Ring, which Amazon acquired in 2018, has come under scrutiny recently -- last month for a hacker that accessed a Ring camera in an eight-year-old girl’s room, and now for a report from the Electronic Frontier Foundation.
Earlier this week, the EFF revealed that Ring, the maker of security systems and cameras, collects data from users’ phones and shares that information with third-party trackers.
Information sent to four analytics and marketing companies were found to receive full names, email addresses, IP addresses, mobile network carriers and data about sensors installed in the phone of the users.
“The danger in sending even small bits of information is that analytics and tracking companies are able to combine these bits together to form a unique picture of the user’s device,” according to the EFF. “This cohesive whole represents a fingerprint that follows the user as they interact with other apps and use their device, in essence providing trackers the ability to spy on what a user is doing in their digital lives and when they are doing it.”
Tests using Ring for Android version 3.21.1, revealed that PII delivered data to branch.io, mixpanel.com, mobile marketing company Appsflyer, and facebook.com through Ring’s graph API. It sends an alert when the app is opened and through actions such as deactivation after the screen locks due to inactivity.
Information gets delivered to Facebook, even when the person doesn’t have an account. The data includes the time zone, device model, language preferences, screen resolution, and a unique identifier.
The blog post goes on to detail each of the sites and the type of information they receive.