Amazon is facing two fines worth $30.8 million collectively over alleged privacy failures connected with its Alexa and Ring devices.
The Federal Trade Commision (FTC) issued a penalty worth $25 million relating to the e-commerce giant violating privacy law by keeping the Alexa voice recordings of children after parents had asked them to be deleted.
The US consumer protection watchdog said Amazon collects vast amounts of data about consumers, including geolocations and voice recordings, but says that parents and other users can delete this information.
However, a complaint filed by the Department of Justice claims that the company kept sensitive voice geolocation data for years and used it for its own purposes, preventing parents from exercising their deletion rights under the US Children’s Online Privacy Protection Act Rule (COPPA).
“Amazon’s history of misleading parents, keeping children’s recordings indefinitely, and flouting parents’ deletion requests violated COPPA and sacrificed privacy for profits,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection. “COPPA does not allow companies to keep children’s data forever for any reason, and certainly not to train their algorithms.”
The regulator also dished out a $5.8 million fine after its employees working for Amazon Ring, its home security camera business, illegally surveilled customers. It also said that Amazon had failed to stop hackers taking control of users’ cameras, accounts, and videos.
According to the FTC, Amazon compromised customer privacy by allowing any employee or contractor access to private videos and accused the tech giant of failing to implement basic privacy and security protections.
The Commission said that under a proposed order, which must be approved by a federal court before going ahead, Amazon Ring would be forced to delete data, models, and algorithms derived from videos it unlawfully reviewed.
The company would also need to roll out a new privacy programme including safeguards on human review of videos as well as other “stringent security controls” like multi-factor authentication for employee and customer accounts.
Levine said that Ring's "disregard" for privacy had exposed consumers to spying and harassment, adding that its order makes clear that "putting profit over privacy doesn't pay".
"While we disagree with the FTC’s claims regarding both Alexa and Ring, and deny violating the law, these settlements put these matters behind us," Amazon said in a statement, explaining that the company's devices and services are "built to protect customer privacy".
Recent Stories