Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Ring's app caught spying on users, sharing data with third-parties

Last updated

Amazon's Ring for Android app is loaded with third-party trackers harvesting a "plethora" of customer data, a new investigation claims — and an Amazon engineer for the product wants it completely shut down.

The Electronic Frontier Foundation has discovered that third-party tracking software within the Ring doorbell app is sending customer data to four analytics and marketing companies, including Facebook, Google, MixPanel and AppsFlyer. That data includes personally identifiable information such as names and private IP addresses.

Facebook, for example, is alerted when users open the Ring app, as well as when they perform certain device actions. Mobile analytics company AppsFlyer is sent a similar mix of data, but also receives information collected from a device's sensors including its gyroscope and magnetometer. The information sent to MixPanel, another data analytics firm, includes a user's full name, email address, device data and app settings.

While Ring also sends data to Google's Crashalytics service, the EFF wasn't able to determine the extent of the sharing in the report published on Tuesday.

The EFF points out that even small bits of user data can be combined by tracking firms to create a larger picture of a user's digital habits. That "fingerprint" could allow third-party companies to surveil what users are doing across various apps and devices.

Importantly, the nonprofit group claims that this tracking is taking place without a user's knowledge, consent or ability to disable it.

The data collected is sent over encrypted HTTPS and is delivered in a way that eludes analysis, the EFF said. The investigation's methodology included observing that data flow via man-in-the-middle techniques, a tactic often used by hackers to intercept internet traffic.

Since the EFF investigation focused on Ring's Android app, it isn't clear whether the iOS version has similar privacy risks. Apple's App Store Review Guidelines do include provisions that protect users from many data collection practices, however.

In light of the potential for abuse and other privacy risks, at least one Amazon engineer is calling for the smart doorbell company to be shut down.

"The deployment of connected home security cameras that allow footage to be queried centrally are simply not compatible with a free society. The privacy issues are not fixable with regulation and there is no balance that can be struck," said Max Eliaser in a Medium post. "Ring should be shut down immediately and not brought back."

Repeat offender

This isn't the first time Ring has been in the spotlight for alleged privacy blunders.

In 2019, The Intercept reported that both engineers and executives at Ring had "highly privileged access" to live feeds from customer cameras. And earlier this month, Ring fired four employees who had allegedly abused that access to spy on customers.

Privacy advocates have also raised concerns about Ring's links to law enforcement, as well as the potential implementation of facial recognition in a platform already beset by surveillance and privacy controversies.

Ring's response

Following publication of this story, a Ring spokesperson reached out to AppleInsider

"Like many companies, Ring uses third-party service providers to evaluate the use of our mobile app, which helps us improve features, optimize the customer experience, and evaluate the effectiveness of our marketing," Ring said. "Ring ensures that service providers' use of the data provided is contractually limited to appropriate purposes such as performing these services on our behalf and not for other purposes."



32 Comments

Panamaniak 5 Years · 41 comments

Yikes, here we go again. My parents have these and admin them on Android phones. Tried to get me some for Xmas, I took a hard pass, specifically for this reason. 

I do want some security cams for my home, but won’t install until I do enough research to put together a proper closed circuit system that doesn’t rely on 3rd party cloud monitoring. 
These are our homes we’re talking about, I don’t get how people just turn their privacy over so easily. I guess the convenience out weighs the risk?

supadav03 10 Years · 503 comments

And this is why I laughed when I saw Ring’s new commercial for smart home security systems, fire alarms, leak detectors, etc. This company/brand cannot be trusted to protect the consumer, no way am I allowing them into my house with more products. 

mjtomlin 20 Years · 2690 comments

Just wait until we start getting these kind of reports on Echo and other Alexa enabled devices.

Although in all fairness (if that can be applied), it was the app and not the device. Even though I would assume the app has access to the devices.

JinTech 9 Years · 1061 comments

Is it time for Apple to get into this market just so we can have safe and secure doorbell cameras?

AnotherBrick 5 Years · 43 comments

Today’s news: ”Ring spying on users” headline. Checks calendar: Yes, it’s Tuesday. Ok headline, see you again next week.