Two tech YouTubers had accused the company eufy of using images from users without their consent. The images are supposed to end up unencrypted on a server where anyone could theoretically access them. These allegations made waves. Now Eufy has spoken up and commented on the allegations. Mistakes were made when communicating with customers, according to eufy, but when it comes to security, all allegations are dismissed.
What is it about?
Now eufy Security has commented on the allegations. There is a statement on the “eufy security app” as well as on the security of the devices.
Thumbnails are briefly saved to the cloud, eufy apologizes for communication
How did eufy react? The company behind the security products has released two statements. The first statement already on Wednesday, November 30th. The second statement then followed on Friday, December 2, 2022.
What is in the first statement? The first statement, dated November 30, 2022, expresses concerns about the images found on the servers:
eufy Security is designed as a local home security system. All video material is stored locally and encrypted on the user’s device. eufy Security’s facial recognition technology is also processed and stored locally on the device. Our products, services and processes are fully compliant with applicable General Data Protection Regulation (GDPR) standards, including ISO 27701/27001 and ETSI 303645 certifications.
In order to provide users with the push notifications for their mobile devices, some of our security solutions can display small preview images (so-called thumbnails) of videos, which are briefly and securely hosted on an Amazon Web Services (AWS) based cloud server. These thumbnails use server-side encryption and are set to be automatically deleted. They comply with all Apple Push Notification Services (iOS app) and Firebase Cloud Messaging (Android app) standards. Only after users have securely logged into their eufy Security account can they access or share these thumbnails.
Although our eufy security app offers users the option to choose between text and thumbnail-based push notifications right from the start, we did not make it clear enough that when selecting thumbnail notifications, the thumbnails are temporarily stored in the cloud be hosted.
This lack of communication was an oversight on our part and we sincerely apologize for this error.
Official statement from eufy security, dated November 30, 2022.
What is the second statement? A second statement refers to the allegations that eufy products are not safe. However, the allegations against the products are clearly rejected. Here eufy explained the allegations:
eufy Security firmly rejects the allegations made against the company regarding the security of our products. However, we understand that recent events may have raised concerns among some users. We regularly review and test our security features and seek feedback from the security industry to ensure we’re closing all credible security vulnerabilities.
When a credible security vulnerability is identified, we take the necessary actions to fix it. In addition, we comply with all relevant regulatory authorities in the markets where our products are sold. If users have any questions, they can always contact our dedicated customer support team.
What’s next? Eufy had also stated that they wanted to improve communication. On top of that, they want to better point out to users in the future that the small preview images have to be saved in the cloud so that they can also be displayed to users. Here you want to rework.
A user can only play with a new gaming PC after finding nasty, hidden errors