A recent report from Bloomberg explains that Amazon employees in India and Romania use Cloud Cam recordings to “train” the device’s AI so it can more accurately discern security threats—like someone smashing a window, for example—from mundane activity. While potentially creepy, it’s not unheard of; For all the existential fear we foist on smart devices and AI, they still require human input to “learn.”
The real issues, however, are how these recordings are obtained in the first place and whether they’re securely stored, and it turns out Amazon’s not doing a great job of either. Go figure.
Something doesn’t add up
Amazon claims that no Cloud Cam footage is viewable by anyone other than yourself unless you send a video recording in for troubleshooting purposes. Furthermore, nowhere on any product description page nor in the user agreement does it say Amazon employees can access your Cloud Cam recordings.
Yet, as the anonymous Amazon employees told Bloomberg, Amazon doesn’t explain to employees how the clips are chosen, and based on their descriptions it seems highly unlikely the company is simply using “voluntarily submitted” footage. Unsurprisingly, recordings often include information or subject matter most folks want to keep private—including sex, phone conversations, and personally-identifying info.
But even if we give Amazon the benefit of the doubt and assume all footage being watched was voluntarily sent in by users, it’s being woefully mishandled. While the report says Amazon forbids employees to use their smartphones in facilities where the footage is watched, Bloomberg’s sources refute this, and even claim that footage is shared between employees and often makes its way onto the internet.
Here’s the thing, though: while alarming for customers, Bloomberg’s report isn’t surprising. I say this not to admonish Cloud Cam users or diminish Amazon’s culpability—the company clearly isn’t being fully honest with its customers—but there’s a pattern, here. We know Amazon uses recordings to train its AI products, including Alexa devices and Ring security cameras, whether or not users were aware of it; the Could Cam is just the latest example.
How to make your Amazon AI products more secure
To be fair, Amazon isn’t the only company guilty of mishandling user recordings. However, other companies Google and Apple have discontinued similar “training” methods for its AI-driven products and have expanded their privacy controls due to user outcry and government suspicion. Amazon has capitulated to giving users more control over their Alexa voice recordings, but the company has been routinely outed for how poorly it handles user privacy. There are ways to mitigate potential security concerns, however:
As we suggested for Ring camera users, always install your Cloud Cam in a place you don’t mind being seen by others. Avoid areas like bedrooms and bathrooms unless, for whatever reason, it’s absolutely mandatory you have a security camera present.
If possible, disable the device(s) while you’re home during the day. Otherwise, tape those suckers up when you don’t want something recorded.
If you ever have to send in a clip for review, be selective about what you send, and always assume someone is going to look through the footage. The wisest thing is to simply not send in any footage at all.
If you can’t be bothered to micromanage your devices and recordings, or you’re wary of the constant report of lacklustre privacy protocols, just don’t use Amazon’s products.
As I said earlier, Google and Apple have stopped some of their own human-based AI training programs. That’s in no way full-throated support for either company—both have their own privacy issues—but they seem more receptive to user feedback and offer a bit more control over your data than Amazon in this regard. Google’s Nest products are a decent alternative, in this regard (though when it comes to privacy in general, I still recommend going with Apple over Google when possible).