We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Amazon Fined $30 Million for Ring and Alexa Privacy Violations

Amazon Fined $30 Million for Ring and Alexa Privacy Violations
Author Image Zane Kennedy
Zane Kennedy Published on 4th June 2023 Cybersecurity Researcher

Amazon has agreed to pay a combined $30.8 million to settle privacy allegations brought forth by the Federal Trade Commission (FTC). The lawsuit revolved around privacy lapses related to Amazon's Ring doorbell units and its Alexa assistant. Of the total settlement amount, $5.8 million will be paid on behalf of Amazon’s subsidiary company, Ring.

The FTC accused Ring of failing to implement adequate security measures to prevent unauthorized access to user accounts and devices, following allegations in the lawsuit that Ring provided "every employee — as well as hundreds of Ukraine-based third-party contractors — full access to every customer video, regardless of whether the employee or contractor actually needed that access to perform his or her job function."

The FTC further stated that Ring staff and contractors "could also readily download any customer's videos and then view, share, or disclose those videos at will."

Samuel Levine, director of the FTC's Bureau of Consumer Protection, expressed his concerns: "Ring's disregard for privacy and security exposed consumers to spying and harassment. The FTC's order makes clear that putting profit over privacy doesn't pay."

In a separate but related lawsuit, Amazon's Alexa was accused of violating the FTC Act and the Children's Online Privacy Protection Act (COPPA) by unlawfully retaining the information of thousands of children through Alexa profiles. As part of the settlement, Amazon has agreed to pay $25 million.

To address the privacy concerns raised by the lawsuits, a proposed order requires Ring to delete any unlawfully accessed data and implement a robust privacy and security program, with “novel safeguards on human review of videos as well as other stringent security controls, such as multi-factor authentication for both employee and customer accounts”.

Similarly, Amazon's Alexa will be obligated to delete inactive child accounts and associated voice recordings and geolocation information, along with a general overhaul of its data deletion practices and the addition of stricter and more transparent user privacy measures. It is worth noting that the settlements are subject to court approval before they can go into effect.

Amazon responded to the settlements through a blog post on both its website and Ring's website, stating its disagreement with the FTC's claims and denying any violation of the law. The company emphasized, “We have a longstanding commitment to preserve the trust of our customers and their families”.

In similar news, Meta has recently been hit with a staggering $1.3 billion fine for GDPR violations, adding to growing concerns over how big tech companies handle user data.

About the Author

Zane is a Cybersecurity Researcher and Writer at vpnMentor. His extensive experience in the tech and cybersecurity industries provides readers with accurate and trustworthy news stories and articles. He aims to help individuals protect themselves through informative content and awareness of cybersecurity's crucial role in today's digital landscape.