$10,000 bounty offered if you can hack Ring cameras to stop them sharing your data with Amazon

Did you watch this year's Super Bowl? If you did, maybe you're one of those who were sat at your sofa fuming about Ring camera's TV ad.

The ad focuses on Ring's new "Search Party" feature - an AI-driven feature that is designed to help locate lost pets by enlisting nearby video doorbells and cameras. In the ad, a family's dog goes missing, and Ring cameras across the neighbourhood scan their footage in search of the animal.

Ring probably hoped that the ad would sell the "Search Party" feature in a heartwarming way. But, in reality, many people were freaked out that technology was once again proving itself to be huge privacy concern.

As one person commented on social media as the backlash to the ad began:

"If they can identify a dog they can identify you."

Another Ring owner posted on Reddit:

"The Super Bowl commercial was the last straw. They want to sell me hardware, sell me a subscription to run the hardware, sell me a subscription to monitor my system, and then sell all of my information to nefarious actors. They're basically sacrificing my community's privacy and security, and charging me for the experience. It's not worth it."

Others posted videos of themselves destroying their Ring devices in protest, and online forums were ablaze with discussions about data ownership and consent.

And it's against that backdrop that the Fulu Foundation, a nonprofit organisation focused on device ownership rights, has offered a US $10,000 bounty for anyone who can find a way to run Ring doorbell cameras locally, cutting off the flow of video data to Amazon's servers.

The Fulu Foundation is not offering a bounty in the traditional sense of hunting for a security vulnerability that can be patched. Instead, any winner of the bounty will need to demonstrate a method that allows affected Ring cameras to operate locally and redirect footage to the owner's own computer or server, without transmitting video footage to Amazon's cloud services.

In short, the goal is to give Ring camera owners greater control over where their footage goes.

"In an ideal world, device owners would be able to modify that software to instead push that footage to their own computer or server, should they so choose," said Kevin O'Reilly of the Fulu Foundation. "

This isn't the first time Ring has found itself in hot water over privacy.

For instance, in 2023 the US Federal Trade Commission alleged that Ring failed to adequately protect customers' privacy and security, including allowing employees access to customer videos.

One employee was reported to have viewed thousands of recordings of women in their bedrooms and bathrooms. Ring was ultimately required to make US $5.8 million worth of refunds to customers as a result, as well as delete unlawfully obtained videos, and implement stronger privacy and security protocols.

Whether anyone ultimately claims the bounty remains to be seen. But the underlying question isn't going away: if you've bought a security camera, shouldn't you be the one deciding where its footage ends up, and how it is used?