The Opt Out: Home security cameras guarantee surveillance, not safety
You are more than a data point. The Opt Out is here to help you take your privacy back.
RESIDENTIAL SECURITY CAMERAS from brands like Amazon’s Ring, Google Nest, and Arlo are everywhere. As of October 2022, nearly half of American households with broadband internet had a home security system, networked camera, video doorbell, or combination of these in place. If only keeping your property and family safe were that simple.
Studies attempting to measure the ability of residential security cameras to stop or deter crime have been inconclusive. And even if you care only about feeling safe, that potentially false sense of security comes with a high price: your privacy and that of everyone around you. To make matters worse, some of the tech companies behind these gadgets might be getting a little too cozy with law enforcement.
Your camera may not keep you safe
Risks aside, there are several practical benefits to installing a security camera. You might want to see when your packages hit your stoop and deter random passersby from grabbing them. Or maybe you live in a secluded area and want to try to ensure potential trespassers think twice before breaking into your home.
But security cameras won’t necessarily keep you safe. Unless you’re checking their feed 24/7, these gadgets allow only for reactive responses, meaning they’re helpful only when a crime has already been committed. And their power of deterrence highly depends on the context.
A 2009 study published in the journal Evaluation Review found no significant reduction in crime rates after security cameras were installed in two low-crime areas in Manhattan, New York. On the other hand, a 2017 review published in the Journal of Scandinavian Studies in Criminology and Crime Prevention looked into seven studies focused on cities around the world and found crime rates dropped 24 to 28 percent in public streets and urban subway stations after the installation of closed-circuit television (CCTV). Still, cameras did not affect the amount of crime perpetrated in parking lots or suburban subway stations. Finally, a 40-year review published in 2019 in the journal Criminology and Public Policy found CCTV cameras do play a role in reducing property and drug-related crimes in parking and residential areas but don’t reduce the rate of violent crimes.
It’s worth noting that these studies consider CCTV along with other types of surveillance systems. So far, no studies have specifically looked at whether self-monitored residential and commercial surveillance systems are an effective crime deterrent.
Privacy is a steep price to pay for security
It’s important to understand that when you install a surveillance camera, you’re buying security in exchange for privacy—but not always your own.
If the security system is outside your home, the people appearing most frequently in the footage will not be you or anybody in your household, but others in your community who have no say in whether their image is captured. The trade-off makes sense only if we assume everyone is a potential criminal.
“We don’t know who’s a criminal until a crime has been committed, so what we’re asking people to do is to turn over their pockets continuously and prove that they’re not,” says Isadora Borges Monroy, who has a Ph.D. in political science from McGill University and is affiliated with Harvard University’s Berkman Klein Center for Internet and Society. If we physically searched everyone we encountered in our daily lives, it’d be a lot more shocking, she explains.
When you have cameras inside your home, everyone who enters is subject to surveillance. This is why Rick Osterloh, senior vice president of devices and services at Google, once advised Nest owners to let guests know that their conversations are being recorded. But it’s unclear whether this is something people do consistently, if ever.
It may not bother you that your neighbors are recording you every time you walk your dog past their house. After all, they’re very nice. But you should ask yourself who else is watching and listening in whenever you bring hot gossip to your friend’s house. The answer could be, well, everyone.
Tech companies are probably the biggest potential viewers. The most popular residential surveillance systems work with the cloud, meaning they stream and store footage using an internet connection and the manufacturer’s servers. Your data should technically be safe there, but there’s evidence that it’s not. The Federal Trade Commission, for example, recently ordered Ring to pay $5.8 million in refunds after the agency found the company’s employees and contractors had had unrestricted access to user footage for years. And not only that: Ring employees had also been able to “readily download any customer’s videos and then view, share, or disclose those videos at will,” the agency said.
Google went through a similar ordeal in 2019 after a Dutch news outlet revealed that some of the company’s independent contractors were listening to and transcribing Google Assistant commands.
Then there are hackers, who have been known to extort users, holding their footage for ransom. The same FTC report that found privacy problems at Ring also noted that the company had failed to respond to multiple reports of stolen usernames and passwords. The thefts were possible due to Ring’s lax security requirements, which allowed users to employ bad passwords and made brute-force attacks easy by not limiting the number of times a person (or program) could enter incorrect login details. A 2019 Motherboard investigation revealed Ring systems even allowed multiple simultaneous logins from different countries and wouldn’t flag the number of users logged into the same account.
And even if there’s no malicious intent, there have been a variety of other security issues involving these gadgets. In 2019, Wirecutter reported that a Google Nest home security camera allowed its former owner to access new footage even after completely resetting and selling the device.
In all fairness, some of these problems have since been patched and there are now systems in place to eliminate some security vulnerabilities. In 2020, Ring, for one, made two-factor authentication mandatory and introduced end-to-end encryption.
“They did [it] after a tremendous amount of pushback from civil liberties groups, from angry people, from users. But you have to opt in—you have to turn it on yourself,” says Matthew Guariglia, a senior policy analyst at the Electronic Frontier Foundation working on issues of surveillance and policing.
Still, we usually learn about new privacy and security issues only after the damage has already been done. That means there’s no way to know which vulnerabilities are currently being exploited.
The internet is the new evidence room
But perhaps the most problematic unwanted audience for private security camera footage is law enforcement.
“The boundary between consumer privacy and government surveillance has never been so thin. It’s almost nonexistent,” says Guariglia.
Ideally, law enforcement agencies like local police, the FBI, and the DEA would be able to access private data only by asking its owner to relinquish it voluntarily. Under the Fourth Amendment, US citizens have the right to deny access to their data, but law enforcement can still seize it by presenting a court-ordered warrant or subpoena. This procedure is designed to protect Americans from unreasonable searches, but there are unfortunately two ways law enforcement can get your personal information without going through this process.
“They don’t need to go directly to the person who collects the footage—the customer whose camera it is,” Guariglia says. “They can go to the companies that store the footage.”
Tech companies have the legal authority to push back on law enforcement’s requests for user data, but if and how much they resist is not up to you. Some companies even have entire programs that make it easy for authorities to access your information. In 2022, Amazon’s Ring released footage without a warrant or the consent of the affected customers, claiming there was an emergency involving “an imminent danger of death or serious physical injury to a person.” The company did this 11 times, and all law enforcement had to do was fill out a form. Google has a similar program, but it appears to have a better track record than Ring: As of July 2022, the company claims it has not released any user footage to authorities.
And even if you think that a potential emergency is a good enough reason for tech companies to grant access to users’ private data, law enforcement agencies have also tried to get camera manufacturers to let them use their products to monitor and police citizens’ legitimate exercise of their First Amendment rights.
“Surveillance is not justice—this can be a tool of policing, but that doesn’t mean that the policing goal is either legitimate or that it will yield justice,” Borges Monroy says.
And if filling out a form or sending an email doesn’t work, law enforcement can just buy your data. Because, as Guariglia explains, a lot of it is just sitting on the open market.
“Right now our legal system is the way it is, where police can buy your geolocation at any given moment through these data brokers, and they don’t need a warrant to do that,” he says.
As sketchy as that sounds, it’s not illegal, though some US senators are trying to make it so. But until there are specific regulations preventing law enforcement from purchasing user data or paying rogue employees millions of dollars for confidential information, there’s always the possibility that your camera footage will end up used against you in a court of law, without your consent.
The irony is that we, the users, have built and funded the very system that surveils us. Such a system might not have been able to exist otherwise, because using public money to surveil citizens legally requires public hearings and debate.
“Instead, [law enforcement has] kind of found a cheaper, more expansive shortcut to mass surveillance, which is taking advantage of the infrastructure that we are putting up ourselves, in part because society is so individualized,” Guariglia says.
What can you do to protect your data
Reconsidering whether you need a security camera after all may be the best thing you can do to protect your privacy and that of the people around you.
If that’s not an option, Guariglia says that before you buy a surveillance camera, you should find out whether your system of choice allows you to encrypt your data. This will prevent anyone—hackers, tech companies, or law enforcement—from accessing your data without the right credentials. You’ll also need to know whether encryption is set by default, is hard to turn on, or prevents you from using other features.
Guariglia also recommends you find out whether the camera manufacturer requires a warrant to share your data with law enforcement, and if an overly broad warrant will do the trick. Researching a company’s track record of protecting its users and pushing back against requests for their information can also be useful.
Beyond that, Borges Monroy recommends engaging in long-term action that could result in better regulations that will protect our privacy.
“People need to be thinking of themselves as citizens, not as consumers,” she says. “Because these are really big problems, we tend to think about them as something that has to be done at a federal level. But there’s a lot to be done at a local level too. Especially when you’re thinking about policing.”
So let elected officials know what you think, and maybe run for office yourself. At the very least, vote. Supporting candidates who have your best interests at heart when it comes to privacy—at all levels of government—is a good way to make a difference. This will also get us closer to ensuring that we aren’t all constantly racing to catch up with technology, but are instead setting the pace so it serves us, not the other way around.
Read more PopSci+ stories.