data here that may endanger the private lives of customers. What’s worse is that Ring is giving away data to trackers and probably data miners and hackers.
This discovery is ironic because Ring is supposed to keep things secure and private for customers. Ring’s surveillance system seems to be not that secure because personal and sensitive data are being shared with other parties. We have yet to hear from Ring but cross your fingers this issue will be fixed soon.
UPDATE: A spokesperson from Ring reached out to us to include the following statement regarding the issue. (Jan 28, 2020)
Like many companies, Ring uses third-party service providers to evaluate the use of our mobile app, which helps us improve features, optimize the customer experience, and evaluate the effectiveness of our marketing. Ring ensures that service providers’ use of the data provided is contractually limited to appropriate purposes such as performing these services on our behalf and not for other purposes.
On background:
• Our privacy notice states that “We do not authorize our service providers to use or disclose your personal information except as necessary to perform services on our behalf or comply with legal requirements.”
• This information may include personal information pertaining to when users interact with the app or their Ring devices to help track the adoption, performance, and success of any feature.
• Ring uses also MixPanel to target messaging within the app when new features, such as security-related settings, become available.
