Ring promised "strict policies" on who could see your cameras. The FTC found the truth: employees and contractors in Ukraine and the Philippines had unrestricted access to every customer's video feed. One employee watched a woman through her bedroom camera for months. Contractors downloaded and shared private footage. There were no access controls. No audit logs. No limits at all. For years, anyone with a Ring employee login could watch anyone in any room of their home. The FTC fined Ring $5.8 million -- roughly 58 cents per device sold. The company that sells security cameras couldn't secure them from its own staff. Ring told customers they were "in control" of their footage. In July 2022, Amazon admitted to Senator Ed Markey that Ring had handed police video from customers' doorbells without a warrant or the owner's consent -- at least 11 times that year. Over 2,000 police departments had partnerships with Ring. Officers could request footage from any doorbell in a neighborhood. Amazon denied warrantless sharing until Senator Markey pressed them under oath. Senator Markey called it "a surveillance network that threatens civil liberties." You bought a doorbell camera to watch your porch. The police were watching through it too -- and nobody asked your permission.
What they claim: Ring's privacy page states customers have "control" over their footage and that Ring "does not provide law enforcement agencies with direct access" to user cameras.
What we found: In July 2022, Amazon confirmed to Senator Ed Markey that Ring had provided police with doorbell camera footage without a warrant or owner consent in at least 11 cases that year alone, citing "emergency" exceptions. Over 2,000 law enforcement agencies had formal partnerships with Ring through the Neighbors app, allowing police to request footage from any Ring camera within a geographic area without a warrant. Senator Markey called Ring "a surveillance network that threatens civil liberties." Amazon initially denied warrantless sharing, then admitted to it under congressional questioning. Ring eventually ended police ability to request footage through the Neighbors app in 2023 -- but only after years of operating as a de facto police surveillance network. Ring still complies with legal demands and emergency requests without requiring warrants.
What they claim: Ring markets its doorbells as protecting your home and family.
What we found: In December 2025, Amazon rolled out "Familiar Faces" — AI-powered facial recognition for Ring doorbells. The system scans the face of every person who approaches the camera, including delivery drivers, neighbours, and passersby who never consented. Faceprints are encrypted and stored in Amazon's cloud. The feature was blocked in Illinois, Texas, and Portland under biometric privacy laws. The EFF warned it could be "repurposed for mass surveillance." Senator Markey warned delivery drivers would be forced to "surrender biometric data." Amazon also partnered with Flock, an AI surveillance camera company used by police and ICE. A doorbell that scans every face that passes your house and stores the data in Amazon's cloud.
What they claim: Ring promotes the Neighbors app as a "neighborhood watch" tool that helps communities "stay safe" and "look out for each other."
What we found: Research by the Electronic Frontier Foundation, ACLU, and academic studies documented that Ring's Neighbors app disproportionately flagged Black and brown individuals as "suspicious." Posts describing "suspicious person" rarely identified any criminal activity -- just people existing in neighborhoods. Ring actively encouraged police departments to promote Ring cameras to residents, creating a corporate-sponsored surveillance network. Vice and MIT Technology Review investigations found Neighbors app posts reinforced racial stereotyping. Amazon integrated Ring data with its Alexa ecosystem, expanding the surveillance network's reach. Civil liberties organizations called Neighbors a privatized surveillance system that deputized homeowners into racial profiling without accountability.
What they claim: Ring states it gives customers "control" over their devices and data, and that new features are designed with "privacy in mind."
What we found: In 2021, Amazon automatically enrolled Ring devices (and Echo devices) into Amazon Sidewalk -- a mesh network that shares a portion of customers' home internet bandwidth with nearby Amazon devices and neighbors. Sidewalk was enabled by default with no prior opt-in consent. Customers who missed the announcement found their Ring doorbells sharing their WiFi with strangers' Amazon devices. Security researchers raised concerns that the mesh network expanded Amazon's data collection footprint across entire neighborhoods. Opting out required navigating through the Alexa app settings -- not the Ring app. Amazon gave customers a few weeks' notice in a blog post before auto-enrolling millions of devices into a bandwidth-sharing network they never agreed to.
What they claim: Ring states it collects data "to provide and improve" its security services and does not sell personal information.
What we found: Ring's app embeds third-party trackers including Facebook Analytics, Google Analytics, and AppsFlyer that transmit user behavior data to advertising networks. The Ring app sends device information, interaction data, and usage patterns to these trackers. Ring is owned by Amazon, the world's third-largest digital advertising company ($46.9 billion in ad revenue in 2023). Ring's privacy policy permits sharing data with Amazon affiliates for "business purposes." Motion detection patterns from Ring cameras reveal when residents are home and when they're away -- behavioral data with direct advertising value. The integration between Ring and Amazon's ecosystem means a security camera company feeds data to an advertising company. You bought a camera. Amazon bought your daily routine.
What they claim: Ring states it has "strict policies" governing employee access to customer data and that "only a limited number of authorized team members" can access video for specific purposes.
What we found: The FTC found that Ring employees and third-party contractors in Ukraine and the Philippines had unrestricted access to customer video feeds for years. One employee watched a female customer's bedroom camera for months without her knowledge. Contractors viewed, downloaded, and shared customers' private videos. Ring had no meaningful access controls, no audit logging, and no limits on which videos employees could watch. The FTC ordered Ring to pay $5.8 million in consumer refunds in May 2023 and required the company to delete data and implement a comprehensive privacy program. Ring's "strict policies" amounted to nothing -- any employee with credentials could watch any customer in any room.
What they claim: Ring markets its cameras as security devices to "help protect your home and family" with "peace of mind" and "privacy and security built in."
What we found: In December 2019, a hacker accessed a Ring camera in Ashley LeMay's home in DeSoto County, Mississippi -- placed in her 8-year-old daughter Alyssa's bedroom. The stranger spoke to the child through the camera, saying "I'm Santa Claus, I'm your best friend." The family had owned the camera for four days. The same week, multiple families across Tennessee, Florida, and Georgia reported identical intrusions -- strangers speaking to them through hacked Ring cameras. Ring had no mandatory two-factor authentication at the time. Ring blamed "credential stuffing" and said customers should use stronger passwords, shifting responsibility to the victims. Class action lawsuits were filed. A device marketed for family safety became the exact thing it was supposed to prevent: a stranger in a child's bedroom.
What they claim: Ring markets its products with "privacy and security built in" as a core feature and states it uses "industry-leading security practices" to protect customer data.
What we found: Ring launched in 2013 and did not offer end-to-end encryption until January 2022 -- nine years of customer video transmitted and stored without E2E protection. During those nine years, Amazon and Ring employees could technically access customer footage (and the FTC proved they did). When encryption finally arrived, it was opt-in, not default. Most users never enabled it. Even with E2E encryption enabled, metadata -- motion detection timestamps, device identifiers, WiFi network information, and camera activation events -- remains unencrypted and accessible to Amazon. The company sold millions of cameras recording inside people's homes for nearly a decade before adding the most basic protection for that footage.