Amazon faces fines worth $30m over privacy breaches

The Federal Trade Commission (FTC) has issued Amazon with two fines worth $30.8 million over privacy failures.

One penalty worth $25 million related to the tech giant violating privacy law by keeping the Alexa voice recordings of children after parents had asked them to be deleted.

The US consumer protection watchdog said Amazon collects vast amounts of data about consumers, including geolocations and voice recordings, but says that parents and other users can delete this information.

However, a complaint filed by the Department of Justice claims that the company kept sensitive voice geolocation data for years and used it for its own purposes, preventing parents from exercising their deletion rights under the US Children’s Online Privacy Protection Act Rule (COPPA).

“Amazon’s history of misleading parents, keeping children’s recordings indefinitely, and flouting parents’ deletion requests violated COPPA and sacrificed privacy for profits,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection. “COPPA does not allow companies to keep children’s data forever for any reason, and certainly not to train their algorithms.”

The regulator also dished out a $5.8 million fine after its employees working for Amazon Ring, its home security camera business, illegally surveilled customers. It also said that Amazon had failed to stop hackers taking control of users’ cameras, accounts, and videos.

According to the FTC, Amazon compromised customer privacy by allowing any employee or contractor access to private videos and accused the tech giant of failing to implement basic privacy and security protections.

The Commission said that under a proposed order, which must be approved by a federal court before going ahead, Amazon Ring would be forced to delete data, models, and algorithms derived from videos it unlawfully reviewed.

The company would also need to roll out a new privacy programme including safeguards on human review of videos as well as other “stringent security controls” like multi-factor authentication for employee and customer accounts.

Levine said that Ring's "disregard" for privacy had exposed consumers to spying and harassment, adding that its order makes clear that "putting profit over privacy doesn't pay".

"While we disagree with the FTC’s claims regarding both Alexa and Ring, and deny violating the law, these settlements put these matters behind us," Amazon said in a statement, explaining that the company's devices and services are "built to protect customer privacy".

    Share Story:

Recent Stories

Bringing Teams to the table – Adding value by integrating Microsoft Teams with business applications
A decade ago, the idea of digital collaboration started and ended with sending documents over email. Some organisations would have portals for sharing content or simplistic IM apps, but the ways that we communicated online were still largely primitive.

Automating CX: How are businesses using AI to meet customer expectations?
Virtual agents are set to supplant the traditional chatbot and their use cases are evolving at pace, with many organisations deploying new AI technologies to meet rising customer demand for self-service and real-time interactions.