What you need to know
- An investigation by EFF has revealed that the Ring doorbell app for Android is laden with third-party trackers.
- The trackers reportedly send out sensitive information such as the customers' names, sensor data, private IP addresses, and more.
- Ring app has been found to deliver users' personal information to four analytics and marketing companies – Facebook, MixPanel, AppsFlyer, and Branch.
An investigation carried out by the Electronic Frontier Foundation (EFF) has revealed that the Ring app for Android is "packed" with third-party trackers, sending out a wide range of personally identifiable information (PII) to analytics and marketing companies.
The EFF investigation found that Ring for Android v3.21.1 sends users' personal information to four analytics and marketing companies: Facebook, Branch, AppsFlyer, and MixPanel. Facebook receives alerts whenever the app is opened and upon app deactivation after screen lock due to inactivity. Even if the Ring user does not have a Facebook account, the social networking giant still receives information such as their time zone, device model, language preferences, as well as a unique identifier.
The most information, however, is sent to MixPanel. In addition to device information, the company receives users' full names, email addresses, and app settings including the number of locations they have Ring devices installed in. MixPanel also happens to be the only company to be mentioned in Ring's list of third party services. The Ring Privacy Notice, which was last updated on May 22, 2018, notes that the company uses third-party data analytics platforms "to evaluate use of its website and mobile apps."
More alarmingly, AppsFlyer receives sensor data from Ring devices. On its test device, EFF found the Ring app was sending out data from the magnetometer, gyroscope, and the accelerometer. Additionally, EFF says Ring sends some information to Google-owned crash logging service Crashalytics, although it was unable to determine the exact extent of data sharing with the service.
While the EFF used Ring for Android v3.21.1 in its testing, Ring released v3.22.1 of its app on the Play Store yesterday. At this point, however, it is unclear if the latest version of the Ring app for Android is "packed" with the same third-party trackers as v3.21.1 tested by the EFF.
