John Naughton 

Why Amazon’s home security drone should set off alarm bells

Given the Ring brand’s poor record on privacy, why would anyone allow its new flying eye to patrol their house?
  
  

amazon ring drone with an english setter looking at it
Amazon’s Ring drone: ‘The totally secure networked device has yet to be invented.’ Photograph: Getty Images/Amazon

Here’s the scenario. It’s 3.30pm and you’re away from home. A burglar breaks in by forcing the french window in the living room. Shortly afterwards, two things happen. A small drone sitting unobtrusively in its housing-cum-charging-station whirs into life, and your smartphone beeps. The drone leaves its housing and begins a flight through the house on an inspection path that you have programmed into it, streaming live, high-definition video to your phone as it goes. The burglar sees and hears the drone, grasps what’s happening and flees.

Fiction? Not at all. It’s just Amazon’s latest gizmo – announced at its autumn hardware event on 24 September. It came with a nice video to illustrate the above scenario – though it featured an implausibly nervous burglar who, upon seeing the drone, fled as though he had seen a ghost. But other, less dramatic uses for the drone were suggested. It would be useful, for example, if you arrived at your non-remote workplace (remember them?) and wondered if you’d left the kitchen window open. This viewer wondered about equally mundane questions: how would the device deal with his cats, which regularly roam the house seeking surfaces that are forbidden to them when he’s physically present; how does the drone deal with closed internal doors – or indeed with the interior of any normal dwelling? Advertisements for so-called “smart” homes invariably feature the interiors of sterile, open-plan dwellings that no sane adult would wish to inhabit.

The fact that the drone is branded as a “Ring” device may have puzzled some observers, but it, er, rings a bell with those of us who monitor the tech industry. Ring is a company that was founded in 2013 as Doorbot. Its original products were a doorbell with an inbuilt video camera and a network connection, and an app, Neighbors, for online social sharing of captured footage among users. The company was acquired by Amazon in 2018 for more than $1bn and incorporated into the tech giant’s global strategy for household penetration, which had been launched with the original Echo “smart” speaker.

Ring fitted neatly into this strategic vision. After all, a video doorbell is very useful to a company that makes a lot of deliveries, especially in the old days when everybody went out to work during the day. It enables the householder to “answer” the doorbell even when not at home, and possibly communicate with the delivery person about where to leave a package, etc.

But a doorbell can only surveil what’s outside the home. The challenge for the tech industry was always: how to get inside? The Echo was a start and, to the fury of the rest of the industry, it gave Amazon a critical bridgehead in that hitherto inaccessible territory. But Alexa is not supposed to be listening to what’s going on. And, besides, she doesn’t have eyes. Ring’s Always Home drone, however, does – though the company goes to great pains to explain that when it’s docked in its cradle, the camera is covered.

What will happen next is entirely predictable. Most of the other companies will follow suit – just as the Echo spawned a legion of “smart” speakers. And, like every other surveillance device, the drone will trigger the usual discourse. Sure, it could be creepy if used unethically but – hey! – isn’t it cool that you can always check what’s going on in your house when you’re away? After all, anybody can see (and hear) when the drone is flying, so it’s not as though people won’t know if you’re spying on them. What’s not to like?

Where does one start? The obvious place is Ring’s somewhat erratic past record on security. In 2019, an investigation by Motherboard found that its devices lacked “basic security features, making it easy for hackers to turn the company’s cameras against its customers”. In January this year, an investigation of the Ring doorbell app for Android by the Electronic Frontier Foundation found it to be “packed with third-party trackers sending out a plethora of customers’ personally identifiable information (PII). Four main analytics and marketing companies were discovered to be receiving information such as the names, private IP addresses, mobile network carriers, persistent identifiers, and sensor data on the devices of paying customers.” Two weeks after the study was published, Ring announced that it was changing its privacy settings to block the company from sharing most, but not all, of their data. And so on.

This kind of thing is par for the course. The totally secure networked device has yet to be invented. And the standard response of the industry is always to shift the blame to users who have failed to take appropriate security precautions. When “smart” devices render their hapless users vulnerable, somehow it’s always the customer’s, rather than the vendor’s, fault. So here’s a useful motto when tangling with this stuff in future: for “smart” read untrustworthy.

What I’ve been reading

What’s next?
How to plan for the post-Covid future. A wide-ranging, wise essay by tech publisher Tim O’Reilly on his company’s site.

Thanks for sharing
How nearly $50tn was transferred from ordinary Americans to the 1% since 1974. A remarkable study by the Rand Corporation.

Modern family
Meet Thomas Jefferson’s great-great-great-great-great-great-grandson. A truly incredible story for our times in Smithsonian Magazine.

 

Leave a Comment

Required fields are marked *

*

*