How to block Ring transmitting my PII to third parties

I just read the following article that reveals that Ring’s mobile app has been sending my sensitive personal identifying information to third parties, including the notorious data aggregator Facebook, without my knowledge or permission:

https://www.zdnet.com/article/ring-app-for-android-full-to-the-brim-with-third-party-trackers-report

I would like Ring to provide me the IP addresses of these third-party data collectors so that I can block them in my firewall. I think this is the least Ring can do given the severity of what appears to be an unauthorized information disclosure, if not an outright data breach…

10 Likes

Agreed.

I purposely deleted my Facebook account based on that company’s policies and I don’t want them to have one shred of my data.

And while I’m not on Android (iPhone user), I wonder if the same data is being transmitted through Apple’s mobile devices also. As a paying Ring customer, I would appreciate an explanation ASAP on how to prevent my data from being shared in this manner.

4 Likes

Hi neighbors,

First and foremost, we want to remind you that at Ring, privacy is foundational - and guides every decision we make.

Like many companies, Ring uses third-party service providers to understand the use of our mobile app, which helps us improve features, optimize your customer experience, and evaluate the effectiveness of our marketing. We care deeply about providing our neighbors with the best possible experience and leverage these tools to help us do so.

We want to ensure you that these service providers’ use of the data provided is contractually limited to appropriate purposes, such as performing these services on our behalf, and not for other purposes. Ring is not in the business of selling customer information.

For more information, please reference our Privacy Notice on Ring.com/privacy.

Thank you neighbors.

1 Like

Ring,

Thanks for replying and the link to the privacy document. But that document doesn’t describe any of the third-party contractural limitations you speak of, and doens’t explain why organizations we as users have nothing to do with should agree to share our data with them. Can you address the specific third party concerns raised in the ZDNet article? It doesn’t look good at all right now. Kind of a Snowden moment for Ring.

4 Likes

Concur with this. This is unacceptable, and without strong response will be cancelling my account and removing my ring.

6 Likes

Concur…this is not acceptable! I posted in the News section just now - if Ring does not immediately stops this ridiculous practice, I will pull my account out and move to a different smart doorbell…

At this point, I am wondering even more things - is Ring selling our video data that is stored in the cloud? are they tracking ‘who’? e.g. delivery from Amazon and then somehow tracking my ‘habits’…for f’s sake, this is madenning.

5 Likes

That is not correct. In the ZNet article it stated that it was proven that personal data was sent to third parties that were not under any contractual stipulations by ring.

1 Like

@seanmc12 wrote:

That is not correct. In the ZNet article it stated that it was proven that personal data was sent to third parties that were not under any contractual stipulations by ring.

The word “contract” isn’t even in the ZDNet article at the top of this thread. Don’t make things up.

Anyone reading this in the EEA can excercise the right to object to processing in these cases under article 21. Further under 18 1(d) you have a right to stop processing in this way until the matter is settled.

In addition you can request verbally, by email or even on here to have access to all the data they hold on you, including who they have shared your data with and to what extent by putting in a DSAR under Article 15.

Finally, if you are certain that they have shared data with some evil corporation without your knowledge it would be rasonable to reuest what Third Party Processing agreement is in place to establish the framework and restrictions between the two parties. If one doesn’t exist or explained in contract they are breaking the law.

Remember, if you feel that large companies should be held accountable you can make a complaint to your countries Data Protection Authority. In the UK this is the ICO and you can contact them as follows:

Webchat: ico.org.uk/livechat,

Phone: 0303 123 1113.

Perryw,

You are misinterpreting “contractual”. The article states that Ring has no contractual “customer-vendor” relationship with its customers that permit passing this information on to third parties:

“Ring claims to prioritize the security and privacy of its customers, yet time and again we’ve seen these claims not only fall short but harm the customers and community members who engage with Ring’s surveillance system,” the digital rights group added. “This goes a step beyond that, by simply delivering sensitive data to third parties not accountable to Ring or bound by the trust placed in the customer-vendor relationship.”

Look at the types of data Ring is sending: Email addresses, physical phone identifies, sensor information, and other PII that have zero bearing on Ring’s service. For example, what business is it of Ring’s, or anyone elses, what my phone’s sensors are sensing? The ring doorbell and other devices operate AT MY HOUSE, not in my phone! Yet ring never disclosed they shared this data (go read the privacy agreement).

Sorry, but Ring has a lot to answer for here. This is a data breach and needs to be treated as one under the law. That, in my opinion, means immediate redaction and compensation.

2 Likes

TinRobot, that’s cold comfort for the vast majority of Ring customers, who are not in the European Economic Area, but in the US.

They remain as guilty entities always do. Admitting only to what has been discovered, disclosing nothing further, pasting their preprinted announcements on their stonewall. They are in damage control mode. Alarms are going off and they’ve thrown up a nice, serene screen to hide the chaotic churn behind the curtain. A sci fi big brother response.

They need to tell us HOW sharing our data helps achieve a better user interface in the app. What has been developed as a result? They need to offer transparency on all of the ways they use the info. Propriety be darned. I am sure they will now custom tailor a privacy policy to address our concerts going forward. They got caught, but I have a feeling what we know to be true, is only a very tiny part of the whole picture. Maybe these corporations that want to control the world are sharing all of their data with each other and are therefore building a map of users. That kind of data can be parsed and cross-sectioned in a multitude of ways. Some of it generalized (X% of users are categorized Y, a subset of Z). Depending on data you have supplied, I’m sure they can pull a thread, if needed, and scope down to individual hairs. At any rate, it’s probably nothing to do with an altruistic concern of the “user” experience. It has everything to do with increasing their power to manipulate. It’s for them. Not us. That kind of data is gold. It IS the Facebook model. Provide something useful for free or low currency cost. Payment will be rendered in souls.

1 Like

You state “We want to ensure you that these service providers’ use of the data provided is contractually limited to appropriate purposes, such as performing these services on our behalf, and not for other purpose”. Since when have any rules ever stopped Facebook from selling or losing personal information? IE: Facebook broke British law by failing to safeguard user data, and by not telling tens of millions of people how Cambridge Analytica harvested their information for use in political campaigns, British authorities announced Tuesday. … The British company worked on DT’S 2016 presidential campaign. You’re kidding me right? Lol

Should file a class action lawsuit against Ring.

Absolutely unacceptable…I’m at a loss for words.

This is concerning…and just par for the course with 99% of all apps and smart devices out there. Can’t even piece together your own stuff cause it’s all made in China. Who knows where all our data goes…everything should be opt in, not opt out, and not buried in a 30 page ‘privacy policy’ document that could be reduced to 2 pages.
We just moved into a house that has a ring installed. I was getting ready to activate it but after reading this zdnet article, I am not doing that now.