Posts

Amazon Alexa and Ring Settlements

FTC Settlement: Amazon’s Alexa, Ring Security Cameras, and Privacy Laws

Amazon Alexa and Ring Settlements

Amazon recently reached a settlement with the Federal Trade Commission (FTC) and the Department of Justice (DOJ), agreeing to pay $31 million in civil penalties for consumer privacy violations associated with the company’s Alexa voice assistant devices and Ring doorbell cameras. The DOJ alleged that Amazon engaged in a number of unreasonable privacy practices, ultimately resulting in an FTC settlement involving Amazon’s Alexa, Ring security cameras, and privacy laws.

The use of home security cameras and other internet-connected devices to spy on and illegally record customers has triggered several high-profile lawsuits, including a recent invasion of privacy claim against Arlo Home Security System in California. In the Amazon case, the tech behemoth was accused of violating federal laws by using Alexa voice devices and Ring doorbell cameras to unlawfully collect voice and video data, including data from children. The FTC and the DOJ said that Amazon illegally stored voice information, geolocation information, and video recordings without user permission. Moreover, the tech giant allegedly failed to delete kids’ Alexa recordings when those removals were requested by parents. The FTC and the DOJ filed complaints against Amazon in federal court, and now those cases have been settled: Amazon agreed to pay $25 million for its Alexa privacy violations that compromised children’s data and another $6 million for Ring privacy violations that exposed users to surveillance, threats, and harassment.

To learn more about the DOJ and FTC settlements reached with Amazon over the company’s Alexa voice service and home security cameras, keep reading this blog.

Federal Trade Commission Accuses Amazon of Invading Privacy of Alexa Users

The Amazon settlement resolved two separate claims filed against the tech company by the FTC:

  1. A claim that Amazon’s Alexa service was being used in violation of federal child privacy laws.
  2. A claim that the Ring doorbell cameras were being used to illegally spy on customers.

The FTC’s Alexa complaint was filed in the United States District Court for the Western District of Washington, and it alleged that Amazon violated both the Federal Trade Commission Act (FTC Act) and the Children’s Online Privacy Protection Act (COPPA) by deceiving parents about how data collected by the Alexa devices would be utilized. Specifically, the FTC alleged that Amazon unlawfully recorded children’s voices and maintained their geolocation data while telling parents that they could delete voice recordings and other data collected by the Alexa app.

What Is Amazon’s Alexa Service?

Amazon’s Alexa is a cloud-based voice assistant service that is used by millions of Americans. Alexa allows consumers to interact with technology designed to make their lives easier. For example, Alexa can be used to check the weather, learn the latest news developments, perform online searches for information, listen to music and audiobooks, play games, order products from Amazon.com, and stream content on smart TVs. Global sales of Alexa devices have topped more than half a billion, with use of the Alexa voice service increasing every year since it reached the market. This includes more than 800,000 children under the age of 13 who have their own Alexa profiles.

Alexa devices are made by both Amazon and third-party manufacturers, meaning that the technology is available on hundreds of millions of devices. Although Amazon’s marketing of its Alexa service and Echo devices claims that they are “designed to protect users’ privacy,” the fact that the Alexa mobile application is connected to the internet means that the data recorded by the device is accessible online and exposes users to scary breaches of their privacy.

Amazon Violations of the FTC Act

Section 5 of the Federal Trade Commission Act (FTC Act) prohibits companies from engaging in “unfair or deceptive acts or practices in or affecting commerce.” Amazon was accused of committing multiple violations of Section 5 of the FTC Act:

  • Falsely representing that users of the Alexa app could delete their geolocation data upon request.
  • Falsely representing that Alexa users could delete voice recordings, including voice recordings of their children.
  • Unfair privacy practices that caused substantial injury to users of the Alexa service.

Amazon Violations of the Children’s Online Privacy Protection Act (COPPA)

The Children’s Online Privacy Protection Act (COPPA) is a federal law that was passed by Congress in 1998, and it was intended to strengthen general privacy laws with specific protections for minors under the age of 13 who use the internet. The impetus for COPPA was a rise in websites that were secretly collecting the personal data of children. The COPPA Rule is codified in Section 1303(b) of COPPA, 15 U.S.C. § 6502(b), and Section 553 of the Administrative Procedure Act, 5 U.S.C. § 553. The COPPA Rule imposes strict requirements on the operators of commercial websites that target children: these websites must notify parents about the information collected. COPPA also requires website operators to give parents the option to delete their kids’ information at any time.

Although Amazon specifically promised Alexa users in a “Children’s Privacy Disclosure” that the company would delete their data upon request, the FTC alleged that Amazon continued to maintain children’s data long after such requests had been made. FTC consumer protection chief Samuel Levine observed that COPPA explicitly forbids companies “from keeping children’s data forever.”

Moreover, even in those instances when Amazon did erase the data, they reportedly retained written transcripts of the children’s recordings in a database that was accessible by employees. Amazon did not disclose to parents that the company was keeping the written transcripts and continuing to access them. FTC Commissioner Alvaro Bedoya said that Amazon deceived parents about its data deletion practices by failing to comply with parental requests to erase children’s voice data collected by Alexa. This was a violation of federal laws meant to protect children against online threats and privacy invasions.

Amazon tried to justify its actions by saying that it kept children’s voice information to improve the company’s voice recognition algorithm, to help the company better respond to voice commands, and to give parents enough time to review the information. According to Amazon, the algorithm is a form of artificial intelligence (AI) that learns and gains capabilities as it acquires more information. Artificial intelligence has become extremely controversial as an increasing number of tech companies have started to introduce AI products and applications into the marketplace. This is one reason that it was so important for the FTC to send a strong message to Amazon and others that using AI and other technologies to invade customer privacy will not be tolerated by the government. The Amazon Alexa settlement will bar the company from using children’s data to train the company’s algorithms.

Amazon Settles FTC Case Alleging Alexa Consumer Privacy Invasions

Samuel Levine, the FTC consumer protection chief, commented on the Amazon Alexa settlement and highlighted “Amazon’s history of misleading parents, keeping children’s recordings indefinitely, and flouting parents’ deletion requests.” All of these actions violated the Child Online Privacy Protection Act (COPPA) and “sacrificed privacy for profits.”

The Alexa settlement with the FTC includes a number of provisions:

  • Amazon must pay a $25 million civil penalty.
  • Amazon can no longer use children’s geolocation data or voice information for the purpose of creating or improving company products.
  • Amazon must delete any inactive Alexa accounts belonging to children.
  • Amazon must notify all users about the FTC action against the company, as well as the settlement.
  • Amazon is prohibited from misrepresenting its privacy policies in the future, especially as they pertain to geolocation data, voice recordings, and children’s voice information.
  • Amazon must create and strictly enforce a privacy program related to geolocation data.

As part of the Amazon Alexa settlement, the company will have to implement privacy safeguards for child users. The company will also have to make significant changes to the way it stores Alexa data: there will be a requirement that Amazon delete certain information right away so that underage children won’t have their information exposed. Amazon has also agreed to delete child accounts that are inactive, as well as voice data and geolocation data from active accounts.

In the wake of the Alexa settlement, FTC Commissioner Alvaro Bedoya warned companies “sprinting to do the same” thing as Amazon that they should think twice, especially if their products will be used by kids. Bedoya, who has two children of his own, said that “nothing is more visceral to a parent than the sound of their child’s voice.”

Department of Justice Files Complaint Against Amazon for Invading Privacy of Ring Home Security Camera Users

The Federal Trade Commission (FTC) doesn’t just protect children’s privacy; the agency is committed to protecting the privacy of all consumers. That’s why the FTC and the Department of Justice (DOJ) brought a second case against Amazon alleging that the tech giant violated federal law by allowing employees and contractors to access Ring doorbell cameras used by customers, with the access leading to illegal surveillance of the customers. Additionally, the FTC said that Ring did not take sufficient actions to stop hackers from accessing customer cameras.

Amazon Subsidiary Company Ring Sells Home Security Cameras

Ring is a subsidiary company of Amazon that primarily sells home security cameras, doorbells, and other accessories that are connected to the internet. Amazon has sold more than one million indoor cameras to customers in the United States and internationally. These cameras are typically used on the exterior entryways of a home, but they can also be used as indoor cameras to monitor private spaces such as bedrooms and bathrooms. It is these indoor cameras that were frequently targeted by Ring employees and hackers looking to spy on customers, with nearly 40% of all Ring devices that were compromised being either Stick Up Cams or Indoor Cams marketed primarily for indoor use.

Amazon bought Ring in 2018 for roughly $1 billion. Although most of the alleged privacy violations happened before Amazon acquired Ring, the parent company is still liable for any violations of federal law. Ring security cameras are marketed by Amazon as affordable cameras that can be attached to houses or, more commonly, to doors so that users can monitor entry into their homes. But while customers believed that they were securing their homes by using Ring cameras, they were actually exposing their homes to nefarious actors – many of whom were employed by Amazon.

DOJ Complaint Against Amazon for Ring Doorbell Cameras

The Justice Department filed its Ring complaint on behalf of the Federal Trade Commission (FTC) in the U.S. District Court for the District of Columbia. The complaint alleged that Amazon violated Section 5 of the FTC Act in connection with the company’s Ring cameras.

Ring Security Cameras Illegally Accessed by Company Employees

According to the DOJ complaint, Ring home security cameras were accessed by company workers who subsequently spied on and harassed customers. In fact, the workers who gained access to the devices were also able to communicate directly with customers and threaten them. There were documented instances of female customers being cursed at in their bedrooms, children being subjected to racist slurs, and a number of Ring customers receiving death threats. These same individuals harassing and terrorizing Ring customers also used the cameras to set off false alarms and to change home security settings.

The Ring home security videos were reportedly available to every employee, and this was true for all customer videos over a period of several years. The complaint filed by the Department of Justice in federal court stated that Ring “gave every employee…full access to every customer video.” Beyond allowing unauthorized access, Ring’s lapses when it came to customer security also meant that company employees were able to download customer videos and then share those videos freely with anyone. The videos could be downloaded, saved, and even transferred by both Ring employees and contractors based out of Ukraine.

Ring Employees Spied on Customers

One Ring employee allegedly accessed and viewed thousands of recordings from Ring security videos being used by female customers. According to the FTC, this employee targeted 81 different women who were using the Ring Stick Up Cams. The employee’s criminal actions included focusing searches on Ring cameras with names suggesting that they had been placed in customer bedrooms or bathrooms. The illegal spying reportedly continued for months before Ring took any action at all to stop it.

Another Ring employee was accused of accessing a camera belonging to a female employee and subsequently spying on her by watching video recordings stored on her account.

These privacy beaches continued for months and, in many cases, years before Ring finally took action to limit what the FTC called “dangerously overbroad access” and impose any kind of technical or procedural restrictions on employees who were trying to access customers’ home security videos. Additionally, the FTC complaint stated that Ring did not obtain consent for human review of video recordings, and that the company “buried information in its Terms of Service and Privacy Policy.” This meant that consumers had no way of knowing that Ring employees had access to their stored videos.

Ring Exposed Consumers to Cyberattacks by Hackers

Ring also had insufficient security measures to protect customer information against hacking, which led to some customer accounts being compromised via credential stuffing and brute force attacks. The FTC alleged that the doorbell company’s failure to fix “bugs in the system” allowed hackers to access customer cameras and, in some cases, to harass and frighten customers. This stemmed from “system vulnerabilities,” which Ring failed to repair despite knowing that the problems existed.

During one cyberattack committed against Ring, more than 55,000 U.S. customers had their Ring accounts compromised. Nearly 1,000 of these customer accounts had their stored videos unlawfully accessed, which included viewing, downloading, and sharing of recordings, livestream videos, and customer profiles.

Amazon Settles Ring Consumer Privacy Complaint

The Ring settlement with the DOJ and the FTC requires Amazon to pay $5.8 million. That money will be used to issue refunds to Ring customers who were affected by any privacy violations and data breaches. The settlement also requires Amazon to delete Ring data that had been stored since before Amazon acquired the company. Amazon must also implement new privacy and security measures to ensure that consumer data is not exposed or compromised, including multi-factor authentication before access is granted to customer accounts.

Both the Alexa settlement and the Ring settlement will need to be approved by federal judges before they take effect.

California Laws Protecting Consumers Against Invasion of Privacy: CIPA, CCPA, CLRA, and UCL

California’s consumer protection laws are among the strongest in the country, with the California Invasion of Privacy Act (CIPA), the California Consumer Privacy Act (CCPA), the Consumers Legal Remedies Act (CLRA), and the California Unfair Competition Law (UCL) providing robust protections against invasion of privacy, false advertising, and consumer fraud that go even further than federal laws like the FTC Act and COPPA. For example, companies that do business in California are not allowed to expose or share the sensitive personal information that you disclose when you use their products, services, or websites.

California’s digital privacy and consumer protection laws also explicitly prohibit companies from illegal wiretapping on websites, unauthorized recording of online chats, sharing the personal data of customers, false advertising that misleads consumers, and other deceptive business practices.

Contact the California Consumer Protection Attorneys at Tauler Smith LLP

Did you purchase or use a home security camera, doorbell camera, Alexa device, or any other internet-connected device? If so, your privacy may have been invaded in violation of both federal and California state laws. The experienced Los Angeles consumer protection lawyers at Tauler Smith LLP can help you file a civil suit for invasion of privacy and get financial compensation. Call 310-590-3927 or email us today.

Tom Girardi Indicted for Embezzlement

Tom Girardi Indicted for Embezzlement

Tom Girardi Indicted for Embezzlement

Disgraced California lawyer Tom Girardi was indicted for embezzlement by a federal grand jury. The charges stem from allegations that Girardi engaged in highly unethical and illegal behavior, which included using private judges affiliated with the national arbitration company JAMS to steal millions of dollars from his clients. The U.S. Department of Justice (DOJ) announced the felony charges against Girardi after the grand jury formally indicted him. U.S. Attorney Martin Estrada observed that Girardi “preyed on the very people who trusted and relied upon him the most—his clients—and brought disrepute upon the entire legal profession.”

For more information about Tom Girardi’s indictment and his connection with JAMS, keep reading this blog.

Who Are Tom Girardi and Erika Jayne?

Tom Girardi used to be a well-respected attorney. For many years, the prominent Los Angeles lawyer was known for being a dogged defender of the powerless as they filed class action lawsuits against corporations. As the founder of California law firm Girardi & Keese, he represented plaintiffs in a number of high-profile cases, including Brian Stow’s civil suit against Major League Baseball. Stow was the San Francisco Giants fan who sustained severe injuries during an attack at a Los Angeles Dodgers game. Girardi also represented the plaintiffs in the case against Pacific Gas & Electric Co. dramatized in the Julia Roberts movie Erin Brockovich.

Outside of the courtroom, Girardi became known for being the husband of “Real Housewives of Beverly Hills” star Erika Jayne, who eventually filed for divorce from Girardi. They were married for 21 years. After the split, the couple listed their Pasadena home for sale at a price of $13 million. Jayne has also been accused of illegally using funds meant for Girardi’s clients to cover her own personal expenses, including the purchase of expensive diamond earrings.

Federal Grand Jury in California Indicts Tom Girardi on Wire Fraud Charges

As a plaintiff’s attorney in California, Tom Girardi was responsible for negotiating settlements in mass tort lawsuits. Instead of sending the settlement funds to his clients, however, Girardi allegedly deposited the money into law firm accounts that he later accessed for his own personal use. A federal grand jury in California has now indicted Girardi on charges that he embezzled $15 million from clients over a period of 10 years, resulting in the DOJ bringing formal charges against him for five counts of wire fraud. If Girardi is convicted of wire fraud, he could be sentenced to 20 years in federal prison.

Martin Estrada, the United States Attorney for the Central District of California, issued a statement about the case after the grand jury indictment was announced. Estrada said that Girardi is “accused of engaging in a widespread scheme to steal from clients and lie to them to cover up the fraud.”

FBI Acting Assistant Director in Charge Amir Ehsaei also weighed in on the charges against Girardi. Ehsaei said that the disgraced attorney “created a mirage over several years in order to disguise the fact that he was robbing clients of large sums of money…to fund his lavish lifestyle.” Ehsaei observed that Girardi’s alleged theft came at the expense of clients who were enduring significant hardships of their own as they desperately awaited settlement funds to cover medical bills and other expenses. The clients’ unfamiliarity with the legal process made it possible for Girardi to take advantage of them.

What’s Next in the Criminal Case Against Tom Girardi?

Last year, Tom Girardi was reportedly diagnosed with Alzheimer’s and dementia. At his initial appearance in federal criminal court, United States Magistrate Judge Karen L. Stevenson ordered a mental competency hearing to determine whether Girardi is fit to stand trial on the criminal charges. In the meantime, Girardi’s bond was set at $250,000 and he was released to the custody of his brother Robert Girardi. The next hearing will occur in the U.S. District Court for the Central District of California.

The Girardi Keese law firm is no longer operational, having declared bankruptcy with more than $100 million in total debt. Additionally, Girardi was disbarred as a result of the alleged embezzlement and cannot act as an attorney in California. He has been living at the Belmont Village Senior Living Facility in Burbank, CA.

Erika Jayne and Others Accused of Business Fraud with Tom Girardi

Also criminally charged along with Tom Girardi is Christopher Kamon, who served as the chief financial officer of Girardi’s law firm for more than a decade. According to law enforcement officials, Kamon was the person who handled financial accounting for the firm. Federal prosecutors believe that Kamon committed wire fraud offenses by embezzling client funds for personal expenses.

Additionally, Girardi’s son-in-law David Lira has been accused of fraud in connection with the Girardi & Keese firm. A federal grand jury in Chicago issued an indictment against both Girardi and Lira on charges filed by the U.S. Attorney’s Office. They have been accused of stealing more than $3 million in settlement funds from clients whose families were killed in the 2018 Boeing Lion Air Flight 610 crash in Indonesia.

Erika Jayne Sued for Fraud

A civil suit has also been filed that accuses Tom Girardi’s estranged wife, reality TV star Erika Jayne, of participating in the illegal fraud scheme. The trustee overseeing the bankruptcy of Girardi’s law firm filed the lawsuit against the Real Housewives star after reportedly discovering that Jayne received $25 million in transfers from the law firm to her company, EJ Global LLC. She then allegedly used the money to pay personal expenses, such as her credit card bill, personal assistant salaries, and a fashion and makeup team. Jayne has denied having any knowledge of Girardi’s alleged embezzlement of client funds.

JAMS Mediators Allegedly Helped Tom Girardi Embezzle Money from Clients

According to the Department of Justice, Tom Girardi was able to get away with embezzling client funds by placing onerous requirements on clients to access their settlement money. For example, Girardi often told clients that they needed to get authorizations from JAMS judges in order to receive the funds. The JAMS private judges were overseeing the lawsuit settlements and had control over how and when the funds were distributed. Many of these judges had personal relationships with Girardi, creating an obvious conflict of interest for the alternative dispute resolution company.

Over the years, there have been many other instances of JAMS judges being biased in favor of certain litigants and showing favoritism in their rulings. In fact, several JAMS mediators and arbitrators benefited financially from their involvement in Girardi’s fraud by charging as much as $1,500 per hour for their work on his cases. Beyond that, JAMS reportedly made millions of dollars by providing mediators to oversee Girardi’s settlements.

Contact the Los Angeles Arbitration Attorneys at Tauler Smith LLP

Tauler Smith LLP is a California law firm that helps individuals, small business owners, and others bring class action lawsuits against JAMS. If you were involved in an arbitration or mediation that was administered by JAMS, you may have a legal claim against the company for the way they handled your case. Call 310-590-3927 or email us today to discuss your options with one of our experienced Los Angeles arbitration attorneys.