Amazon has settled two fines this week for alleged privacy violations in regard to its Ring and Alexa devices. The charges total nearly $31 million.
The Federal Trade Commission said on Wednesday that Amazon violated the Children’s Online Privacy Protection Act Rule (COPPA Rule) with its Alexa voice assistant by keeping sensitive data such as geolocation “for years” and “used it for its own purposes.”
According to the complaint, Amazon kept voice recordings and geolocation data (despite assuring users such information could be deleted) and illegally retained it to improve its Alexa algorithm.
“Amazon’s history of misleading parents, keeping children’s recordings indefinitely, and flouting parents’ deletion requests violated COPPA and sacrificed privacy for profits,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection, in a statement. “COPPA does not allow companies to keep children’s data forever for any reason, and certainly not to train their algorithms.”
The proposed order calls for Amazon to pay $25 million in civil penalties and delete inactive child accounts and geolocation data. The company will also be restricted from using such data to train its algorithms.
In a separate complaint, the FTC says Amazon’s home-security system, Ring, compromised user privacy by failing to implement safeguards against hackers, employees, and contractors from having access to consumers’ private videos and information.
According to the complaint, a former Amazon employee surveilled female users with Ring devices in intimate places such as bathrooms and bedrooms “for several months.”
The settlement also calls for $5.8 million in consumer refunds.
“While we disagree with the FTC’s claims regarding both Alexa and Ring, and deny violating the law, these settlements put these matters behind us,” Amazon said in a statement to Entrepreneur, adding that the issues regarding Ring were addressed “years ago” and “well before the FTC began its inquiry.”