GDPR

This top security camera brand might be uploading photos to the cloud without you knowing

Audio player loading… A security researcher has claimed Eufy security cameras are uploading photos containing personally identifiable data to its servers, breaching not only its own key selling proposition but also the EU’s General Data Protection Regulation (GDPR). According to a report by Android Central (opens in new tab), security researcher Paul Moore discovered that the…

Published 3 years ago in 1st December 2022

By John

A security researcher has claimed Eufy security cameras are uploading photos containing personally identifiable data to its servers, breaching not only its own key selling proposition but also the EU’s General Data Protection Regulation (GDPR).

According to a report by Android Central (opens in new tab), security researcher Paul Moore discovered that the Eufy Doorbell Dual camera uploads facial recognition data to the company’s AWS cloud, without encryption.

The company, on the other hand, says it’s fully compliant with the data protection regulation and that the data collected is only used for notifications.

In a series of tweets (opens in new tab), Moore claimed the data was being stored together with usernames and other information that could be used to identify people whose images were taken. What’s more, Eury keeps the data even when the user deletes it from the Eufy app, he claims.

Moore has also said video feed can be accessed via a web browser, simply by knowing the right URL, with no passwords required. Camera videos encrypted with AES 128 are using a simple key which can be broken relatively easily, he said.

Since b

Be the first to write a comment.

Leave a Reply

GDPR’s 7th anniversary: in the AI age, privacy legislation is still relevant

Seven years after GDPR reshaped data protection, AI is forcing a fresh look at governance. GDPR’s principles remain critical, guiding ethical AI use, risk management, and trusted innovation…

Published 4 weeks ago in 3rd August 2025

Can Europe’s AI rules turn worker protections into a competitive edge?

While the US has largely pursued AI development with minimal regulatory oversight, Europe has taken a markedly different approach. The Data Protection Act, the GDPR, and the recent AI Act — aligned more closely with local workers’ laws and unions — have set the continent on a separate path. …

Published 4 weeks ago in 3rd August 2025

DebitMyData™ Launches LLM Security API Suite with Reinforcement Learning and Agentic Integrations

Agentic Logos™ and Avatars™ bring plug-and-play identity protection, deepfake defense, and GDPR-grade compliance to LLMs, enterprises, and global platforms. Fort Lauderdale, FL, USA | July 17, 2025 –[Press Release Wire]– DebitMyData™, the pioneering platform founded by renowned digital sovereignty architect Preska Thomas—celebrated internationally as the “Satoshi Nakamoto of NFTs”—has officially unveiled the global release of its next-generation LLM Security

Published 1 month ago in 19th July 2025

GDPR meant nothing: chat control ends privacy for the EU [video]

GDPR’s 7th anniversary: in the AI age, privacy legislation is still relevant

Can Europe’s AI rules turn worker protections into a competitive edge?

DebitMyData™ Launches LLM Security API Suite with Reinforcement Learning and Agentic Integrations

Latest Posts

U.S. Mortgage Providers Told to Include Crypto Holdings as Wealth

BTC Bull Token Presale Raises $7.5M, Enters Final Days as Bullish Sentiment Grows Around Bitcoin

Inside the $90M Nobitex hack: a layer-by-layer breakdown

Fartcoin remains bearish despite hitting $1; Check forecast

Bitcoin to $1M by 2030? – Inside Coinbase CEO’s BTC forecast

Compliant with GDPR?