"The lawsuit also claims the flagrant security breach was discovered not by the company, but 'by luck and happenstance.' A customer, reporting a technical issue, inadvertently revealed the unwanted third-party access," the lawsuit claims. "But for that event, ADT would be unaware of this invasive conduct."
So no basic security measures to prevent employees from abusing their authority.
No system to notify users when somebody new was added to the email access list for video cameras they provide.
ADT didn't even know this was going on -- and if not for a customer being attentive it probably still would be.
And this is a security company!
It's notably worse for the parade of "internet of thing" companies that decided we needed to hook every home device up to the internet with zero willingness to embrace or fund basic privacy and security standards.
ADT Tech Spied On Women For Four Years Before Getting Caught By Accident
from the what's-the-opposite-of-security dept
Another day, another example of why we might want to actually pass at least a basic privacy law for the internet era. The latest problem bubbled up over at home security vendor ADT, after a technician was caught using home security cameras to spy on people for years. More specifically, the tech accessed customer video cameras in 200 homes some 9,600+ times over a period of four years. His preferred targets were attractive women he spied on while they were having sex, bathing, or getting dressed. This was, as US Attorney Prerak Shah was quick to note, a grotesque abuse of trust:
"This defendant, entrusted with safeguarding customers’ homes, instead intruded on their most intimate moments,” said Acting U.S. Attorney Prerak Shah. “We are glad to hold him accountable for this disgusting betrayal of trust."
It's why properly staffing and funding our privacy regulators, and having a basic privacy law where the expectations are clear and the penalties are notable (and consistently enforced) seems like a no brainer. Though it's still amazingly not clear how many national privacy scandals are necessary before we finally figure out that our existing "solution" of apathy, wrist slaps, binding arbitration, and intentional policy gridlock aren't working very well.
Filed Under: doj, iot, privacy, security, surveillance
Companies: adt
No comments:
Post a Comment