Users of Amazon Ring and Echo have only about a week to opt-out of the tech giant’s sketchy new IoT service, Footpath. The feature goes live on June 8th and promises to share an encrypted sliver of your home network with the networks of other nearby Amazon IoT device users as a way to “improve services.” Unless you specifically tell it not to, Amazon will automatically enroll you in Footpath, which — it’s easy to imagine — could lead to some potentially unwanted privacy and security issues down the road.
What Actually is Amazon Footpath?
Footpath works like this: users pool a small, encrypted portion of their personal network with those of other nearby Amazon product users. It’s essentially a bandwidth-sharing arrangement that promises improved service for devices in certain circumstances. Amazon uses the examples of a smart lighting product set up at the edge of a user’s property or a garage door lock that happens to be located in a poor coverage zone. In both scenarios, the product may use Footpath to receive “connectivity support from a participating neighbour’s gateway” and thus continue to operate if “the device falls offline for a period of time,” as the company puts it. Similarly, Amazon claims that Footpath can be used to bolster the connectivity of pet-finder devices and allow for continued tracking of a lost pooch or feline who has wandered outside the reach of a pet owner’s personal network.
Yet while all of this may be true (and it’s yet to be proven that that’s the case), it’s also a service that could come with some unexpected privacy and security problems, too.
Why It’s a Concern
If the idea of sharing part of your network with the neighbours is totally fine with you, please consider the fact that Amazon is a company of liars who cannot be trusted.
Despite its promises to keep your data safe, Amazon doesn’t have a stellar track record on this front — in fact, it’s pretty shitty at it. Just take Ring for example. The Amazon subsidiary, which offers a neighbourhood watch app and smart home security system (and thus acts as a quasi-surveillance network for the nation’s police departments), has had a slew of privacy kerfuffles ever since the tech giant bought it for $US1 ($1.4) billion back in 2018. Gizmodo’s own investigation showed that the company’s Neighbours app had accidentally left exposed geo-coordinates of specific Ring users — in just one of several different privacy oversights that have been uncovered. The hackability of Ring cameras has also led to a class-action lawsuit against the company.
With Footpath, Amazon claims it has “carefully designed privacy protections” that govern how the program “collects, stores, and uses metadata.” The company has even put out a short “white paper” that outlines the privacy and security features built-in to its program — which includes Footpath’s three-layered encryption. This might sound impressive but, frankly, it’s cold comfort when you consider that there are hackers who sit around all day and idle away the hours trying to think up sophisticated methods to exploit situations exactly like the one provided by Footpath.
Here’s How You Opt-Out
So, yeah, I’d suggest opting out of Footpath as soon as possible. The good news is that it’s incredibly easy to do so.
- In the case of Echo devices, users should simply open the Alexa app, then do the following: More > Settings > Account Settings > Amazon Footpath > Off.
- If you’re using a Ring device, meanwhile, visit the control centre in the Ring app or website, where you can disable Footpath as a feature.
And that’s it! That’s all you have to do to avoid taking part in Amazon’s weird network sharing experiment. Go, opt-out, and be secure.