William Budington EFF

Ring doorbell app packed with third-party trackers  ↦

While I’m not exactly surprised at this headline and the findings shared by William Budington and the EFF, I AM, however, deeply disturbed that this is the world we now live in. So, what findings did the EFF share? Here’s a snippet…

Our testing, using Ring for Android version 3.21.1, revealed PII delivery to branch.io, mixpanel.com, appsflyer.com and facebook.com. Facebook, via its Graph API, is alerted when the app is opened and upon device actions such as app deactivation after screen lock due to inactivity. Information delivered to Facebook (even if you don’t have a Facebook account) includes time zone, device model, language preferences, screen resolution, and a unique identifier (anon_id), which persists even when you reset the OS-level advertiser ID.

Branch, which describes itself as a “deep linking” platform, receives a number of unique identifiers (device_fingerprint_id, hardware_id, identity_id) as well as your device’s local IP address, model, screen resolution, and DPI.

Some backstory on the acquisitions of Ring (and Nest)…

Google acquired Nest way back in January 2014 for $3.2 billion, in cash. Amazon acquired Ring in February 2018 for more than $1 billion. Coincidentally, Google reabsorbed Nest that very same month by folding Nest into its hardware division. The point is that those are a lot of BILLIONS. You don’t spend that many billions without a plan to make more billions. Sadly, selling access to sensitive data to third parties is a part of making those billions — at least for Ring.


Sign in or Join to comment or subscribe

Player art
  0:00 / 0:00