Pretty simple really - stop using third party vendors for data storage. They're cheap and easy because your data is usually the product. Sure, you would still be forced to comply with warrants/subpoenas if they think you have data, but that's basically unescapable.
If they get a warrant like the story in this article you'll still have to hand it over.
The fact that it's not on a popular cloud camera provider may make it harder for them to discover what it is they need to request, but they can still do it and you could still be compelled to comply.
In that case I would kind of rather they go to a megacorp vs. me needing to get a lawyer and figure out how to respond.
But generally I agree that it's sketchy for a third party to hold the data.
You shouldn't really need a lawyer. The megacorp will just hand over all the data, in which case you could too to avoid the legal fees. The benefit is like you said, less likely they go to you since they don't know you have anything, vs them seeing a map of all the Ring users.
That's what I'm saying, if they want footage on my hard drive they need to approach me and i need a lawyer, if they go after Ring then I don't need to incur costs and life stress of dealing with that bullshit.
That's all assuming the cops understand I'm not involved or committing crimes. As indicated in your sibling comment, that may not be the case and having my own representation would be needed.
You don't need a lawyer. Just hand over the data they ask for, and they will be happy. You can get a lawyer if you want to fight it. If you're paranoid about police impersonators, you can ask your local strip mall lawyer if the document is legit before handing over the data, and it will cost you less than $100.
>Just hand over the data they ask for, and they will be happy. You can get a lawyer if you want to fight it.
Given it's common sense to never talk to the police without a lawyer, you would want a lawyer for this situation so you know you're not unintentionally fucking yourself over.
I think you might be missing the point of this comment: OP was saying that this is an additional expense involved in owning your own data. In reality, the people who would otherwise store your data aren't getting a lawyer for a warrant response, beyond validation that the warrant is legitimate. The "economy of scale" that 3rd party services have here is that they don't care if you go to prison.
Having a lawyer do the basics is really cheap. Having a lawyer fight the warrant or craft a minimally-revealing response is expensive. You don't have to break the bank if you end up getting served a warrant.
Isn't the reason you might want a lawyer in this case that you might not have to turn over the footage, and doing so when you don't have to could be used against you?
So wouldn't the alternative where they get the footage from someone else be just as bad as you turning it over without checking, and therefore something you should prevent if consulting a lawyer first is to your advantage?
>Isn't the reason you might want a lawyer in this case that you might not have to turn over the footage, and doing so when you don't have to could be used against you?
You're still not getting yourself out of the thing where turning over the footage to the government could be bad for you, so having it happen unconditionally without your consent could be bad for you.
Whether it's bad for you is irrelevant, if you're responding to a court order you absolutely want someone who has a thorough understanding of the law to guide you through it (unless you're thoroughly familiar yourself, but most people are not).
Even if we aren't talking about court orders, any interactions with the police beyond small talk should be guided by a lawyer for the same reason. Arrogance has no place when interacting with the law, the complexity of which is far beyond the understanding of common men.
You keep talking about the side of it where you have the opportunity to contest a court order.
The problem is the side of it where you abandon in advance your ability do to that by giving a third party custody of your data and then suffer whatever consequences a lawyer might have advised you to avoid when the third party hands your data over to the government.
> [...] Given it's common sense to never talk to the police without a lawyer [...]
Don't generalize and don't conclude from your point-of-view to the whole world. There are enough places where you can talk to the police without even thinking about a lawyer (and never ever even require one, even in such situations). Not everyone's country is the USA (I assume).
If my interaction with the police is anything more than inconsequential small talk, I'm getting a lawyer. I would apply this common sense even to Japanese police, among the most respected of police forces in the world.
I think, having done this a few times, the line should be "minor traffic ticket," not "small talk." You can get out of a ticket (or get it downgraded to a warning) by being nice to the officer, and that is a much better outcome than you can get by attempting to bring in a lawyer or behave as though you are going to fight legally.
Many of these kinds of warrants are closer to the "minor traffic ticket" side than anything else. The trouble is that you may want a lawyer to tell you that.
Deciding whether or not to comply and how would depend on knowing what it means and the likely consequences of several actions. It would also probably depend on the specifics.
So you're saying that, in the event of owning your own data and being asked for it, you would get a lawyer because you acknowledge that there could be unforeseen conseqeuences and aspects of the request that you might not understand. But you would simultaneously prefer to let a megacorp own your data so you don't have to think about any of that?
So you're happy to give away your data, but also insistent that you should pay someone to review the request for your data. Apologies if I'm misunderstanding your comments (very possible), but I think I at least understand why some folks are confused.
I did say both of these things. Because there are upshots and downsides to each. Both are true.
You can't escape the shittiness of this problem by running your own server. It's a bad situation either way.
The root of the problem as i read it is overly zealous law enforcement and a judge that is not acting as a proper check on their power. It's a political problem. It can't be escaped with purely technical solutions like who stores the data.
I wouldn't be surprised if a lawyer would want to view all the footage themselves, before making any decision like that. Hopefully, you aren't keeping 6 months worth, because lawyers typically charge by the hour.
Point taken, but I don't see enough of an upshot to giving away your data from the very start — retaining zero control so you don't have to deal with requests that may or may not ever happen.
I think there may be a significant advantage to running your own server: you can controll how long you want to keep the data. For example, you can keep data from cameras recording the street/yard for longer and delete footage from inside the house daily (or choose to not even record when you are at home).
In TFA they mention the possibility of complying but not giving everything that is asked for. A lawyer can probably help you craft that in a way that will satisfy a judge.
Point about Ring's lawyers (which we've seemingly gotten away from this deep into the thread) is you do not pay for them or get involved if you don't want to be. You don't get to be involved in strategy either, which may not be in your interests. Getting the best thing for your interests may require paying a lot for a lawyer and a lot of stress. It would all depend on the specifics of the case.
Ring doesn't craft minimally-responsive answers to subpoenas and warrants either. No big tech company does. That would take money (having a staff lawyer and some help to handle those is expensive), and they don't really care that much about your data.
When you own it, you can fight back to your heart's content.
And by the way, you do pay for Ring's lawyers if you use their product.
That's what I did, and I don't feel even a little nervous about it. I did it because it was obviously in my best interest to help them investigate a crime that I was the victim in, and because I am 100% confident that the footage is otherwise innocuous.
But it all depends on the circumstances. As you say, the whole point of ownership is that I get to make that sort of decision.
You ALWAYS need a lawyer, and don't hand over any recordings without a lawyer. Otherwise, you may be liable for crimes NOT covered by their initial request. Crimes you may not even think are crimes! Cops do this, to pressure more information out of you.
I still don't see why you think it's a negative to have your own data. If you think you need a lawyer for on-site data, they you should think you need one for off-site data as well. There's really no difference here. Where the data exists has no bearing on needing a lawyer. What the the data contains would be the primary driver of needing a lawyer, which applies equally regardless of it being on-site or off-site.
At least in that case I'm the one deciding how long to keep the data. They can't get a warrant for data I don't have. I frankly don't understand why anyone would keep weeks of security camera footage around.
Maybe you realize something is missing 6 months later? Or you notice some damage on your property and want to see how it happened? That being said, it would be really hard to go through the footage and find what you are looking for.
Not really hard, if the damage is visible on the camera.
You go back a year and look. Damage there? If no then go back 6 months. If the damage is there then you know it's between 6 months and a year back. Rinse and repeat, binary search.
Having said that, I wouldn't store that much. A week would be all I'd want.
You are right, as soon as I posted the comment I thought of binary search. Funny how people frequenting HN think alike, maybe we have to get out more often out of our bubble.
All things being equal, you're right. I'd want to avoid the issue of wanting a lawyer and prefer the resources of a larger corporation making those decisions
But they're not equal.
The police can acquire a warrant and serve it to a select few megacorps for ALL of the footage at a specific location for a specific time range. That's setting aside some policies where there's active cooperation between the megacorp and the police. By hosting it myself, I avoid this sort of blanket privacy violation.
In my particular situation, I'd guesss it would entirely eliminate police acquiring a warrant for my footage unless I'm a criminal suspect or there was a crime committed in my front yard. Maybe I'd be a bit more forthcoming anyway if a crime happened on my property :P
I kind of read this article as the cops being lazy and requesting literal everything, not because they'll use it but because it's easier than understanding the job they actually need to do.
In that case it'd probably be OK to hand over footage.
But the more sinister and intentional motive among law enforcement also exists. The whole thing is a crapshoot and every case is probably different. If you're lucky, a responsible cop is involved. If you're not, it can be really bad times.
> In that case I would kind of rather they go to a megacorp vs. me needing to get a lawyer and figure out how to respond.
If a crime occurred outside your home, but your home security cameras caught it, the police will discover this when they talk to you about the incident to collect witness statements, if you choose to share it.
If a crime occurred inside your home, and your home security cameras caught it, the police will discover this when you report the crime and you offer to share the evidence that may help you receive a cure.
There is absolutely nothing that a megacorp helps with here.
If it helps you, it exists, if not, it never existed in the first place. - "oh those, they aren't hooked up to anything after I bought the house, the previous owner took the computer."
The concern is less that the cops show up to your cloud provider with a signed warrant, but more so that they just hand it over when asked. There's also concerns about jurisdiction.
It's pretty easy to stash the recording device somewhere that it would take an intentional and time-consuming search to find it. No common criminal will engage in that sort of search. If you need to be worried about uncommonly competent and driven intruders, then your security needs are such that any simple surveillance system won't do. You have special needs that require special solutions.
I strongly disagree. If they have to serve you a warrant for the data, you know they've requested it. This is rarely true if they can serve a warrant to a cloud provider for your data.
Since the likelihood is footage from your home is to investigate you or your family, knowledge of the data demand in itself is potentially invaluable, as you can begin forming a defense.
Also, not that anyone would do it, but 'oops, it caught on fire' is much more doable when it's all under your control and they don't even know what you have, rather than in some audited cloud providers backend.
It is not feasible in reality that requests to decrypt your personal data stored on-site through warrants. If my server is powered off, everything sits in several encrypted ZFS datasets. No one can prove that I am recording stuff at all. The camera could be there for deterrence only.
That's not how the legal system works. The other party would claim that you are, the courts would believe them, and it'd be on you to deal with it. "It's not feasible" won't wash - especially if you don't spend tens of thousands on your defense.
Well, of course it depends which legal system we are speaking, but where I live (Germany), there is a presumption of innocence until proof beyond a reasonable doubt establishes.
I don't believe in cloud servers for home automation or home security stuff, I also think encryption and local storage is great, but all these techno-nerds are under delusions that enough geeking out on technical solutions will somehow change how law enforcement or the courts treat them. If they want to pursue you for something, it won't deter them.
They can produce a warrant to turn over what is already there. They cant force one to continue proving that service. Thats a violation of the third amendment.
Of course there no case law on the third to determine if one has to continue to give quarter to surveillance equipment.
What if the video is encrypted such that it can only be watched by certain faces?
The risk is that some judge doesn't appreciate your ironclad solution and so orders you to watch all the footage so they can record it over your shoulder.
No. I need a system that detects motion during scheduled times (ideally only humans) and buzzes my phone instantly, giving me a live view and saving a recording around that time. And most of all, it has to be reliable enough that I don't question whether it's working. Anyone who says this is easy is underestimating it.
Something on-prem could do all that, but nobody sells it, and most DIY systems don't have those features (does yours?). So here I am with the Ring.
I have several cameras hooked up to an NVR that has 2TB drives for constant recording (when space runs out older recordings are deleted. I usually have a few weeks available).
I then have frigate[1] set up on a small fitlet (with a usb CORAL TPU), which gives me excellent control over detection (Humans vs dogs vs cars vs ...). Frigate grabs the streams from my NVR over rstp.
This is then hooked up to my Home Assistant where I have various rules to send alerts to my mobile devices based upon object detected, location of camera, and time of day.
Everything is internal. I have an always on wireguard on my family's mobile devices allowing them to access the cameras and home assistant alerts from anywhere.
It works great, but I have refused to set this up for my extended family (even though they have the same NVR and _really_ want my system), just because there are a lot of moving pieces that need to be maintained (not to mention having a server + vpn)
Someone should sell a complete solution to make it easy for non-techies to use. Sell a small computer (perhaps a Raspberry Pi) with the right software installed, the Coral accelerator, and several cameras bundled in a package. Make it clear that this is just a sale of hardware, not cloud data storage. It should be as easy as buying a Ring or a Nest, otherwise it will forever just be tech people's toys.
I tried that product a couple of times on Google ads, and fewer people clicked on "buy now" than my sister's joke product of "lipstick for your pit bull."
People really don't understand this enough to even know that there's a problem. I have explained to a lot of people that "the cloud" just means renting someone else's computer, and they still don't get it.
Google Ads is too aggressive for this sort of product that requires knowledge of many things. The product is niche and would need a simple youtube video series to explain it, with a descriptive title and description text.
Ideally, in the video(s) you can talk about how the viewer can setup the solution themselves, breaking it down into components, why each is important and how it all works.
Also introduce how the viewer can buy the entire solution from you directly, where’ll they’ll get some custom support/troubleshooting or they may just hire you for consulting.
This will function as your funnel to let your target customers find your solution as they search for ways to problems they have self-identified.
If you’d like you can also do retargeting ads on the viewers of your video, as they’d be more likely to buy your solution vs the avg joe.
This is what I was thinking. Is there maybe not a big enough market for non-techies who care about privacy and understand the implications?
It needs to be basically the same as a Ring with just one additional requirement, plugging another box into power and your network to act as the DVR/brains, with a QR code that you scan to link it. Sure that can have more customization options, but the default has to be zero config. Probably gonna need a cloud server for notifying and serving the mobile app without having keys to the video (users have to know the difference), which would cost money monthly.
There are hundreds of different NVR solutions out there. The consumer ones are... meh. But they mostly work.
The reality is that except for companies, almost no one REALLY cares about it. It's an expense they'd usually rather not have (like backups), so it always gets the short end of the stick.
Frigate looks pretty interesting. Do you have an estimation of how much CPU it's using for your cameras?
I have about a dozen 4k cameras I'd love to migrate to a much more capable NVR, but doing so with software typically means I go from a 30W NVR to maxing out a 8 core 200W Xeon even without object detection.
Would love to kill my Duaha NVR and toss this on the Proxmox cluster instead.
Could you share which model cameras and NVR you're using? I've been wanting to put something together like this for a while, but all of the solutions I've seen require a Windows box (usually running Blue Iris) for the NVR which I want to avoid
I was okay with Arlo for several years — primarily because it didn't have a subscription. With Arlo circling the drain now, I think a cloud-less DIY option is an excellent idea.
Oh they definitely do sell it. And the more money you spend the crazier it gets (cross-camera facial recognition? you can go full blown surveillance on your neighborhood).
I bought a Synology NAS and I just added cameras on my home network in the web UI.
Does motion tracking, auto recording and the app rocks. It doesn’t ping me but I also haven’t looked for that feature.
Well that's a crucial requirement. Should ping by default. Even if you can turn it on, I don't trust that they really put that feature first if it's buried in the settings.
It may not be buried. I might have just turned it off. I always turn it off right away.
I consider pinging a major cause of paranoia (see NextDoor), an invasion of my community’s privacy, and honestly I live in a safe area and insurance covers everything anyway.
Amcrest is pretty good as long as you get an ONVIF-compatible model. Their PoE cameras are better than their Wi-Fi models, but I found that their indoor Wi-Fi models are not bad. I haven't had any luck with their outdoor Wi-Fi models though.
For Wi-Fi outdoor, I've been trying Reolink. I actually have had one die and another one keeps resetting so I'm not sold.
I've heard Hikvision is good but they're more expensive and I haven't tried them yet. I also think they really care whether you buy it from an authorized retailer.
Ubiquiti does that. I have motion detection alerts disabled but human motion detection enabled depending on the camera. You can also set regions in the view that it ignores for motion detection.
Tech-savvy people say great things about Ubiquiti wifi, but my experience was that it's way more annoying to deal with than the AirPorts I was replacing. So I have doubts about relying on their security solution to "just work," but maybe I'll give it a try.
And sure I'm tech-savvy, but I also don't want to deal with things. The real test is at my parents' house, where I don't live but I manage some of their stuff remotely / occasionally in person. I can't babysit whatever gets installed, and they don't understand computers. Like, whenever their internet was having problems, they'd only know how to reboot the router; eventually they automated this task with a lamp timer. But they were fine managing the Ring once I set it up.
It's my understanding that now ubiquiti used to be a good company/solution, but they ruined that recently by introducing a lot of "phoning home"-like "features" for their routers. Given that the tech group is almost always more privacy/security oriented than typical, and that's Ubiquiti's target audience, it was a very poor choice on their part and probably removed a significant portion of their customers.
Perhaps the solution that the tech-oriented crowd will move to now is just making things from scratch, I haven't seen the clear consensus on it yet.
But it's an aggressive default. Tbh I didn't even figure out how to opt out of it, I just grumbled and made the account. It's wifi for crying out loud, should be plug n play.
My parents replaced the Ubiqitis themselves when they started having issues I wasn't there to fix, with some no-name Amazon wifi APs. MAC address manufacturer lookup just said "Shenzhen." Plugged in, and they worked.
I did a basic UniFi setup at my house back in the fall and it’s been pretty simple and fully reliable. It’s pretty much the apple of home networking and security.
Unifi makes onprem NVR solutions for the home with everything you said. It’s all connected to their cloud for auth but you can turn it off if you want.
Wyze sells that. My camera stores local footage on an sd card. When motion activates it, Wyze sends me a push alert that something happens, I open the app and it requests directly from my camera. Video doesn’t stay on wyze’s server. If they’re served a warrant, they have no video.
"Something on-prem could do all that, but nobody sells it, and most DIY systems don't have those features"
I don't have it set up that way but thought about it. Zoneminder does motion detection and can be scheduled too. I'm not sure about the human recognition part, but I think I heard there's so sort of plugin out there for that, but I could be wrong. It will also send alerts and can be visible from the web if you have a static IP or a service that provides the same functionality (forget the name).
Frigate -> Home Assistant -> WhatApp Messages
DIY, $2 per month + electric change. The $2 cover WhatsApp group messages - as it works for all phone in family with the app sleeping. Easy to share clips.
For example - who was the person who approache dthe door with an umbrella today.
Frigate makes sure its a person, Frigate makes sure it in the correct area of camera. Cheap rtsp camera, standalone wifi network. Frigate is the bridge to 'normal' lan.
Agreed, that's the only way to build a secure system. I have some outdoor cameras but they are on a physically separate network and can't talk to anything.
Also, they are on ethernet but because they also support wifi I physically cut the antenna connections because I'm not about to trust the manufacturer of the camera to not try to exfiltrate something.
But sadly this is, while not difficult, too much for the non-techie person to do. So people just buy Ring cameras with all the associated privacy problems.
The worst is that while my system is secure, many of the surrounding neighbors have ring cameras outside so I can't protect from those!
I'm not sure if you're talking about the security products industry but I think of the "conncted" industry is this way. It makes me fairly uncomfortable knowing that every move I'm making, either online or offline, is being uploaded to some server. I stopped installing apps, I stopped signing up to things, I set up automations to turn wifi and bluetooth off as I leave the house.
You can't live in a bitcoin. Unlike housing, or land, which clearly have some value, the inherent value of crypto is $0. All prices are purely speculative.
The police can still subpoena that footage and if they do, you can’t legally destroy it.
If you’ve got the money, you can fight the subpoena and you can be sure that they can’t bypass you and get the footage while your fighting it, but you better preserve it and don’t let it age out if your NVR in case you lose the fight.
This is how laws have worked for centuries at this point in the US. At least with this method you have the option of fighting it and the data isn't secretly used behind your back. Also you can force them to clearly define what data they need, like front porch, rather than as much as they can get.
Yes, as I said if you have the money (a big if and whether you win or lose, you can’t recover that money ) you can fight it, but can you really say you “own” your data if you can be forced to give it up?
Of course. Just like I own my car but if I violate certain laws it may be confiscated.
If "can't be forced to give it up by normal legal processes" is your standard for what it means to own something, there is very little in the world that you do actually own. So little, in fact that the concept doesn't mean much at all.
But you can have your video footage taken without you having violated any laws or even have any relation at all to the reason they want the footage, the cops can say "We think there's something we want to see on your camera feed, now give it to us", and as long as they have reasonable suspicion that there's footage related to an investigation, they'll get it.
A low bar doesn't mean "no bar" - they literally need zero reason to think you had and relation to a crime to take your video footage, but for civil forfeiture, they have to have suspicion that the property seized was related to wrongdoing.
But my point is that you don't have to be under any suspicion yourself, if the police think your camera recorded something related to an investigation, they can take the footage.
If some person you dislike got robbed in front of your house, you could be compelled to help them by supplying your video footage even if you don't want to. If you really owned your camera footage, you could say "Naa, I don't wanna help that guy, I'm not going to let you have it".
> If some person you dislike got robbed in front of your house, you could be compelled to help them by supplying your video footage
Let me get this straight. You're so concerned about your property rights being absolutely privileged in such a way that when social institutions gathering evidence for the crime of robbery -- a crime where relevant law is meant to deter/address the violation of property rights -- come knocking at your door, you want to assume the privilege of telling them "nah, I don't like that guy, screw him and screw his property rights and nothing I own will be involved in the enforcement of laws regarding those property rights"?
I think what this highlights is that, even where rights are important, they are rarely unqualified privileges. In the reality of any sufficiently complex system, corner cases or even conflict between worthwhile values exist. A legal system that cannot obligate people to produce relevant evidence for a case will likely be without power to make judgments based on evidence or enforce its laws, including those meant to protect property rights, which are the reason you can be said to "own" things at all.
In order to have a functioning legal system, there needs to be power to compel people to do things. Not every arbitrary thing -- good legal systems have limits too -- but you'll never be able to have rule of law without some power to compel.
But they don't ask, they tell you that you have to hand it over. You can appeal to the courts (which is an expensive option), but the judge may say the same thing and you have no (practical) choice
.
That's why I say that you don't own it -- if you owned it and the police ask for it, you could say "no".
“If some person you dislike got robbed in front of your house, you could be compelled to help them by supplying your video footage even if you don't want to.”
No, I'm saying that if I really owned the video, I could decide whether or not the police can use it. I'm not arguing whether or not the police should be able to have access to private video, but that you don't really own the video if you can't tell them "no" when they subpoena it.
If you're assuming the cops and the judges are so corrupt that the safeguard of the subpoena process is worthless, then you also have to think of everything you own being subject to seizure. Not just data.
I think you are talking past each other. If a crime (not committed by you) happens near your security camera, then your footage can be subpoenaed. This is not corruption or a violation of the subpoena safeguard process. I agree that it's a bit over-the-top to say "you don't own the footage." just because of this, but that appears to be the point that is being made.
I think the issue, really, is a philosophical disagreement. I think that if the police are to be able to investigate crime, they need to have some invasive powers. But they also shouldn't be trusted to use them without controls. The subpoena (and warrant) process is the control we have in the US. I don't think the existence of this ability is, itself, a serious violation of rights.
Other people may legitimately disagree.
There is also a serious discussion that could be had about whether the controls are sufficient, but that's a procedural issue rather than a philosophical one.
> This is not corruption or a violation of the subpoena safeguard process
Not if it ends there and cops make the right decisions. However it's a legitimate concern that an overly broad police investigation, even after a real crime happens, might lead bad/lazy/dishonest cops to wrongfully accuse someone unrelated.
If you were the victim of a crime, and some useful evidence that could lead to the identification and punishment of the perpetrator existed on someone else’s camera system, wouldn’t you want the police to be able to get hold of it?
I'm not arguing for or against the police being able to subpoena video, I'm just questioning the real ownership value of storing the video on your own hardware vs cloud storage. It doesn't keep the police from subpoenaing and obtaining the video. It makes it a little easier to fight the subpoena since you can hold onto the video while it works its way through the courts, but that's an expensive process that I think few would undertake so it's more of a theoretical advantage rather than a practical one.
It doesn't keep the police from using it, it does keep some cloud company (and a possibly limitless network of 3rd parties, regardless of what is publicly known) from using it.
> that's an expensive process that I think few would undertake so it's more of a theoretical advantage rather than a practical one.
You don't actually need to hire a lawyer to fight a subpoena. It would be smart, but not necessary. And how expensive that fight is depends entirely on how far you want to take it.
If you're broke, you can still appear before the judge and argue your case. It only really gets expensive if the judge rules against you and you want to fight it in a higher court.
We can get the society we ask for, though. IMO this is one reason why we should favor policy that doesn't have overly aggressive law enforcement or prosecution.
In my experience, we don't get the society we ask for (though asking is the first step). We get the society we make happen, and that has pros and cons.
The current setup is this way because of a very complex set of intertwining factors which are shifting constantly. So 'shoulds' are plentiful and never ending.
"We" is an awful lot of us with many different opinions. I accept for instance that my views on criminal justice are not a majority in the United States, especially with the "tough on crime" bullshit from the last election cycle, which they are still pumping. So, I try to make awareness for what I consider to be the good parts of my views, and that's the best I can do. I also try my best to be respectful of those who don't share the views and aren't receptive to changing, even though I feel pretty strongly on this topic.
> can you really say you “own” your data if you can be forced to give it up?
You can be forced to give up anything you have. If that's the deciding factor for the question of ownership, then nobody owns anything. I don't think that's a useful definition, though.
"I set autoremove to 7 days ago and I got your notice on 8th day, sorry".
"well, it does record only when it detect motion, and there isn't anything on that date, but here is the neighbour's cat video few minutes earlier"
Just need to shred the files instead of just removing them.
Then again if it is by police to you they need to say what they need and not just get everything automatically so IMO not really that problematic as the case where they can get inside house footage from 3rd party company coz they don't give a shit.
For the police to subpoena the footage they at least have to know you have cameras. They'll have much tougher time figuring out you have indoors cameras and requesting data from them.
With Ring it seems to be more like selecting a box on the map and click "request".
> you can be sure that they can’t bypass you and get the footage while your fighting it
They also wouldn't request data from cameras offsite. I mean, they could, but why would they (and would they even make the connection that these cameras are also owned by you?)
If they give you a valid subpoena, then yeah, you have to give them the video in a format they can use, you can't give them a bunch of encrypted video files and say "Good luck trying to watch it".
If you refuse to hand it over and they get a warrant and seize your NVR, then I'm not sure if they can compel you to decrypt it, but you may already be in jail for contempt and probably are spending hundreds of thousands of dollars in legal fees at this point, so most people would cave long before this and just hand it over.
Not a lawyer, but I read about cases where the judge put people in prison for contempt because they refused to disclose passwords for encrypted content. There was a guy that was in prison for more than 1 year in such a case.
To the extend that I've read, they can demand that they hand over data/documents that they know exist, regardless of whether they're encrypted. It's akin to being forced to open a safe if they have a search warrant for a specific document.
What they can't do is say "decrypt this blob and let us look around".
It depends. If it's against another party they can compel you to decrypt it. If it's against yourself they may respect a 5th amendment claim, or they might not.
I agree, but it’s not so evident or easy for the average person. Who wants to deal with managing storage? Cloud will typically win for the masses, who are typically not thinking about privacy and may not know the difference between a SSD and HDD
I've long wondered why something like a general computing device maintenance service hasn't become a thing. I guess cloud storage stepped in and removed the need.
When my AC unit broke I didn't need to know the finer decisions surrounding which unit to choose.
I have weekly visits from the pool guy for a pool and gardener for the landscaping. A yearly termite check and AC/furnace maintenance. And so on.
Your pool, landscaping, and traditional appliances are all fairly mature and stable in a way that lets local workers learn basic, repurposeable maintenance skills that last a long time and cover a large number of clients.
We won’t have that for home compute appliances until hardware/interface innovation slows down, and that’d actually been trending in the other direction for a while now. It will stabilize, even while innovation happens at other layers, but core stability plays a huge role in what you have in mind here.
Cloud stuff basically hid that that stuff on the other side of a pipe for a while, but has its own drawbacks and we’re likely seeing the start of a turn away from it.
Linux has been pretty stable for decades now. I’ve been using the same core configs and bulk data in my home compute environment basically since I started using Linux. Remote repos for any syncing needs, then just tar/rsync bulk archive data over. Store longer term or stale data on older decommissioned HDDs.
I’ve been running more or less the same services through hardware, hypervisor, and now kubernetes migrations and revisions. It seems to me doing things “the Linux way”, sticking to open source where possible, is resistant to the fast pace of the consumer innovation market. When anything new comes along, it’s usually relatively trivial to transfer over.
Really? I installed Ubuntu after a 5 year holiday from it - Now you have some kind of Snaps, and flatpak. There is whatever is happening in wayland. To install handbrake, you need to install flatpack.
There used to be 4 different drivers for intel GPU, now there are 7, and I still can't get Quicksync to work in Handbrake. There seems to be some kind of plugin you can download from their website, but that doesn't install.
After tinkering, I realised that Quicksync works in ffmpeg and in Jellyfin, but not in Handbrake
Mind you, I have a home server that runs 20 docker contsiner for things like home assistant. I deploy applications to kubernetes in my say job.
But this shit is still frustrating
Who do I call to fix this for less than $500 an hour?
If you're looking to get away from the massive crowd and the effects of it (new devs aimlessly reinventing wheels) you have to move to something like BSD, and then learn to deal with not having the tools made by said new aimless devs.
I know that this is a typical HN post, assuming everyone should become a Linux sysadmin. But related to the parent, and recent developments in Zero Trust Access products, I wonder if there is a pathway towards neighborhood-scale sysadmin services.
I mean, I essentially provide that to my small social community with a private media tenant.
With ZTA systems in place to accommodate remote access, maybe there is an appetite for neighbor-to-neighbor network sysadmin services? Hard to compete with the sleek silos of big box brands and their infinite marketing budget, plus 5 9s of service, though.
If only there were some sort of regional authority, a local group of people to whom we all gave money to, that could hire someone to administer such a system. This group could take on the responsibility of running, not just this neighborhood network system, but also, I dunno, the fire department and the police department and maybe also the schools?
I know it's an "out there" crazy silicon valley leftist idea but maybe something like that could work?
USPS might be mired in fed scale problems. Maybe a Library is more appropriate? At least, more directly accessible at the local level. I’m just not sure how exactly that would work, or operate thru existing library organization…
I think the incentive of a trade/artisan economy would make more sense, and justify individualized labor (house calls for NAS reconfiguration, for instance). Like a plumbing contractor vs inspector… I like the socialized idea, but I don’t see how the implementation would work under current social service labor system and organization…
The posted article is about the problem presented by police overreach into data that the average person has a mistaken expectation of privacy for. I may be misunderstanding what you're proposing, but it seems to me like having the same organization run things for both the neighborhood and police would actually facilitate police access to this kind of data moreso than provide any benefits in privacy.
Which is exactly why I proposed the USPS as a solution! They are an independent agency of the executive branch, and are the perfect fit for such a service.
It's not clear to me from that article, what the supposed crime the USPIS committed here. Maybe I'm butchering the reading, but it sounds like they looked for, and read public Facebook/Twitter/Instagram/etc posts by extremists, looking for threats made against the USPS; their buildings and their workers, the hard working mailmen and women who deliver the mail, and also the mail itself. which like, good? That's literally their job! I know ACAB and all but like, be real. If you're making a plan, in public, to commit violent crimes against mail carriers, then shouldn't the cops investigate? Instead of waiting for someone to shoot up a post office and then realizing they left a cry for help and warning signs after they've already committed their henious act?
Am I just totally misunderstanding the situation here?
....would you give your video footage to the neighbour?
....would you want to as sysadmin now manage them any time police comes and wants some footage ?
I think that can definitely work for stuff like internet access, but anything where "private files" and copyrighted content comes to play will be messy
I'm not sure that's necessarily true. For example when need maintenance on my heater, I have to call someone certified in support for my brand. Same with my washer, dishwasher, refrigerator, and stove.
If GE made a home security product for example, it would make sense for vendors to get certified on GE home security support. Even if the underlying tech changed a lot, if they had access to support docs and a support portal it could work.
That’s true and that’s probably what first entrants will do (are doing), but it takes a big capital expenditure and a lot of time to set up a program like that and recruit local shops to participate in, and your market opportunity is constrained by that growth.
It’s easier to certify techs at an existing HVAC repair on your specific heater than it is to convince somebody to set up shop just for your new and peculiar product. Maturity of industry matters.
It's not "general purpose computing" maintenance, but the service you're talking about does exist, though AFAIK mostly at the very high-end. It's typically for things like home theaters, whole-home audio systems, or smart-home type setups (predating and now merging with current consumer IoT/home automation platforms). Not sure how much that's "maintenance" in the typical sense so much as support for their custom install work, but I bet if you had a Sonos or Lutron system where your installer went out of business you'd be able to find a different guy to deal with it.
You can't offer a similar service at a substantially reduced priced by centralizing maintenance of your pool. Same for termites. Those have to happen on site.
For software, there are strong incentives on both sides of the transaction (buyer and seller) for a system to be remotely managed.
I used to work for geek squad. They actually subcontract any work that can't specifically be done in store. I'd hardly call their service "general purpose computing maintenance" as it only extends to things they've done the install for and that's limited to items sold at the store. However they will provide maintenance, via those subcontractors, to items that fit that scope, such as replacing the bulbs for home theater projectors when they burn out.
I agree many are not willing, but I disagree that it is not "easy for the average person".
One can walk into a local supermarket on any planet(e.g., Walkmart, Sam's Club, Carrefour, Aldi, Tesco, Auchan) and likely be able to pick up a self-managed NVR with cameras.
If it was not relatively easy, I do not believe these companies would carry them.
If you buy a Synology NAS there's really not much to manage. Other than inserting the drives and waiting for it to initialize, it's not considerably harder than setting up an account somewhere. It also has apps for security cameras.
Unless it's proof to the negative, which in most jurisdictions isn't something you'd ever need to prove, as the burden is on something occurring, after some amount of time most recordings are useless?
Most security video recorders will just let you set automatic limits to the storage or age of recordings it's not that hard to just dedicate a small part of an attached or internal HDD to recordings and forget about it.
In this case even that might not have solved the issue because the cops got a warrant for EVERY camera on the person's account including those inside the house that couldn't reasonably show evidence of the thing they were investigating.
> EVERY camera on the person's account including those inside the house that couldn't reasonably show evidence of the thing they were investigating.
Armchairing it here - these broad warrants are probably carry over from the days where you'd issue a single warrant for "the tapes" since every camera in the system recorded onto a single shared medium.
Like GP, I have a personal offline system with remote backups that I control. The footage all goes onto a single shared HDD for all the cameras like the old "tape" days. A warrant would likely ask for that HDD - not the footage from a specific camera.
That doesn't really change that even though you're completely uninvolved in the investigation as a target suddenly you've got cops examining the recordings of the interior of your house. Exterior recordings are at least often of nominally publicly viewable areas barring things like fences. Either way though I'm not that inclined to give the cops a pass for being lazy about the warrant writing just because it's the old way, warrants should be minimally invasive, particularly so for people NOT INVOLVED in the crime under investigation.
The main advantage to having this data yourself rather than being held by a third party is that you have a chance to push back if you have it yourself.
If you get a subpoena that you believe is overly broad, you can take the matter before a judge and argue your case. As I understand it, this can be quite effective in narrowing the scope. It's not perfect, of course, but it's better than having no say whatsoever.
Subpoena you have time to fight but if they get a warrant you can only challenge it post execution. Would you only get subpoenas if you retained the data?
But, in general, if you're getting a subpoena it's because you are a bystander in an investigation, and if you're getting a warrant, it's because you are a target of an investigation. So a subpoena offers a bit more protection for you and is easier to push back against.
You can only fight a warrant after it's been executed (at least, mostly), but fighting it after the fact isn't nothing. If you win, the property seized must be returned, data collected must be deleted, and none of it can be used in court.
In theory you should be getting a subpoena for your local storage. Also I'm not sure just deleting the data is really a remedy here since a) there's a good chance people already viewed the recordings and that can't be simply undone so the privacy violation still exists and b) were there to be evidence of some other crime on your interior tapes we know police et al have ways like parallel construction to hide constitutionally questionable searches from making it to court.
A is really my core objection here, the privacy violation of gathering all the camera's data is essentially unresolvable, someone will have at least looked at the footage and at best determined the camera is an interior camera and stopped reviewing it. Personally all my cameras are outward facing (though one is a ptz that could look into the office) and I have only local storage of the video. My other option would be to make an automation that deafens and turns any PTZ camera to the wall unless my alarm system is set to away.
Yes, I understand and am very sympathetic to what you're saying here. There is a real privacy violation involved.
But I don't think it's a real moral conundrum. As I said elsewhere, I think that if we as a society want to have police that can effectively investigate crime, they also need to have some invasive powers. And I think we do want to have such police, because the alternative is much worse.
The reality is that there is no such thing as an absolute right in pretty much anything, because it's rather common that exercising one right can infringe on a different right. So it's all necessarily about balance and compromise.
Much easier for the party seeking footage to subpoena a large, third party repository than to subpoena individual citizens. The mere existence of large repositories of recorded footage invites parties to subpoena them. No need to locate individuals with useful footage and deal with each separately. Just go to Ring. Same with third party email providers. The use of third parties for email makes warrants and subpoenas much more convenient. Just go to Google. These are one stop shops for getting peoples' data. Why store private data on removable media disconnected from the internet. Put it on social media or in the cloud so it's easier for law enforcement to get a copy. They can subpoena the social media or cloud provider. It's better if people do not know when the third party is giving their data to law enforcement.
It's open source, and you can hook it up to a Coral (or some other things, I think) to get crazy-fast classifications. But CPU is fine for only a few cameras.
Once you get something like that setup, it's just a matter of finding cameras that support RTSP. You get them setup however you like (but preferably wired, with PoE), point Frigate at the RTSP stream, and that's it. Now you've got home security footage that never leaves your house. You can set up a VPN to watch the feeds from elsewhere. Frigate supports MQTT as well, so you can hook it into Home Assistant to get notifications, and even pipe person events into something like Double Take to get face detection:
EDIT: Oh, and the most important part is to have your security cameras on a totally separate network that doesn't have access to your internal network or the internet. The best cameras are from China, and you don't want to give them any opportunities.
One of my problems is finding reputable good quality cameras that are ideally dumb and just provide an RTSP stream. Of course, I'll throw them on their own VLAN and isolate them from the internet, but I want something with good image quality and ideally doesn't require an app or Windows to setup
Another issue is finding all of these projects and choosing the right ones that'll receive long term support and making sure the pipeline (Camera -> NVR -> Frigate -> ? -> Home Assistant?) doesn't break and stays up to date.
A lot of moving parts, and last time I looked it was hard to find a good NVR with Linux support that also has a decent web app (and even better if it has a native mobile app)
Ubiquiti's UniFi is an option (of many). They include doorbell cameras nowadays. There's also solutions from Logitech, Eve and others.
You can use Ubiquiti's surveillance software that's part of the UniFi console (that you can manage locally, with no cloud account), or other third party local-only monitoring software such as Synology Surveillance Station, BlueIris, and open source solutions such as iSpy, Frigate, ZoneMinder, and many others.
-- -----
Unrelated to cameras, I've preferred Eve for IoT devices simply because they adopted Thread and Matter very quickly. Nothing of them I have is IP addressable, nor can directly reach the internet. They have nice apps for phones and tablets, but I also use open source software to aggregate everything into my own dashboards (and automation) that I host and manage locally.
My system uses Cloudedge which lets you access the cameras from your phone/computer but instead of saving my data in the cloud I use micro-usb cards. Holds about 10 days of constant recording (128 gig). After that I wipe it and record over it.
I use Unifi's security cameras at home, they store all data on your own disks on-site.
Owning footage is only half the story, privacy is also a big issue for me, I don't want images of my home being sent to corporations even if I own all rights to it.
The only downside I can think of is that a really advanced thief might know to pull the hard drives and walk with them, but I suspect most residential thieves aren't that smart or wouldn't know what disk to pull from my rack.
The other downside for less techy people is that without the cloud it's not that simple to view your home from a remote location. I just VPN into my home network and view it, but it took some effort to set that up, especially with dynamic DNS and all.
I have a pretty decent outdoor camera system, because I actually wrote some ONVIF software, and got them for testing.
I will not use an external server. The cameras are in an internal DMZ, and no ports are open. I have a Synology server, recording the video.
But the convenience (and well-written apps) for Ring and Nest cameras is hard to argue with. People don't care about this kind of thing, if they can pull up video of their dog taking a dump in the living room, while they are sitting at a bar with you.
>Sure, you would still be forced to comply with warrants/subpoenas if they think you have data, but that's basically unescapable.
Isn't there the standard work around that companies do of having scheduled deletion. As long as the deletion is scheduled and not in response to a legal request, what is gone is gone and not a crime. If you receive a warrant you might have to stop further deletion, but what they want is likely already gone.
I host my own on-site and have had my security footage requested by police 4 different times. It's never a subpoena or demanding. Just some detectives will stop by and say they want to know which direction a vehicle went. They come inside, give me a USB stick and we copy it over.
I'm sure I could tell them to kick rocks, and they would have to write up a subpoena but there's no reason to do that.
>I'm sure I could tell them to kick rocks, and they would have to write up a subpoena but there's no reason to do that
Would they have the right to subpoena you though? Over mere suspicion that they think a vehicle at some point drove a certain direction?
Sure if it was a case involving me personally I'd probably be cooperative, but I don't fancy the idea of just letting LEOs just waltz into my property to "just to take a look"
I’m not saying don’t help the police but I think it’s worth acknowledging that point of view when applied en made is how we end up with policies attempting to back door encryption etc.
I think making sure some decision basis should be applied (there was a break in, commotion, and a car speed chase which ended here is much different to ‘we just wanna see if this car drove past’)
UniFi Protect[0] is a decent on-prem solution and has all the main features of Nest/Ring. Certainly expensive though, minimal system for a doorbell cam is $199 for the camera[1] + $199 for the smallest NVR[2].
I use UniFi devices throughout my home but the cameras (G3 specifically) are buggy and frequently disconnect, and don't auto reconnect. Basically useless.
Over the year end holidays I was traveling and set one up to monitor my front yard. There was actually an incident while I was gone and I remoted in to find the camera offline, totally missed it when it should have had perfect perspective. The police asked me for video and in this case I would have shared it, but alas could not. Sucks as I have the CloudKey box for video storage, but its very undependable in my experience.
This has not been my experience with mostly G4 pro hardwired PoE cameras. I have their G4 doorbell and did have similar problems until I upgraded its transformer and pointed an access point directly at it. Been smooth sailing ever since.
Appreciate the feedback, glad to hear that I am an anomaly. The camera is on WiFi and I have a mesh network with multiple UniFi APs. Both get good signal where the camera is located. Even in the same room as the AP my max uptime is about 1 day before it disconnects.
I ended up making a dedicated 2.4GHz-only SSID for my wifi cameras, which seems to have helped. I think forcing them to 2.4GHz, at least for my house RF situation, was the thing that helped the most.
I have a smallish Protect system (UNVR, four G4 Pros, one doorbell, two G3 Instants).
The positives are that it pretty much just works. The mobile app is excellent, the web app on the UNVR is fine, and it has full spousal approval factor.
I have had very few issues with the system, primarily just the doorbell was unreliable until I upgraded the transformer and put an access point right next to it. I had an issue with the NVR right before it went out of warranty and I fixed it by replacing the internal USB drive with an SSD.
The negatives are that it's more costly than other options, Ubiquiti has had perennial stock problems over the last few years, and you're locked into their ecosystem. The NVR won't work with generic cameras and you can't run the software on your own hardware.
It's also possible that, if you have their remote access proxy set up (required for mobile app), you could be subject to the same warrant issues as with Ring.
The Access Points, PoE switch, and firewall work fine. My only dissatisfaction has been the G3 camera. As others have stated its a big investment so not moving off the ecosystem today. However when its time to upgrade everything I will certainly shop around.
Aren't most of those PoE (the doorbell being the exception - appears powered by regular doorbell power supply)? So, you have to run cables to each camera. Not an easy undertaking for most.
I use frigate and like it. But it did take me a few hours to figure out all the right config file settings for my 3 cameras and then figure out how to configure storage settings and the like. And that's not counting the fact that I already have experience with docker and Linux systems and already had a running server with docker containers launched from a docker compose file. In other words, frigate is not for the 99%.
"Is there a home solution as easy as Nest or Ring and which offers the same feature set?"
I highly doubt it, for the fact that many of the features are incompatible with the goal of privacy and convenience.
There are plenty of on-site options that offer the bulk of the benefits, like self contained NVR systems. Once you want things like texts, web access, etc then it gets tricky. Those typically aren't offered in a secure and easy way.
This is a very subjective area. As I noted you can get all kinds of NVRs with notification and cameras, others have mentioned Ubiquiti, Roku is also getting into the home automation field, and of course there are open source solutions like Home Assistant.
as easy as plug and play? not really. blueiris(windows) & securityspy(macOS) offer similar features, but it takes a bit of setup to add the cams via RTSP/ONVIF, configure storage and retention, configure monitoring schedules/alerts etc..
I agree, but still, I don't think it was appropriate for the judge to approve this warrant. Just because person X is suspected of a crime doesn't justify a search/seizure from person Y who just happens to be nearby at the time. Imagine a police officer legally searching your car just because the car next to you was suspected of a crime. It's just not reasonable. I hope the EFF or someone can help push back on this.
Analogy - if it was 1950, a robber fled on foot through a residential neighborhood, and he no longer had the wad of stolen money when the police finally got grabbed him - would it be reasonable for the police to search in the shrubbery, groundhog holes, loose dirt, sandboxes, etc. of the private property in that residential neighborhood for the stolen money?
Does your answer change if, instead of stolen money, the police are looking for the robber's weapon, or the victim's empty wallet, or some other "we have good reason to suspect that he ditched it somewhere around here" evidence?
Yes. And my answer would not change for the other case. It's also reasonable for the property owner to demand that the police get a warrant first.
I'm not arguing about whether or not these powers are OK. I'm just arguing that, in my view, both of the situations the OP mentioned are equivalent in that they're both searches of private property.
If you want a really simple and cheap local storage camera, check out Wyze[0]. By "simple" I mean actually simple for non-techies. It’s one of the very few consumer oriented options with support for local SD storage.
By default it uploads short clips of motion to “the cloud” and requires an app + wifi for setup, but you can disable clip uploading after it’s setup.
If you don’t trust it even with cloud uploading disabled, you can just deprive it of internet access once it’s setup. (Block the device on your network, etc). It’ll keep writing video to the SD card while offline. Though with the fully offline approach you'll need to physically take out the SD card to access the video instead of using their app.
There's certainly better local storage options out there. But for local storage with a single camera it’s the easiest and cheapest setup I know.
Looking at their assorted instructions I see some pre-canned methods that assume a specific OS. I can't find detailed instructions for people that already have Node, FFmpeg and MariaDB installed. Is that on a forum?
How have you found Shinobi versus Zoneminder? I've been using ZoneMinder for years. It's a bit clunky but once it's set up it works fairly well, but I'd be open to switching to something better.
I am using Frigate. Simple, open source project. It streams the cameras and can do object and motion detection and only record for specific events (like motion). It allows me to set how long to keep the recordings. For any additional functionality, I have it integrated with my home assistant.
Reolink cameras are pretty affordable, can be accessed with ONVIF, and you can just put them on a VLAN/Firewall that has no internet access if you're afraid that it's phoning home.
I have a Synology NAS and their free security camera software is pretty easy to set-up and use with ONVIF cameras.
The allure of convenience makes a lot of people blind to what's going on outside their small bubble of awareness. I see it a lot in the boomers around me.
I disagree. How your life proceeds for the first 5-10 years of your life has a strong influence on your general outlook on life. Obviously it is not a 1:1 correlation, but it is by now a widely accepted trusim that children born into famine come out with much different perspectives on life than those born into surplus.
The strong economic growth during the postwar period created a culture with a truly utopian outlook on how technology is applied to improving lives. There was not the recognition there is today that it is possible (indeed, common) to consume resources at an unsustainable, destructive, rate, nor to comprehend the magnitudes and qualities of the effects that our consumption and pollution could have on the quality of life of future generations.
Peopple born in the last 40 years have weathered the effects of Reaganomics on the economies of the world. People born in the past 10-20 years have felt the ramifications of a massive recession during the early years of their lives. All the above-mentioned people are by now old enough to know who is to blame for those massive failures. This has apparently engendered a more cynical, or at least skeptical, perspective on how the future might proceed based on our current trajectory, compared to the more techno-utopian visions of the mainstream boomer mindset.
And yet, people younger than the boomer set trade convenience for privacy and such all the time. Just look at social media use alone.
From what I can see, all generations are equally likely to trade some amount of personal freedom for convenience. The exact things they're willing to trade may or may not be different, but the principle seems a constant.
No one here said younger generations are capable of similar. What is being said here is the over-arching early-life experience of those born in the Baby Boomer generation differs from that of later generations on the basis of economics and the resulting socioeconomic hopes and fears of the milieu, and that this difference colors the ways people of different generations interpret themselves and the systems they inhabit.
Citing exceptions has little to do with the conversation at hand, for the obvious reason that different people grow up in different socioeconomic situations even within the same generation. Nonetheless, a clear pattern emerges in attitudes towards this or that "personal freedom" on the basis of what a person can imagine can be done with those freedoms. These are obviously culturally-based attitudes, and obviously cultures differ between generations.
I'm not necessarily finding what you're saying controversial on its face. I think my mistake is in trying to relate it to what I was saying in the first place. I think we're having two entirely different conversations here.
It seems worth calling out that if Larkin had "owned" the footage in the sense the article means, perhaps by recording it onto magnetic tape like a convenience store, he'd still be required to furnish it to the police. Deliberately destroying that tape, even in advance of the receipt of a warrant, can be actionable depending on your state's tampering and obstruction statutes.
So my take would be that it's not so much the "cloud" part of this problem as it is the "it's now convenient to have lots more cameras" part of it.
In this scenario, there would be no need to provide video from cameras inside the house.
One big issue I have here is that Amazon provided video from cameras inside the home that could not possibly have what the police are after. Not only is this a privacy violation, the police are going to waste time looking at useless video. Seems to me that dumping huge amounts of data on police is an issue of cost to the community.
I think an important difference is if he “owned” and solelt possessed the data, the warrant would be his to fight (or not comply with) in court.
When someone else possesses your data (not even sure ownership matters) they may just share it and if you’re lucky you get an FYI in the mail. You’re not even necessarily a party to the request and you’re banking on a company rep to fight for you.
IANAL but you’d hope fighting the warrant yourself on the interior cameras would be easy but definitely not necessarily the case.
> I think an important difference is if he “owned” and solelt possessed the data, the warrant would be his to fight (or not comply with) in court.
My understanding from the article is that he was, in fact, given 7 days to contest the warrant, and elected not do so because he didn't want to spend money on a lawyer. Which sounds pretty similar to the options he'd have if he had sole possession of the data and the warrant was served directly to him, though of course IANAL.
That was true in this case but unclear if it always is so. Also if you’re not providing the data and are essentially a bystander there’s no guarantee the process works as expected.
I wonder how it works (technically) for things like Amazon's Blink cameras that advertise local storage. They're absolutely trash because the local storage mode is (deceptively) crippled, but as far as I can tell they actually store the video locally.
Is Amazon allowed to reach into your network and take the video they want?
That's the difference between the government compelling speech (1st Amendment) and serving warrants with due process (5th/14th Amendment).
IANAL, so not sure on recent case law, but last I knew (~2010 Apple encryption case?) the government couldn't compel a private company to change their existing architecture to expose data in unencrypted and/or physically/legally-accessible fashion.
If they already have data security implementation gaps or a tap-susceptible architecture, then it's a different matter. The government serves them a warrant, and they have to comply.
But if Amazon being compelled to reach into a network and retrieve video stored locally is a threat model, that should be mitigated by a tight firewall and non-updating devices...
Half of the IoT privacy gaps are because people don't run network security barriers anymore, and then are shocked when companies abuse them.
>Deliberately destroying that tape, even in advance of the receipt of a warrant, can be actionable depending on your state's tampering and obstruction statutes.
Wouldn't they be required to prove that it was deliberate though? Rather than an unfortunate accident with a hammer?
This is classic nerd thinking they're so clever stuff - judges see right through that.
If you've never destroyed a tape before but suddenly start doing it after an incident it won't go well for you. Even if you do get off it'll be a painful process.
The only way to do this safely is good old records management - routinely and boringly destroy records on a regular cadence. Preferably automatically. If you become aware it may be subject to a police investigation then take action to preserve it.
If you don't want to do any of this the best option is to just not keep the record at all - don't make a recording.
It's frustrating how often tech folks think there's "one neat trick, JUDGES HATE HIM!" to avoid the law. There isn't. The law and how it's practiced is generally (though of course not perfectly) robust to technicalities.
You aren't the first to think that you can "accidentally" do a thing, snicker about it, and get away with it. It's literally the first thing anyone thinks of, and laws have had thousands of years to get wise to this ancient trick.
"I don't recall where it is", "I must have forgotten to put a USB stick in it", etc.
If you can make a plausible lie, stick with it, then there isn't much they can do. There absolutely are one neat tricks, and authorities conveniently lose evidence or claim recording devices were malfunctioning regularly. The ruling class can destroy evidence that's under subpoena and claim it wasn't intentional or that they contained no evidence of wrongdoing anyway.
Whatever story you decide to tell, people whose entire job it is to punch holes in stories are going to look for facts that contradict it. You probably will get away with it! But it's not going to be pleasant, and your legal fees aren't going to be cheap.
If you don't want to furnish evidence in criminal cases, minimize the number of cameras you set up.
I'm not advocating anybody commit a crime, but since everybody is equal under the law and the police and ruling class are permitted to get away with conveniently losing evidence, "I don't recall", etc., then it is not morally wrong to avail oneself of the same strategies, nor is it wrong in the spirit of the law, although ruling class judges and prosecutors would naturally think otherwise.
I'm not morally offended, I'm just worried you're going to cost yourself $10,000 extricating yourself from the shitstorm the prosecutor is going to stir up when they conclude you're being evasive. I've had the pleasure of irritating prosecutors before.
If you don't want them to see it, there isn't much they can do to get beyond "I don't recall" or ever prove that you did in fact recall when you said that.
It absolutely will infuriate them though, and many of these people are petty fragile egomaniacs who will absolutely try to retaliate against any real or perceived slight. Even if they don't have anything else on you they could choose to use the process and the resources of the state to punish you. You have to expect that. They won't get the evidence or destruction of evidence though.
In the hypothetical we're discussing here, they're not maniacs at all. They're actually right. You're just confident that they can't prove that they're right. I agree with you, but again warn that the process of establishing that they can't prove it is going to be more painful for you than for them.
Our system of law is derived from English common law, and in that system, the public is entitled to everybody's evidence. That's part of our social contract. Again: I'm not moralizing, but I will point out that you can't coherently accuse a prosecutor of abusing you when you've gone out of your way to break that contract.
In the hypothetical we're discussing, they can't get past "I don't recall" and if they spend thousands of dollars of public money hounding and bullying you for that then they certainly are maniacs.
> Our system of law is derived from English common law, and in that system, the public is entitled to everybody's evidence. That's part of our social contract. Again: I'm not moralizing, but I will point out that you can't coherently accuse a prosecutor of abusing you when you've gone out of your way to break that contract.
I certainly can do so because to them, the situation is indistinguishable from somebody who truly does not recall.
"I don't recall" is never where these things end. It's not a magical phrase to make people go away.
Follow up questioning that is quite reasonable in my opinion would be along the lines of "What efforts have you made to find where you stored the recording?" "What is your usual practice with these recordings?" and that's where you trip yourself up and reveal the lie.
Others might be questioned and say that you're fastidious about keeping track of your data, further underscoring that you're keeping something from them.
I don't think this 'maniacal' in the slightest but that is a characteristic you perceive in the process. Remember only one person is being evasive here - you.
> "I don't recall" is never where these things end. It's not a magical phrase to make people go away.
It makes the question go away though. And you can use it as many times as you like. That's the beauty of it. Take notes from the ruling class who use this to its fullest advantage.
> Follow up questioning that is quite reasonable in my opinion would be along the lines of "What efforts have you made to find where you stored the recording?"
"Rummaged around looking for it."
> "What is your usual practice with these recordings?"
"Put them with the others and try not to lose them."
> and that's where you trip yourself up and reveal the lie.
I mean if you are singularly dimwitted yes but you've got bigger problems if that's the case.
> I don't think this 'maniacal' in the slightest but that is a characteristic you perceive in the process. Remember only one person is being evasive here - you.
Well you're changing your tune now aren't you? Before you said they were justified because I was lying. But they didn't know that, and therefore they would also believe themselves justified to bully people who are not lying and abuse the power and money of the state to attack people.
> It makes the question go away though. And you can use it as many times as you like. That's the beauty of it. Take notes from the ruling class who use this to its fullest advantage.
The 'ruling class' have something you don't - money and connections.
> I mean if you are singularly dimwitted yes but you've got bigger problems if that's the case.
Honestly this is classic nerdery thinking they're smarter than everyone else when dealing with systems they're not familiar with. That's the worst kind of stupidity. Hubris comes before the fall.
> Well you're changing your tune now aren't you? Before you said they were justified because I was lying.
No I didn't. You're confusing me for someone else. That kind of lack of attention to detail will catch you out if you need to lie to the courts :)
> The 'ruling class' have something you don't - money and connections.
They still get hauled before courts and don't just get off scott free. They get off because they use the right tools. You and I can use some of those tools too. Not all of them, but some of them.
> Honestly this is classic nerdery thinking they're smarter than everyone else when dealing with systems they're not familiar with. That's the worst kind of stupidity. Hubris comes before the fall.
It doesn't matter if you're honest or not, this simply is not something that helps to justify your position. It's just not an argument.
> No I didn't. You're confusing me for someone else.
Ah that's true.
> That kind of lack of attention to detail will catch you out if you need to lie to the courts :)
No it's not, but if you are the type of person to put the same attention to detail in to a court case as you put into posting on anonymous internet forums then I can see why you think it would be.
> "I don't recall where it is", "I must have forgotten to put a USB stick in it", etc. If you can make a plausible lie, stick with it, then there isn't much they can do. There absolutely are one neat tricks"
And where we're at now:
> They still get hauled before courts and don't just get off scott free. They get off because they use the right tools. You and I can use some of those tools too. Not all of them, but some of them.
> No it's not, but if you are the type of person to put the same attention to detail in to a court case as you put into posting on anonymous internet forums then I can see why you think it would be.
I don't think we're disagreeing at this point. You've basically admitted there aren't 'neat tricks' and you'll have to go through a painful experience with the courts which is what everyone has been saying all along. Fighting legal battles isn't a neat trick.
No, let's go right back to the start. A person had their footage subpoenaed because of an investigation into a neighbor, and because it was on the cloud they had no knowledge or option to do anything until they found out it was already handed over.
A comment said that if it was not stored on the cloud, he would still be required to hand it over. You then said it would become some huge problem and no easy way to get out of.
The reality is actually if the police somehow did find out you had non-internet video cameras and served you with a subpoena before you realized what they wanted and had time to take prior action, you could dispose of the recordings and respond that you don't have anything. If they wanted to haul you before a court, "I don't recall where the sd card is", "I don't recall when I last recorded something", etc is going to be the end of it. So there absolutely are neat tricks. There's no word twisting and elaborate confabulation of lies to get caught out with, it's not like an episode of law and order. You just say that you don't recall.
If it was you under investigation and particularly if it was a very serious crime then sure they're going to try harder, that wasn't the situation we were discussing though (and in that case depending on what's on the tapes it's still not necessarily the case you'd be better off to be honest).
This type of thinking isn't new or limited to only tech folks. Almost everyday in family court there are parents who think they can just "kidnap" their children away during a custody divorce and ignore the family law judge. Most of the time, it doesn't end well.
Why would the judge have any access to your records, or even think you have records?
What I store on my drives is my business. If I choose to delete data I don't want (prior to being asked by police to retain it), that's my business. I certainly won't be providing anyone records on when I create and delete files.
Third Party Doctrine says that once you give your data to someone else, you lose most of your rights to privacy, control, etc. It's why law enforcement doesn't NEED a warrant to go after so many things like cell phone records, bank account info, and so much more. The fact that so many companies want a warrant is usually a courtesy, not a requirement.
Check out the book "Habeas Data" for the (US) legal reasoning on it.
And to be clear, I think Third Party Doctrine should be wiped out and I should be able to say "you can't use, sell, share, etc my data without EXPLICIT PRIOR permission from me."
I wish the 2nd amendment movement had a sister group with the same vigor for the 4th amendment. What you proposed is the sensible legislation that we need to ensure our longevity as a “free society”
One could almost say that aggressive opposition to this exposes a true tyrant.
Interestingly enough that group does tends to advocate for 4th amendment protections, at least within limited scope. Although those same concepts and case law could be applied to other areas. So it's possible to piggyback off of it.
Some examples are red flag laws which use the civil system to avoid the protections of the criminal system for the government to seize property (beyond a reasonable doubt, right to representation, ex parte protections, etc). Police stopping, questioning, and sometimes seizing guns (property) without any crime being committed and with some of those guns (property) being destroyed. There is of course pushback on things related to data reporting such as registries (Ring is essentially a registry that allowed police to contact the individual in this article), new credit card merchant codes, and data abuses of carry permit information (disclosing names and addresses of gun owner which is basically a map for thieves).
I've never seen this, but I'll admit some ignorance. Have there been 2A-themed protests following 4A violations (as in, civil asset forfeitures of money, say), similar to those we see when the 2A is challenged in some way? Google searches show only passing references to the fourth amendment on the NRA site. It looks like most arguments against red flag laws rely on the 2A instead.
2A zealots tend to be very protective of their property being unlawfully searched or seized. The whole Sovereign Citizen movement is emblematic of the extremes in this regard, but it's absolutely true overall.
As someone else said, though, the 4A doesn't really give companies and people much to sell to one another in that section of society. They would seriously benefit from password safety products, better choice of hardware, and full-disk encryption, but this group doesn't tend to have a lot of electronics technical chops.
I say this as someone who recreationally shoots long arms and works in a tech/science field. The Venn diagram hardly overlaps. Which is a shame for both sides, I think.
Yeah, like I said, it's usually within the limited scope of 2A issues, but could be expanded to other areas. The red flag laws are something that hasn't been addressed. The thing about that is you can effectively circumvent the 4th amendment by going through the civil court since the protections are so much more limited. That's why TX wanted that civil abortion law and CA wanted to copy it for guns. No reason that can't be expanded to immediately sieze other property without a crime unless the protections are expanded. There are some limits to it's application to civil assest forfeiture since most firearms generally have a paper trail to prove ownership.
One of the big problems is that many of the coverage of the cases focuses on 2A and the 4A part gets hidden. Of course that makes for a bigger headline for the involved groups. Or they can be in specific industries that a normal person doesn't care about (FFL blanket record copies).
> One of the big problems is that many of the coverage of the cases focuses on 2A and the 4A part gets hidden.
The cynic in me thinks that the 2A gets more press because it's easy to find commercial and foreign government support for their organizations. 4A proponents don't have much if anything to sell.
There's a financial component to the 2A (and 1A) that doesn't really exist for the 4A. So the 4A will never have the same level of financial support as the other two.
Is that always going to be true though. As data becomes more valuable, being able to search&seize that data from anywhere anytime sure seems suspect to me.
Don't they also have incentive to protect the 4th as well so that when "they" come to take those arms that they keep shouting "they" are doing, that a strong 4th would prevent them from search&seizing?
I think their view tends to be that the 2nd amendment alone prevents that. I rarely hear them talk about the 4th. However, I am 100% certain that if they stop viewing the 2nd as being so protective, they would become very vocal about the 4th instead.
I had the impression that the kind of people that go for 2nd also go for 1st, 4th and all rights in general, but because I am living on a different continent my impression may be wrong.
My experience is that the 2nd amendment people are really laser-focused on the second amendment and don't care so much about the other ones. The only time I've heard them express an interest in the other amendments is when they intersect with the second.
This is not as true as it used to be, at least in certain states.
Under CCPA/CPRA in California, you can request that personal information is removed. There are half a dozen other laws around the US that allow for similar requests in different forms.
Enforcement is still hit or miss. Lobbyists are starting to fight back against the most effective laws, for example:
>Under CCPA/CPRA in California, you can request that personal information is removed. There are half a dozen other laws around the US that allow for similar requests in different forms.
CCPA/CPRA is a minor start, IMHO.
Telecoms need to collect and store usage information (including call detail) to perform billing functions.
As with most such laws, there are loopholes big enough to drive a column of tanks through.
And many other corporations collect and store data both for billing and because they can [mine|analyse|sell] such data.
Just being able to request removal of "data" isn't nearly enough.
Unless there are unambiguous opt-in data collection/retention policies, with clear, concise language about how such data could be used.
What's more, such policies should apply to any and all third parties providing services to corporations with such data.
Further, as another comment[0] in this discussion pointed out, the Third-Party Doctrine should be gutted and a requirement that all government agencies collect data for law enforcement purposes through the issuance of warrants by judges that specify the "probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."[1]
This is (unfortunately) a wide-ranging issue, with a growing number of industries (autos, electronics, "cloud" services, etc., etc., etc.) collecting, storing, using and selling all sorts of PII.
From a privacy perspective, this is a nightmare, the CCPA notwithstanding -- even in California.
That's a real understatement. When I see how much effort is being put into neutering even the minor protections that has, I wonder how we'll ever get anything like reasonable protection.
If you're interested in advancing more effective privacy legislation (or just curious in general about what's going on out there), drop me an email and I can loop you into some interesting (and real-world-productive, not academic or theoretical) discussions with folks at the forefront of the effort.
I don't view the move to opt-in as a meaningful one because it's trivial to content-lock certain features to the point where the vast majority of users will opt-in even if they don't understand what is going on. At that point, the company collecting the data is in an even stronger position.
The solution is to allow the user to easily and in real-time access and control (port, delete) all of their data or data about them that a company holds.
>The solution is to allow the user to easily and in real-time access and control (port, delete) all of their data or data about them that a company holds.
You won't get an argument about that from me.
But I'd say that not collecting such information in the first place (which will require reversing a variety of perverse incentives) is the best solution.
As a rule, if law enforcement has a warrant then it's going to be difficult to prevent them from gaining access. You can self-host and encrypt but that's difficult for mainstream users to do, and even for experts, it limits the tools you have access to. You can also be prosecuted for refusal to decrypt a device since SCOTUS hasn't yet ruled on the scope of the 5th amendment's protections with respect to encrypted personal devices.
I think the best solution is to set content to auto-delete (unless flagged) after some period of time. You can't turn over what you don't have.
"I think the best solution is to set content to auto-delete (unless flagged) after some period of time."
This is basically a necessity in on-site systems to free up space for additonal recordings anyways. Run a few cameras at decent resolution even at a fairly low framerate and you're looking at a couple TB per month.
Most systems (I think -- at least the ones I've seen) let you set it up so video is only recorded when the camera sees movement. Depending on what's in the field of view, that seriously cuts down on the memory requirement. Even inexpensive commercial systems will also allow you to specify areas in the field of view to ignore motion in, so that swaying trees and the like won't constantly trigger recording.
I have three cameras recording at a decent resolution and framerate, and together, about two weeks of video takes up less than 32Gb, because most of the time nothing is moving in the fields of view.
True, depending on the circumstances that works. It doesn't work great from some angles or other environmental factors. It works great for a door bell shot though.
> You can self-host and encrypt but that's difficult for mainstream users to do
It's really not. You can buy off-the-shelf systems from Amazon right now for around $500 that your grandmother could set up and have running without difficulty.
The real problem is the perception that this is a difficult thing for non-techy people to do.
> Third Party Doctrine says that once you give your data to someone else, you lose most of your rights to privacy, control, etc.
This is what I wish more people could understand about "the cloud".
The moment your private data is sent to a third party, it's game over in terms of having any privacy control on that data (unless it's encrypted with keys only you control and only you can ever access, but that's rare, intentionally).
So many people will argue "Oh but I trust company Foo" without realizing that is completely irrelevant. Company Foo might be trustworty, today. But management can change in the blink of an eye and they now still have your data. Or most importantly, regardless of how honorable management is, they can receive government orders (up to including NSLs) which force them to leak the data no matter what.
If they did, they could set it up like AWS where you hit a button to spin up a pre-configured image that is considered yours. They don't want to do it this way because they want your data.
Also whether they need a warrant or not seems to be moot since it seems the judges are more than willing to sign them. We would also have to address the lax views on "probable cause" that seem to be rampant with warrant approval.
If the police get a warrant to search my home, they can see what I HAVE in my physical possession at that moment not what I DID have, have DONE, or SAID.
With video (or audio) data, someone could review every action, conversation, item, or facial expression my family has had within sight (or hearing) of the camera.
When someone can construct a complete record of everything that happened, it gets ripe for abuse.
I would have to ask why you have cameras recording inside the home when you're actively at home like this? Shouldn't the cameras only on when at night typical when you would arm the alarm type of situation?
I've been thinking that the US might be going about the whole Tik Tok thing in a nonconstructive way. If, instead, the federal government locked down what could be done with user data in a way that made Tik Tok not a threat, then we wouldn't have to say "these are fine, but that one's too spooky for us."
But then, the federal government would have to acknowledge that Tik Tok is just a different nation state doing what American companies are doing...
> Third Party Doctrine says that once you give your data to someone else, you lose most of your rights to privacy, control, etc.
It's useful to think of this not as you losing your rights, but you transferring your rights to that third party. The end result is the same, but that emphasizes that someone else has gained what you lost.
If you're willing to put an afternoon's work into it, you can easily and inexpensively build a home surveillance system with ZoneMinder that stores all data securely and safely on-prem. The cops can still take it, but it requires a few warrants to do so.
But it's also important to only record what you absolutely must. I think putting CCTV cameras inside your house is insane, and putting up cameras in any "private" outdoor area should likewise be avoided. Once the data exists, somebody will want it eventually.
> I think putting CCTV cameras inside your house is insane
I'm very sympathetic to this. However, I have cameras inside my house. The reason is that there's no way to cover the outside of my house in an effective manner without also recording what's happening on the sidewalk or in my neighbor's yards.
But the cameras are hardwired and no video leaves my premises, so that becomes an acceptable risk for me. The video isn't kept for all that long, so even if someone has a warrant, they can't get a long history of video.
And it proved useful in my break-in, because I could see exactly what the burglar took.
Do you have any recommendations what cameras to use? Rather simple set of requirements, but I really struggle to find anything suitable: compatible with zoneminder/motioneye, poe, no cloud nonsense, outdoor weatherproof, preferably non-chinese, reasonably priced. Don't need NVR. Was eyeing hikvision, but there seems to be mixed feelings about them.
I also have only HSV cameras or Ubiquiti ones for this reason. Everything I care about is stored on-site or in the cloud with end-to-end encryption, no privacy or surveillance state enablement concerns.
Used to use HKSV, but I’m running a Unifi Protect setup these days. Everything records locally to my NVR with a 30 day retention policy. No cloud. Honestly it’s been more reliable too. Downside is I spend a decent amount of time running Ethernet lines.
UI’s stuff works so well with the Apple ecosystem (mainly thinking ATV and iOS apps) that I haven’t even bothered to bridge the setup into HomeKit yet.
I'm using it with an Amcrest AD410. I have an SD card in the AD410 to record 24/7, then anything with detected motion is also recorded by Scrypted to my NAS as well as uploaded via HKSV to Apple.
HKSV is pretty aggressive about what it's willing to keep, so I can go back to my NAS if HKSV trimmed a clip too aggressively, and if even motion wasn't detected, I've always got the SD card I can go to.
Yeah, I don't think most people object to Ring video potentially being used by LE (I'm sure there are some though). I think the biggest complaint is the complete lack of due process and even the lack of notifying anyone when their footage is used.
No. The article is about a failure of that exact system. Judges just sign search warrants for just about anything; the only thing they check for generally is that it's not involving the search of hundreds of people. Invading the privacy of 1-10 innocents is just a rubber stamp.
Yes, but obtaining footage directly from 10 different people is ten times more work than obtaining the same footage from a single source. That additional work increases friction and decreases (but certainly doesn't eliminate) the level of abuse that will happen.
As long as it's within the retention period of the video data. It's nuts for Ring to store the data for 180 days. If I had exterior cameras, I'd store the data for maybe a week?! However long I'd need to backup important snippets in case something happens, like a theft.
> If I had exterior cameras, I'd store the data for maybe a week?
Annecdata - but people I know who have cctv around their home store for as long as possible, limited only by the storage size availiable - every motion from a car / person / tree blowing through the trees - years of recordings.
People are selecting 180 days on Ring as the retention period (if they could select longer they probably would), the default is 60 days.
I'd assume that the dominant use case for both is "self-medication of anxiety and other personality issues". Though I'm sure there are seasonal vacation homes, abuse victims with restraining orders against ex's, zealous ornithologists hoping to catch a glimpse of some extremely rare species of bird, and more.
People may go in vacation for 2-4 weeks and not even realize something happened until they return.
Or without even going on vacation I had an expensive DLSR camera stolen and didn’t realize it for 2 months when I went to take it out of its case. Assuming I had a security camera in that room 180 days would have been useful.
Amazon does a lot of business with the government. They have very little to gain over fighting about handing over video footage like this, and a lot to lose.
Just to be able to [store it in a location that's internet accessible, but that is also wholly owned and controlled by the user, rather than a separate entity]
Ring doorbells providing this information to law enforcement quickly and easily is working as intended and is part of the reason it exists at all. Amazon has even used police to sell the doorbells arguing it provides better security [1].
It is great that the people who had their video data provided to law enforcement were notified after the fact in this situation. I wonder how many people never find out due to national security letters not allowing it.
> I wonder how many people never find out due to national security letters not allowing it.
There's an annoying thought. Amazon could be providing a live feed of every ring device directly to an aggregated intelligence data center, while being legally prevented from revealing that fact by a national security letter. Seems inevitable, and anybody buying a ring device should assume it as likely.
Imagine the boon of having indexed facial, gait and voice recognition feeds recorded and stored for eternity covering a significant portion of residential and business locations.
Presumably this evidence will eventually come to light through court proceedings. I'm not talking like one huge case, but through thousands of inconsequential small cases where an effort is not made to hide the data origin.
> Presumably this evidence will eventually come to light through court proceedings.
Probably not. Great effort is made to hide the use if NSLs. Instead, they engage in "parallel construction" -- reverse engineering a different way of getting the evidence they've collected, so they can use the evidence in court without revealing the NSL.
I've been using UniFi cameras for a couple of years now, writing to a local SSD (~ 40 days of storage), stored in a UDMPro.
The initial outlay is a bit more expensive but the setup is rock solid, provides tons of network analytics, has smart lights paired next to the cameras, and continues to work even when my ISP has issues. I've _voluntarily_ given footage to the police a couple of times but it feels much better when the entire system is within my control, sitting in my office.
I'm curious. Do you currently have Unifi remote access [1] enabled, or is any remote access done through a VPN that you control? I suspect that if a law enforcement agency were sufficiently determined, they could convince Ubiquiti to give them access to your system if you had remote access turned on. Whether this is realistic depends on your threat model.
With a security-minded setup, Ubiquiti would not be able to grant remote access. Whether they actually have a security-minded setup or not is the question. As a user of their stuff, I have remote access disabled. I can access everything I need through Home Assistant, which is completely controlled by me.
You can get by much cheaper as well - e.g. occasionally I use TP-Link Tapo cameras which record to internal SD card and can also stream to Synology NAS Surveillance Station software (all local).
I'm a bit miffed that the app is trying to sell cloud storage, but for now a full cheap local setup is still possible.
(For a serious setup I'd of course opt for something more serious).
Great to know, as a fellow UDM owner I was ironically working on making the switch from a NetGear camera setup a week ago because of their awful option sets and related interface, their increasing cloud pricing, and finally and most importantly what happened in the OP.
Couldn't the police in theory get a warrant for the footage on your SSDs? The problem with Ring is that they give data to police without warrants, but in this case the problem seems to be the over-invasion of privacy of the warrant system.
If the police aren't going into your home to seize your hard drive, it might be a subpoena, rather than a warrant. The advantage here is that you can fight it. For the subject of this story, he likely could have fought to only turn over footage of the outside of his home -- not the footage from inside his home and store.
Note that as soon as the police inform you they are seeking data you have to ensure you preserve it. That may mean you have to buy additional storage while you fight it. If the police lose the case but can prove that the data expired before they lost they can then get you for deleting the data!
Not just the police. It can be for any law suit. I had to help someone that was in a legal battle with a construction company, and they had cameras showing the hours the work was being done including while the site was red tagged. I had to download the footage to external drives while they were away on vacation to ensure the copies were preserved before the system rolled over the older data. Once the lawyers knew the cameras existed, they issued the order and it became a nightmare ever since. I'm sure the expense of all of those drives was a rounding error in the overall cost of the case, but it's just another one of those things that stuck with me on the vindictiveness of an opposing counsel and the games they are allowed to play.
IANAL but the short answer is yes. Slightly longest answer is probably, but they'd have to convince a judge that this camera has something worthwhile compared to any other cameras on that street. Somewhat paradoxically the more of your neighbors have things like Ring the "safer" you are from something like this.
To be clear, you’re safer from being the one to give up footage, but you’re not “safer”. You have a street filled with cameras, and implicitly with this argument, it’s easy for the police to gain access to some of the cameras. So all you gain is not being the directly invaded privacy wise, but you’ll already have lost since being filmed all the time anyways.
IANAL, but it seems that would require the equivalent of a warrant to search your house. (among other things, they would need to actually get physical possession of your SSDs for the key to be useful, so they'd need a warrant for an actual physical search)
If judges in your area are giving those out like candy then you've got a problem, whether you have security cameras or not.
This kind of outcome is precisely why I removed all cameras and other smart capabilities from my home on the day I moved in.
I've never once seen someone in my friend & family circle achieve some positive outcome in their own household by having more surveillance around it. The only thing I observe is increased anxiety when squirrels or FedEx trigger push notifications to phones.
You were missing the AI squirrel counter. If you had this, you could have a dashboard showing the number of squirrels visiting you each day and the time of their visit. Instead of being anxious, you could be a squirrel expert and you long conversation on squirrel behavior with your neighbors. Instead of getting a notification for each squirrel, you could instead set goals of how many squirrels you want to visit you and get notifications when you reach those goals. Then you'd have a fun game. How to get 10 or more squirrels to visit each day? Maybe put some nuts outside? Endless possibilities.
I recently had my place broken into and was the first thing I did was to hand the cops a memory stick with the relevant footage from my cameras on it.
My system isn't managed by any companies, so nobody can be all sneaky about getting footage. But I could still provide that footage to the cops when needed. It's the best of both worlds.
I should note that I have no cameras that can see any public space. They only record my private areas. I have too much respect for my neighbors to invade their privacy.
Replying to myself because it's too late to edit my post.
I thought this was worth mentioning -- the burglar beelined for the closet in one of the bedrooms. I mentioned to the cop that I found that strange, as if he was looking for something specific.
The cop said it's not strange at all, that burglars usually do that because people tend to keep their really valuable stuff in their bedrooms. The lesson I took from that is don't keep your really valuable stuff in your bedroom.
I ask because I got 4K video of a burglar's face and showed it to the cops, and they were like "what do you want us to do with this," and it made me question the entire value of security footage.
I was actually very surprised that the police seem to be actively investigating this. I expected they'd just take my report and file it away.
I think that the reason why they are taking this more seriously, particularly considering my monetary loss was relatively low, is because of the way the break in happened.
It was very violent. The burglar had tried breaking my door open with a crowbar (or similar tool), a power tool that the police think was a saws-all, and when those methods failed, just resorted to kicking the door repeatedly until the doorframe itself broke. I have no idea why he didn't just break a window instead of going to all that effort.
I believe the police interest is not really because of the theft, but because of the method of entry. It was more like a home invasion you see in the movies.
But that's all speculation. The cops tell me nothing, other than this was obviously not a random burglary. I was targeted specifically.
The burglar was covered head to toe, so the video doesn't provide for readily identifying him. But there were other things that the camera incidentally picked up that points a finger to a particular neighbor.
So, for me, the video did something very important: it clearly told me that however this all shakes out, it's too risky to stay where I am and I need to move. That knowledge alone was worth the surveillance system.
> This kind of outcome is precisely why I removed all cameras and other smart capabilities from my home on the day I moved in.
I have a cat. Someone needs to take care of it when I travel. A smart camera and smart lock let me know if someone came to my house to give the cat food. Before that, twice, my cat went 24-48 hours without food because the designated caregiver dropped the ball.
> This kind of outcome is precisely why I removed all cameras and other smart capabilities from my home on the day I moved in.
Why? Obviously that's your choice, but there's nothing inherently evil about a "smart home". The main issue is that some devices require a cloud connection, but I'm getting rid of those.
I installed cameras after someone got inside our fenced in backyard and stole a bike. It would have been great to have some evidence or even a notification that something had happened – this was at the height of COVID so we were not even going out, took me a week to notice the missing bike. Cameras are configured to only turn on in a schedule - so late at night and early morning; I can also manually turn on if we are out for an extended period. I don't do 24/7 monitoring precisely because of the useless notifications.
> there's nothing inherently evil about a "smart home"
Not so sure. If a house is designed to have as much surveillance capability and access points to gain as much info on you as possible - like if Facebook were to design a house to collect user info on the inhabitants - that would absolutely be “evil” in many peoples eyes.
The real question is do all these “smart” devices actually improve people’s well being? Or is it all marketing magic bullshit with negligible end- user benefits at the expense of more privacy invasions?
I don’t want my house cooperating with big brother, and that’s what many smart devices seem more than willing to do.
Nobody seems to be asking whether/why you need cameras in the first place. The last thing I want is surveillance cameras in my living space, and the fact that other people have street facing cameras casting suspicion on people lawfully using public spaces really unnerves me.
These companies are encouraging fear and paranoia to sell their products, and there is no guarantee using said products will deter criminals, or ensure that they are caught and punished even if you have clear video evidence.
This whole camera craze is built on a bunch of hot air. Ditch the cameras and stop living in fear.
The reason I run one is because of other people that have access to my living area, as in the landlord, maintenance guy, property management company etc. They seem to think that possession of a key entitles them to whatever they want.
At multiple locations and every area of the price spectrum, from indies to bigcorps, I have had my rights and privacy violated. So I keep a camera so I can know about it.
At 2 locations now I have used footage to break my lease early with zero penalty. Never got actual charges pressed against anyone but just with that it has paid for itself multiple times over.
That works! The other thing nobody talks about is how cameras can be used for blackmail or for leverage. It could be a matter of catching someone doing something out of line, or more sinister, extorting money from a cheating neighbor. These are some of the reasons I find ubiquitous camera surveillance so insidious. There is infinite potential for petty abuse and chicanery. In a residential setting, they give busybodies and petty rule enforcers a very powerful weapon.
I'm pretty sure doing that to people is illegal or at least bad faith. In both my cases I never made threats but simply brought it to court. This also has the benefit of making the offending party pay a lot of legal fees.
> This whole camera craze is built on a bunch of hot air. Ditch the cameras and stop living in fear.
Living in the inner city where property crime is rampant might make you change your mind. A dashcam was the star of a legal case I was in, and our outdoor cameras have caught multiple yard prowlers. Police don't do anything about it, of course, but at least I can notify my neighbors with actual evidence.
Dash cams are a totally different case as auto insurance companies can take action on the footage.
but saying it’s worth having cameras just so your neighbors believe you isn’t really justifying them. If anything, you further proved how pointless and ineffectual they are. I’d rather save that money.
It might sound a little 'out there', but I can recommend keeping a couple of geese (if you have space in the city). They go absolutely nuts and honk like a car alarm if strangers come around.
That would be far from the most ridiculous thing that happens in my neighborhood of Seattle. Although I am not sure that geese can be "kept" from my experiences with them both out here and in the Midwest...
> Nobody seems to be asking whether/why you need cameras in the first place.
Oh, come on. Go install a Nest or Ring for a week and see how much you come to rely on it. "Do I need to answer the door or is it just girl scouts selling cookies?" "Do I have time for coffee or should I head home to grab the package?" You can chat with the folks at the door! You can say thank you to the Grubhub driver as they drop the meal. You can see what the neighbor's cats are doing on your doorstep in the middle of the night. You can point one into your backyard trivially and see if it's the rabbits eating your leeks.
I mean, no, you don't "need" this, just like you don't need a dishwasher. But don't pretend it's just about paranoia, it's a fun tool for the modern era.
(Conversely, the folks here arguing about the terrible abuses possible with third party access to this data about girl scouts and cats are the ones who seem maybe a little paranoid.)
I wonder if this is one of those signs that I’m getting old. I can understand the benefits of all this smart home tech, but I just want any of it or feel like it would improve my life?
I’d probably like finer control over my air con so that it automates to on when the solar is producing enough electricity to cover it, but otherwise I just don’t really get it.
I'm in my 50's, FWIW. For me the defining characteristics of whether I embrace tech is whether it helps me do things I'm already doing or whether it represents a new activity I'm supposed to engage in. Resistance to the latter is, indeed, getting stiffer and stiffer as I age. I don't TikTok, I don't Instagram, I mostly just don't understand the culture. Alexa never did it for me as I'm almost never far from a keyboard. Obviously I'm way out of the market demo for Bumble. Those aren't my thing and probably never will be.
But I still have a front door to interact with the rest of society, and automating (even partially) my interaction with all the junk and people that need to use it straight up saves me time. It's great.
I am only in my mid 30s; but I feel like this smart home stuff might have excited me 15 years ago when now it doesn’t.
The doorbell and security camera stuff do seem to be a cultural difference between the US and where I live though; I don’t have strangers routinely come to my front door and don’t really have security concerns that aren’t solved by locking my front door.
A couple of my friends have smart doorbells but none that I know of use security cameras at home.
Smart doorbells are the (currently) acceptible version of a constanly twitching lace curtain.
curtain twitcher
someone who is very interested in what their neighbours (= people who live near them) are doing and tries to find out by looking out of the window without being seen:
I keep change in two (usually) unlocked cars as bait. If the change is gone, someone has been going through the cars. A while back the change was gone. If I had video footage of that, would the cops pursue the case? Hell no. If I received a notification from a camera/sensor, would I confront or possibly shoot (legal in this jurisdiction) a petty thief? Hell no. Anyone who is stealing loose change out of cars is desperate to the point that they do not care anymore.
Around the time the bait disappeared, the police were pursuing a suspect from house to house at 2am. If it was the same person, and I had proof, stealing from parked cars would be the least of anyone's concern.
What are the odds your local police are going to take your package theft footage and actually pursue the thief? Even for more serious crimes, it's questionable whether they will seek (or use) camera evidence, or be successful if they do. I know of an armed robbery attempt that occurred close to home, and to my knowledge no inquiries were made regarding camera evidence (I was a witness).
I can think of plenty of concrete uses for surveillance cameras, sure, but I'd say the costs vastly outweigh the benefits for most people using them today.
Check out some online social (fearmongering) sites like Nextdoor some time - it's nothing but busybodies speculating that the person parked on the street is casing their house or stealing packages. Quick, report them to the cops.
Oops. The local cops no longer accept 'suspicious person or vehicle' reports unless there is a crime in progress.
The only camera I have in a living space is my father's house far away; the house is empty most of the time and the camera in the living room is showing if anyone broke in via any door or window. When anyone goes there, that camera is physically disconnected for the entire duration.
Another case that is valid is for very old people that share the video with their family. A few months ago a very old (~ 100) lady that I know died and her only daughter, one continent away, found out by checking the camera. The alternative would be for neighbors to call the police days later for not seeing her, but that is undesirable.
I used to think the same thing until I caught a 40 year old man stalking my teen daughter and continually trying to peer into her bedroom windows on camera. So while it feels good to be ignorant, it doesn't make everything go away. Also, the people commiting crime seem the most concerned with people having cameras. Hmm, wonder why.
We have a few rescue cats that each have... quirks. We have two indoor cameras set up in our basement: one on the feeding area, and one on the potty area.
Sometimes they fight over food (automated feeder) and one doesn't get fed. But it's hard to tell if they're meowing at us because they were bullied out of food, or because they know we are softies and will feed them if they meow enough. We can check the feeder footage and see who got fed.
One of them is potty-shy, and about once every 3-6 months stops using the litter box and starts using obscure corners of the basement until we can coax him back to using the litter box. We check the footage every couple days to make sure he's using litter boxes.
For a software-oriented site, I'm baffled at how obtuse users can be. A lot of the negativity I'm seeing is along the lines of "I have no use for an indoor camera, therefor anyone who uses them is dumb." There are lots of legit uses (if you think about it for more than 2 seconds), and not all of us want provide the police with indoor footage of our cats shitting.
Farms use cameras extensively for similar purposes. It makes sense. I think these kinds of specific, limited applications are very different from just setting them up everywhere because you are afraid and leaving them on all the time. I'd say the same if someone had a stalker or a deranged family member who might show up at any time. There are definitely good uses for networked surveillance cameras.
Several people questioning why you'd have cameras inside your home. I have a story. A few years back I started discovering wet spots on the carpet around my house. It was pretty clearly urine. None if my kids would fess up to it, and they seemed sincere. I set up some cameras and eventually caught a sleepwalker. At least one of my kids would stand up, walk around the house for a bit, and take a leak like he thought he was in the bathroom, and have zero memory of it! It was kind of hilarious.
Got the kid to a sleep doctor and cleaned (and eventually replaced) the carpet. Got rid of the cameras.
It would have been embarrassing at least if anyone got that footage. Glad it was all local storage.
What did the sleep doctor say? I used to sleep so deep that if I needed to go to the bathroom, in my dreams, a toilet will appear. Even in the middle of a jungle. Peed in a trash can one time. My solution was to just not drink anything in the hours before going to sleep.
Basically just told the kid to stop staying up so late reading Harry Potter. He said to try a regular sleep schedule with an early bedtime first, and if that didn’t work to come back and there was some medication we could try. The regular sleep schedule seemed to fix it
Everyone seems to be accepting at face value the government's claim that they were investigating a real crime in the neighborhood and not specifically targeting this guy and using this as a lame excuse to spy on him.
Given all the instances of government agencies abusing their power to target political enemies of the current administration; I wonder how reasonable such an assumption really is.
I use ring cameras. I gave some initial consideration to the privacy concerns before going all in. I decided I'm fine with it. I positioned the cameras specifically knowing that whatever they record could be made public at some point. I consent to Amazon or Ring sharing the footage with police and 70% or so of my neighbors all do the same.
If my footage can help catch a burglar or vandal in my neighborhood I've made the whole community a bit better. But I already live in a very safe area. All I've caught so far are some possums, cats, squirrels, and wasps.
But I also see when packages get delivered, etc.
If I'm ever not OK with it I can just replace the cameras with any PoE alternative. My house is wired to be flexible.
This. My security system incudes video, but that video stays with me. It's not being managed by any third party service. If the police want it, they have to ask me for it directly -- they can't go to some company and bypass my protections.
>If the courts find out you have the data they can demand you decrypt it, and send you to prison if you do not.
If the courts decide there's anything (physical or digital) law enforcement wants/needs, you have to turn it over or face jail[0][3] and/or fines. That's nothing new. Nor is it likely to change anytime soon.
However, not being able to comply (e.g., you don't actually have such data) is a defense for contempt of court. As such, short-term retention policies and secure deletion methods would be preferred.
Perhaps also with a 'canary'[2] as well, that will delete all data if some key/setting/file isn't updated within a specific period of time. Unless one has been ordered by the court (or some law on the books to retain data), this is perfectly legal.
[0] Not prison. Contempt of court[1] means jail, not prison.
[2] https://en.wikipedia.org/wiki/Warrant_canary -- Not exactly this (as it affects the retention/deletion of personal data rather than informing others of government involvement), but a similar idea.
Just make sure you know how to end your canary fast without losing data. The first contact you get and thus the first you hear about something is a court order to save all relavent data.
>Just make sure you know how to end your canary fast without losing data
Sorry for the late reply, but the whole point is to "lose" (i.e., delete) such data if a canary expires. With a canary, no action is required to delete such data. Rather renewing such a canary stops the deletion of data.
At least you have the option to fight it and/or destroy it. Even if you plan to cooperate, it's never a bad idea to have more options on the table.
If the cops want to catch a thief that ran away on your street and ask for your camera footage, being in control of the video files means you could send them the outside footage and pretend you don't have have cameras inside. With a cloud provider, they will just send everything and not give a fuck.
Police: Hey can we get a warrant for all the Ring cameras on this street. Oh and we know for a fact that there's a guy with more exterior cameras who has refused to share footage with us.
Judge: Sure, I'll sign that warrant. Nobody would be dumb enough to put Ring cameras in their house.
Guy who is that dumb: I'm not going to fight the warrant even though I got a letter saying I can totally prevent my interior cameras from being included in the data Ring turns over.
I currently run frigate with Docker and the setup is pretty straightforward if you know how to modify YAMLs. Got rid of all my eufy stuff after the scandal. It’s so nice to have an on premise system since you can set a camera VLAN to have no internet access. The tensorflow lite based detections is miles ahead of motion based detection too.
We need a comprehensive, people first, data ownership bill drafted and pushing to law ASAP. I know a lot of work has/is being done on this front, but I'm even someone who cares and I have trouble following it all. It seems corporations and private/government interest are running the show completely. Am I wrong?
Allow me to expand and spitball here just a little bit.
1. Technology companies as data creators should have the responsibility of clearly denoting the ownership of the data they create.
2. Data created as a product or derivative of something a user owns should be given the option to be owned by the same user.
3. Rights for data owned by a user should be akin to physical ownership and stewardship, including limited scope of warrant by law enforcement, etc. (Why would we limit the ability for a police officer to search your home, but not the video footage you installed of the same?)
4. Technical implementation including but not limited to advanced cryptography should NEVER be disallowed or restricted by the owners of data.
This is obviously horrible. But I'm curious, since I have an internal-only camera system - is this materially different than if the police subpoenaed his recordings directly?
The biggest difference is that he was not the subject of the warrant, Ring was, so he didn't risk any issues about non-compliance with the warrant or anything.
Ring gave him a chance to challenge the warrant but decided not to. He might've just had to write Ring a letter, though he says in the article he thought he'd need a lawyer. If he was the subject of the warrant directly then he'd need to deal with the court directly, probably requiring the help of a lawyer. Ring deals with warrants all the time though, so they are probably a good resource for challenging these kinds of things.
It was terribly dangerous to let your thoughts wander when you were in any public place or within range of a telescreen. The smallest thing could give you away. A nervous tic, an unconscious look of anxiety, a habit of muttering to yourself – anything that carried with it the suggestion of abnormality, of having something to hide. In any case, to wear an improper expression on your face (to look incredulous when a victory was announced, for example) was itself a punishable offence.
...
You had to live – did live, from habit that became instinct – in the assumption that every sound you made was overheard, and, except in darkness, every moment scrutinized.
Judges can do absolutely anything, once, if someone decides not to object at the time.
Recall campaigns for judges exist in a lot of American jurisdictions. Such is warranted here. If it’s recognized that rubber-stamping Ring requests can and has lead to a recall being presented to voters, judges will in general take more care to consider the request in the future.
Someone should make a company that modifies existing "smart" appliances or "things" to cut them off the grid. A bit like OpenWRT does to routers or other FOSS firmwares. I am sure it will be a lucrative business given how omnipresent cloud crap these days.
Some time ago police asked for data from my cameras. They did not present a subpoena, but were very open and clear about the purpose (a car has been stolen on the street next to the building) and the time span (2 AM - 3AM). We looked at the footage together, found nothing and they went away. I could have very well told them that they need a subpoena, but that could easily backfire. I could also have told them that the system is out of order, or even destroy the footage if I had something to hide. You can't do any of the latter if you data is uploaded to a cloud provider.
Unfortunately DIY security cameras are usually based on old hardware and lack the AI goodies of new systems (e.g. semantic event detection).
From my skimming, the article doesn't explain why the police knew to ask for the footage.
Did he volunteer it to them initially, or to someone else? Is he part of a ring neighborhood thing? (They have a function to offer to share footage with your neighbors). Or did the police simply throw out the dragnet and look to see if Ring had any customers in the area? I suspect it's one of the first two options.
In such a case, you're better off not offering your information to begin with (unfortunately), and you'd likely be okay with a Ring as long as you didn't advertise its existence online. You'd be better off still with a non-cloud solution that, while subject to subpoena-or-something, flies under the radar even more.
Ring doorbells are very distinctive and easy to see from the street, especially at night. It's possible they just drove down the street looking for the houses that have them.
Is there any sort of encryption scheme that would make it possible to generate a key on-demand to decrypt only the data that was encrypted within some arbitrary interval of time? The idea being if 100 terabytes of someone's private life history is seized, a judge could order the decryption of only the parts likely to contain material evidence.
The closest thing that comes to mind is to use a unique AES key for every chunk of 5 minutes or so, and then encrypt those keys with an asymmetric cipher with the private key secured off-site somewhere, which could selectively decrypt some of the AES keys. But that could be an inconveniently long list of keys for, say, 10 video feeds over several days.
I wonder what happens if you have a DIY, FOSS, local setup with full disk encryption on the footage storage drive, and you simply refuse to give up your password for the footage.
At least in some states¹ in the USA, police cannot compel you to give up a password².
Double check with a lawyer, but a web search suggests that at least in some jurisdictions, you can be held in civil contempt, for which you may be incarcerated for up to 18 months.
Absolutely. Even so, it used to be the case that judges could detain people this way indefinitely. Outside of the US, many countries offer no such legal protection at all, refusing to give up a password is itself a crime, in some cases with penalties exceeding the original charges.
People should absolutely familiarize themselves with the laws surrounding this in their jurisdiction even if they're doing nothing wrong - legitimately forgetting a password and defiantly refusing to share it are often treated the same way by the criminal justice system.
> They amount to a large and unregulated web of eyes on American communities — which can provide law enforcement valuable information in the event of a crime, but also create a 24/7 recording operation that even the owners of the cameras aren’t fully aware they’ve helped to build.
They drew this conclusion from a court order being served upon people who had selected "record everything" when they set up their surveillence camera?
I don't understand what you find confusing about this. If a court can order that all camera footage from a citizen be provided to law enforcement at any time for any reason (in the case cited the individual wasn't a suspect, he just happened to have an external camera that might have shown an actual suspect) then you have a surveillance infrastructure. The citizen in question got tired of doing the police's job for them as they widened their dragnet, so they just demanded his entire account from Ring, which included cameras inside his home. Which Ring provided without hesitation, and the best part is that they paid for this "service".
Because no one understands how those features they're paying for work. People want everything to be convenient and "cheap". Ring isn't cheap, it just appears so if you look at it per month. That's why we end up with that privacy nightmare that's Ring.
People with different priorities buy different hardware that's more complicated to set up and more expensive but keeps the sensitive data local.
> Because no one understands how those features they're paying for work
In my experience they know exactly how they work, they want to record everything that happens in the street infront of their house - that is litterally what happens.
Is ring etc really much more of a privacy nightmare than any other cctv? Given the wide spread use, it is easier for police to do a blanket request, but back in ye olde days the officer would stand there, look around and see all the cameras and go make requests where they saw one.
End result is identical, its the same thing with a few extra steps.
It's a set of hurdles that I think wouldn't hurt. Plus more reasonable retention periods to limit the impact on the people around them. I think that would be positive. At least that way police have to intentionally select which cameras to pursue instead of just asking Ring for data on an entire neighborhood what I assume is happening now.
Those extra steps can often make all the difference in the world in terms of privacy protection. I object to every public place being monitored by CCTV. I would have less of an objection to every public place having a uniformed officer instead.
If nothing else, at least then it would be obvious when you're being watched, so you wouldn't have to be on guard every moment.
> Because no one understands how those features they're paying for work.
Everyone I know who owns a Ring does. They don't care. Convenience always wins. People who put privacy and related rights above convenience are the exception.
If this is a concern for you, consider Home Assistant[0]. Near dummy proof (I am prime example), can bet set up to have zero third-party involvement. My properties are not locked into any ecosystem and I am able to do everything the closed commercial gardens offer.
I say that if I have the footage, then under (non-existing) regulations of digital assets I own them along with anybody who also has their "own copy".
The problem with this notion of ownership is that it's not compatible with the idea of trading assets in a typical traditional market like all that existed before the internet was built
Off topic, I have a synology NAS, what is a good camera that only communicates within my lan and doesn't reach out to any servers on internet?
We need to setup a camera for insurance purpose in my mum's house in France after multiple burglaries but I absolutely do not want to give access to a third party.
Not sure if I'll be setting up CCTV at the new home this year or later, but for sure it'll be ZoneMinder based and everything, especially cameras, will be firewalled and behind their physical subnet.
In my current work I develop software on this area. Kind of CCTV from scratch in .NET. We archive high performance using static FFmpeg libraries. Right now, because of currency exchange, I'm looking for a new job. ely at duck dot com
I'm sort of the "I'd rather not know" camp. I've lived in my house for 8 years now. I'm sure in that time the area has been prowled. Somebody has probably walked into my fenced backyard to see if I left a window open in the summer, or tried my front door to see if it's unlocked, or scoped out my cars for catalytic converters. But, I've never had a crime issue. Not a single package stolen, ever. Why work myself into a tizzy about everything that "seems strange"?
Don't get me wrong, I'm sure if something did happen, I'd wish I had footage. And maybe I'd go out and buy cameras. But then, I've watched my brother-in-law's Ring footage of his catalytic converter being stolen from his Prius. On 3 separate occasions. Gotten angry, thought about what I'd do if I happened upon these scumbags. And yet, that's all the footage does; makes you angrier.
I use iSpy. Its free and open source and you can connect as many IP cameras to it you want. Need cloud backup? Save the videos to google drive. Need text notifications? Theres apis for that.
It claims to be open source but it seems to be only in name. The web site says you can use it for free for personal use, but such a claim makes it NOT open source by definition. (Source-available at best.)
I had to dig really hard to find a link to github (https://github.com/ispysoftware/iSpy) but I get the impression from the README and lack of activity that this repo was superceded by another product from the same company, and that appears to be what the main website is marketing for download/payment. And according to the license file, some rather important bits of it are not open source at all.
Find a lawyer that's willing to do that for you. Then show up to court and complete all the legal paperwork. How many do you think are going to do that? How much do you think it's going to cost?
I'm one of those privacy freaks who rails against ubiquitous surveillance. There's no chance I'd be OK with imposing surveillance on unconsenting others except in areas that are clearly my private property. Any legitimate guests are aware that the cameras are there.
I should add, though, that my cameras only cover the the external doors and windows. There are no cameras, say, in the bathroom, covering my bed, etc. My surveillance goal is simply to record anyone entering and leaving while I'm not home.
Snicker. I love when people the media spreads false information. Democrats have been all about monitoring your every move, just as Republicans. I hate politics. How about we all become Libertarians please. Less government, less in our business.
Why would anyone put camera's in their home? This is lunacy. Outside, I can understand.
> Why would anyone put camera's in their home? This is lunacy. Outside, I can understand.
I thought so too at first glance. But the article explains, that they only come on when the security system is turned on. i.e. when one leaves the house. I could see investigating a burglary when at work, for example. Would not send it to the cloud, but can see the logic otherwise.
I do. DIY on-site only system.
Pretty simple really - stop using third party vendors for data storage. They're cheap and easy because your data is usually the product. Sure, you would still be forced to comply with warrants/subpoenas if they think you have data, but that's basically unescapable.