A company
that markets video cameras designed to allow consumers to monitor their homes
remotely has settled Federal Trade Commission charges that its lax security
practices exposed the private lives of hundreds of consumers to public viewing
on the Internet.
The charges
The FTC’s
lawsuit alleges that TRENDnet marketed its SecurView cameras for purposes
ranging from home security to baby monitoring, and claimed in product
descriptions that they were “secure.” However, the cameras had faulty
software that left them open to online viewing, and in some cases listening, by
anyone with the cameras’ Internet address, the agency said.
In January
2012, a hacker exploited this flaw and made it public, and, eventually, hackers
posted links to the live feeds of nearly 700 of the cameras, according to the
lawsuit. The feeds displayed babies asleep in their cribs, young children
playing, and adults going about their daily lives.
When
TRENDnet learned of the flaw, it uploaded a software patch to its website and
told its customers to visit its website to update their cameras, the FTC said.
Company
action
Under the
terms of the settlement, TRENDnet is prohibited from misrepresenting the
security of its cameras or the security of the information that its cameras transmit.
In addition,
TRENDnet is required to establish an information security program designed to
address security risks that could result in unauthorized access to or use of
the company’s devices.
The
settlement also requires TRENDnet to notify customers about the security issues
with the cameras and the availability of the software update to correct them.
In addition, the company is required to provide customers with free technical
support for two years to help them update or uninstall their cameras.
