Overview

Eufy, a security camera produced by Anker, has been flagged for sending footage to the cloud, after claiming the recorded data is stored on the physical device itself. However, in order to notify users of the footage, a thumbnail is sent which includes images of faces, used for facial recognition, and other data, through the cloud. There is an option to turn off this functionality, but users still found data nonconsensually saved this way. Even when the option is toggled off, the thumbnail data is still accessible through the server.Eufy commented on the incident stating all data is never public and requires a URL to view, along with correct credentials and a time-sensitive link. The only fix as of now is to update the terms of language used with customers and owners of the cameras.

Sources

https://www.macrumors.com/2022/11/29/eufy-camera-cloud-uploads-no-user-consent/

https://www.theverge.com/2022/11/30/23486753/anker-eufy-security-camera-cloud-private-encryption-authentication-storage