Ring Doorbell App for Android Caught Sharing User Data with Facebook, Data-Miners

2020-01-28 18:16

Privacy advocates allege Ring goes so far as to silently deliver updates on Ring customer usage to Facebook, even if the Ring owner doesn't have a Facebook account.

The EFF performed dynamic analysis on the Ring for Android mobile app, using the "Mitmproxy" tool running on a Wi-Fi access point connected to the doorbell.

A Ring spokesperson told Threatpost, "Like many companies, Ring uses third-party service providers to evaluate the use of our mobile app, which helps us improve features, optimize the customer experience, and evaluate the effectiveness of our marketing. Ring ensures that service providers' use of the data provided is contractually limited to appropriate purposes such as performing these services on our behalf and not for other purposes."

Facebook for instance gathers real-time user interaction data and a unique identifier it can use to follow Ring users' activity as they move around the web.

"For consumers, this image has cultivated a sense of trust in Ring that should be shaken by the reality of how the app functions: Not only does Ring mismanage consumer data, but it also intentionally hands over that data to trackers and data-miners."

News URL

https://threatpost.com/ring-sharing-user-data-facebook-data-miners/152300/

#android #facebook

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Facebook		30	2	44	52	19	117
Android		4	0	17	2	0	19