Multiple Amazon Privacy Breaches Result in A $30.8 Million FTC Fine

CryptoMode Amazon Ring Childen Privacy

The U.S. Federal Trade Commission (FTC) has recently levied a substantial fine on e-commerce behemoth Amazon, following several significant breaches in user privacy. The cumulative fine of $30.8 million marks a considerable milestone in regulatory action against privacy lapses associated with smart devices such as Amazon’s Alexa assistant and Ring security cameras.

Amazon & Children’s Privacy: The Heart of the Matter

Out of the total fine, $25 million was explicitly imposed due to children’s privacy rights violations. Amazon has been found guilty of retaining Alexa voice recordings of children for indefinite durations, thereby contravening established laws. Further, it was observed that the company hindered parents’ attempts to exercise their rights to delete these recordings.

FTC’s Samuel Levine articulated, “The recurring pattern of Amazon deceiving parents, preserving children’s recordings perpetually, and disregarding parents’ deletion requests stands in violation of the Children’s Online Privacy Protection Act (COPPA). Amazon has prioritized profits at the expense of privacy.”

Check out our weekly crypto and fintech newsletter here! Follow CryptoMode on Twitter, Youtube and TikTok for news updates!

In response to these severe infringements, the court has ordered Amazon to erase all the information it had gathered. This data includes inactive child accounts, geolocation data, and voice recordings. Furthermore, the retail giant is now barred from utilizing such data to fine-tune its algorithms and must explicitly inform customers of its data retention practices.

Additional Penalties for Unauthorized Access to Private Videos

The retail giant agreed to pay an additional $5.8 million in customer refunds due to privacy violations. Amazon permitted virtually unrestricted access to private videos recorded via Ring cameras to its employees and contractors, resulting in severe breaches of users’ privacy.

Elucidating one such instance, the FTC reported that “an employee viewed thousands of video recordings over several months. These videos belonged to female Ring users and surveilled private areas within their homes. Unfortunately, the misconduct only came to light when another employee stumbled upon it.”

Inadequate Security Measures and Their Consequences

The FTC criticized Amazon for not sufficiently notifying customers or securing their consent before using the captured recordings for product enhancements. Furthermore, it criticized the company for not installing sufficient security measures to protect Ring user accounts.

These glaring breaches exposed users to credential stuffing and brute-force attacks. In addition, these attacks enabled malefactors to hijack user accounts and gain unauthorized access to video streams.

The FTC expounded on the consequences of such violations, stating, “Malicious actors viewed customers’ videos and misused Ring cameras’ two-way functionality to intimidate, threaten, and insult consumers, including the elderly and children. They also manipulated essential device settings.”

Impact of Lax Policies on Amazon Customers

In a horrifying revelation, the FTC detailed incidents of hackers taunting children with racist slurs, making sexual advances to individuals, and threatening physical harm to families if a ransom wasn’t paid.

As a direct consequence of these lax policies, more than 55,000 U.S. customers reportedly had their accounts compromised between January 2019 and March 2020.

This Amazon debacle underscores the dire need for companies to prioritize user privacy and secure their platforms meticulously. As the digital world evolves, the magnitude of this FTC action serves as a stern reminder for businesses everywhere to uphold customer privacy or face severe penalties.              

None of the information on this website is investment or financial advice. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website.