Parents in Tennessee say a hacker sang songs to their children in their bedroom through a Ring camera. A Texas Ring user says she was threatened with extortion through her front doorbell camera. In Florida, another victim told local media that a hacker started screaming racial slurs at a child through a Ring. The surveillance/home security giant owned by Amazon isn’t commenting on this string of scary incidents yet, but the good journalists at Motherboard have already found criminal chat rooms where hackers are bartering Ring login information — which can be had for under $10.
Let’s get this out of the way, fast: I think bringing a Ring into your house is a terrible idea. If you must have one, make sure it faces out, at your front yard, not in, at your family. Also, make sure the sound is off, so you don’t end up in court over an illegal wiretap; and make sure you aren’t filming beyond your property, lest you run into other potential legal problems. You’d do well to post a sign saying that you are filming visitors.
And finally, enable two-factor authentication on these gadgets RIGHT NOW. It’s annoying; do it anyway. Two factor is hardly foolproof, but at least you won’t be the easiest target on the block. With all this recent news around Ring hacking, you should feel confident that we are about to see a wave of these disturbing incidents. As parents in the above examples say, hearing a phantom voice talk to your children is scary enough — consider what might have happened before the hacker announced himself.
For background on America’s privacy problem, listen to my 6-episode special podcast series, No Place to Hide
America is right now being overwhelmed by cameras and surveillance recording capabilities. The Wall Street Journal recently reported that there will soon be 1 billion active surveillance cameras online around the world. In a most extreme example, the city of Baltimore is considering a plan to put low-altitude aircraft in the skies about the city, outfitted with dozens of cameras that can keep 24-hour watch over residents there. We’ve had very little productive discussion about what this means.
In the past, U.S. discussion has focused generally on fears that the government might use cameras to oppress people or violate civil liberties. There have been robust discussions about use of facial recognition in crowds, and some law enforcement projects have been reversed with objections by the ACLU and other rights groups.
Those efforts seem a bit silly now that we live in the reality of Ring cameras. Consumers around America are willingly installing surveillance gadgets in their own homes. What’s more, they are essentially volunteering to become part of a massive law enforcement dragnet. Ring executives now self-identify as crime fighters.
This isn’t all bad. I’m all for catching package thieves, or keeping an eye on your home during a long vacation. The problem is we’ve put no guardrails around use of this data. Generally speaking, law enforcement can do whatever it wants with data that citizens volunteer. There is no due process necessary, as there would be if cops wanted to do the surveillance themselves. According to Gizmodo, 400 local police departments already have deals in place to access Ring user camera video.
If your neighborhood has a serious crime problem, then I understand the impulse to use technology and trade safety for surveillance. But has every one of those communities engaged in a robust discussion about the pros and cons? I’d venture that none of them has.
The problem is only going to get worse. A confluence of tech events has led to this moment. The Internet of Things has been knocking at our front door for a few years, promising us George Jetson convenience. IoT is here now. Connected gadgets are finally easy to use, and with 5G bandwidth coming soon, it will be practical to connedcts hundreds of them around the home. Already, storage space is cheap enough not just to film us using all these cameras, but to store the video for weeks…months….even, years. We invited George Jetson, but now, we must live with George Orwell.
The creepy Ring hacker problem is predictable collateral damage of this technology mission creep. Every time law enforcement creates a crime-fighting tool, and every time a corporation creates a database, these things become available to criminals. Sometimes, there’s token reference to security. But we’ve seen this play over and over. Tech firms always blame human error. Parents will be told it’s their fault that pedophiles were able to surveil children in their bedrooms. It’s not. It’s tech’s fault.
Predictably, what comes next is an effort to minimize these hacker incidents. They have hit only a tiny fraction of users, we’ll be told. Baby monitors have also been hacked, so this is nothing new, we’ll be told. Stop getting in the way of progress!
But this is new. This is different. Thanks to that confluence of improved bandwidth and gadgetry, the capacity of Ring camera networks to be used for criminal activity, to be misused by police, to lull people into a false sense of security — or worse, to make them numb to being watched all the time — is a clear and present danger. The time to talk about this is now.
Meanwhile, the Texas family being extorted through their Ring camera simply took out the batteries, and has left the things disabled. You might consider doing that, too, until meaningful regulations and security protections are put in place to control what these one billion cameras can do to us.