Anker’s Eufy has come under intense scrutiny over the past two months, which has revealed that its cameras not only have blatant lies about “only local” storage, but also blatant security flaws that the company refuses to acknowledge. Now the company is removing those promises from its website.
To summarize the situation so far, Eufy has advertised its security cameras and doorbells as “local-only” products, storing footage outside of the cloud to protect your privacy. It was a killer pitch, but one that turned out to be untrue.
In November, a security researcher discovered that Eufy cameras were sending data to the cloud, including full-resolution images and facial recognition data, and it was later discovered that live streams from the company’s cameras could be accessed unencrypted via third-party media players like VLC.
Eufy has consistently downplayed and even outright denied many of these claims despite clear evidence to the contrary, but it has begun to change its marketing.
Not long ago, Eufy updated its apps to show a disclosure about some data being passed to the cloud and as The edge now notes it also removed much of the marketing material its privacy commitment page which previously claimed the data was “local only” and would use “military-grade encryption.” Eufy was found to have removed at least ten statements about its privacy commitment in the past few days, including:
- “First, we take every step possible to ensure that your data remains private with you.”
- “[Y]our recorded footage is kept private. Stored locally. With military-grade encryption. And transmitted to you, and only to you.”
- “Here at eufy we don’t just talk and we don’t act.”
- “With secure local storage, your private data never leaves the safety of your home and is only accessible to you.”
- “All recordings recorded are encrypted on the device and sent directly to your phone – and only you have the key to decrypt and view the recordings. Data is encrypted during transmission.”
- “There is no online link to a video available.”
- “You must use the Eufy software and your account to decrypt the clips for viewing. Nobody else can access or read this data.”
- “For your Eyes Only”
- “No peeking”
- “Everything in the house”
The site also clarified that videos are stored in the cloud, adding that “your video recordings will not be viewed, shared or used for any other purpose by eufy”. The company also removed a question and answer about not sharing footage with law enforcement.
But Anker (Eufy’s parent company) still refuses to answer questions about these glaring privacy holes, and has yet to publicly acknowledge the situation with Eufys official twitter account It’s been scary quiet for the past two weeks.
Like we said, oops.
More about smart home:
FTC: We use income earning auto affiliate links. More.
https://9to5google.com/2022/12/16/eufy-privacy-promises/ Eufy removes privacy promises from its website