Third-Party Trackers Are Pulling Your Data Off Ring’s Android App
Third-Party Trackers Are Pulling Your Data Off Ring’s Android App
Ring, the home security company owned by Amazon, promises to watch the world around you and keep your property safe. But the doorbell app is also surveilling its users, sending personally identifiable information out to third party vendors, according to a new report from the Electronic Frontier Foundation (EFF), the San Francisco civil liberties nonprofit.
Bill Budington, the senior staff technologist who wrote the report, tested the Ring for Android version 3.21.1 app, finding that it was sharing data such as IP addresses, full names, email address, information about whether bluetooth is enabled, and even sensor data from the device being used to access the app.
Budington identified four main companies that received this information, including Branch, which calls itself a “deep linking” platform (meaning it takes people to specific web pages or products). Facebook also received information such as a person’s time zone and was alerted when the app is opened. AppsFlyer, a big data firm, received information such as when users engage with the Neighbors section of the app, as well as where you installed the app from, and when it was first launched. Mixpanel, a business analytics company that tracks user engagement with apps, received the most identifiable data, such the number of locations a where a user has Ring devices installed, and users name and emails.
Analytics companies take these discrete forms of data and combine it with other internet user data to create a cohesive picture of device usage.
“This cohesive whole represents a fingerprint that follows the user as they interact with other apps and use their device, in essence providing trackers the ability to spy on what a user is doing in their digital lives and when they are doing it,” writes Budington.
This is the most recent in a long line of revelations involving Ring. For example, it partnered with more 400 police departments in sharing device images to accidentally exposing the data of more than 3,000 users, including login details and names of Ring devices (which are often labeled with terms like “bedroom”), and created neighborhood wide panopticons in which neighbors are surveilling neighbors, and paying for the privilege to do so.
Considering Amazon has a patent for “surveillance as a service” (delivery drones perform aerial surveillance at the property of an “authorized party”) along with its facial recognition technology, it’s worth considering how services you use to watch the world are also watching you.
Disclosure Read More
The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.