Amazon Pays the Price for Alexa's Eavesdropping

By agreeing to Alexa's Terms and Conditions, users grant permission for it to listen to their conversations even when not directly addressed. However, the illicit use of the collected data remains unlawful, and Amazon is facing the consequences of such misconduct. Recently, the company led by Jeff Bezos consented to a US$30.8 million fine for retaining vocal data from children that should have been deleted.

The complaints were filed by US regulators who accused Amazon of unlawfully harnessing private information without user consent. Moreover, allegations against the company's devices, Ring and Alexa, suggested that Amazon employees intentionally spied on its customers.

The legal complaint was initiated by the Federal Trade Commission (FTC), asserting that both Ring and Alexa operatives violated legal regulations governing the storage of private data. Furthermore, the accusations indicate that Amazon intentionally neglected crucial cybersecurity measures intended to safeguard users' safety and privacy.

On one hand, the FTC legal allegations argue that Amazon's Ring exhibited cybersecurity vulnerabilities that facilitated the theft of private information and unauthorized access to users' devices. According to the accusations, these cybersecurity flaws resulted in a breach of users' privacy and is considered unconstitutional.

"Ring's disregard for privacy and security exposed consumers to spying and harassment," says Samuel Levine, Director of Consumer Protection, FTC. As per the FTC's investigation, the cybersecurity vulnerabilities uncovered in Ring enabled hackers to gain access to security cameras installed in various users' bathrooms and bedrooms.

As a consequence of this offense, Amazon is compelled to delete any illegally obtained and stored data, in addition to reinforcing its security systems with robust measures. Consequently, Ring has agreed to pay US$5.8 million as part of the settlement agreement.

The settlement also requires Amazon to pay an additional US$25 million for the mishandling of data harnessed by Alexa. Nevertheless, Amazon officials have assured that they will identify and delete any private information stored in their system's data.

While the US implements robust cybersecurity regulations and policies, Mexico appears to be lagging behind in addressing these issues. Given Mexico's lack of adequate legal regulations to mitigate and penalize such data breaches, it is possible to assume that Mexican citizens' information is inadequately protected.

The absence of regulations and oversight agencies addressing this issue makes it easier for hackers not only to target Mexican citizens but also to profit from the information they gather. In other words, without fear of retribution or government sanctions, cybersecurity breaches will persist and thrive in Mexico.