Does Wyze share cam videos with police w/o a court warrant?

Amazon/Ring has been exposed by Politico for sharing camera videos with police departments upon request, without a court warrant, and without notifying the customer. Ring has even furnished an app to over 2000 police departments to make it even easier for police to spy on their customers.

Where does Wyze stand on this? Does Wyze give up its customer cam videos without a court order? If not will Wyze publicly take a stand against this practice by condemning Ring/Amazon?

Amazon\Ring has been made famous for a very long time for their “partnership” with local law enforcement. The Politico article was simply a rehash of already known practices going back years to illustrate the current “blurryness” of online video\data privacy in the iOT sector and the lack of definitive privacy protection legislation in that market segment.

The real problem the article highlighted was not the legal requirement of iOT companies to comply with legally binding Judicial orders, it was the ease of law enforcement in obtaining these orders from liberal Judges who have no respect for the expectation of personal privacy.

This question has been asked many times in the past. The response has always been that Wyze does not share user video content or account information with any organization outside of Wyze or their infrastructure service vendors without proper legal standing.

From:

From:

Thanks for sharing this policy stuff. Unfortunately there are also no solid guarantees in this world that this policy will continue well into the future. Nor can I take a great deal of comfort based on Wyze’s own history of sharing customer video files with China. Hard to say which is worse: Amazon sharing customer video files with US law enforcement or Wyze sharing customer files with the CCP. Other tech industries also have a nasty habit of violating customer privacy. As an example, there are several examples of “non-logging” VPNs who forwarded DMCA notices to their clients for torrenting copyrighted files. They had a hard time explaining how they knew who to specifically forward them to if they weren’t logging their clients. So, yeah, as much as I’d like to believe Wyze guarantees our privacy, I’ll also approach this with a heavy dose of skepticism.

Just as long as they don’t share videos with animal control I don’t care. My , , and possum friends choose not to deal with showing their papers.

The article link you provided presents no evidence whatsoever that Wyze shared video files with companies in China. In fact, it is clear to state that it was, and still is, speculation. It also specifies that Wyze did have platform infrastructure partners in China that it did use for routing services. To imply that the article states anything more is simply wrong.

Again, pure undocumented speculation on your part.

Applying the behavior of other tech industries to Wyze or any other unrelated company to justify your position is misguidance and misdirection. It has no relevant bearing on the Privacy Policies under which Wyze, or any other iOT company, operates.

Perhaps Wyze products, or any other internet based IP Cam system isn’t in your best interest. I would suggest a local server closed circuit DVR system.

SlabSlayer addressed most of the post pretty well (even the article writer says there is no evidence any information was shared with 3rd Parties. Wyze has long been known in the past to contract with different 3rd parties for different things like using ThroughTek (a common company used for IoT authentication), but never to send them person info, just streaming authentication (my understanding is that Wyze has mostly switched to doing things through WebRTC now). Or using Braze or Segment for their analytics integration to figure what parts of their app are working or confusing to users, what they can improve, etc. They’ve been fairly open about a lot of that and they are not selling anyone’s private information or anything. Even in this article, the writer admits that Wyze did clarify that they were not giving out anyones’ personal information. Claims to the contrary would need to be presented with some kind of evidence, of which, there isn’t any.

I do want to mention something on this though:

Since it is only indirectly related to the topic at hand, I will collapse my response into a detail tag so it is easily skipped by most people who came to this thread looking for stuff about Wyze’s sharing policy.

VPN Leaks & Limitations Explained and collapsed for easy skipping:

Most of the time this has happened, it is likely not the VPN that cooperated with anything, and more the fact that too many people don’t understand the limitations of different VPNs. It is true that a VPN can hide your activity to a degree, but you can also end up revealing your identity in countless ways that VPN’s don’t protect you from and in a way that you are not 100% anonymous.

Things to consider:

• While packets to and from your device are indeed “encrypted,” your ISP (or gov, etc) can STILL execute a network correlation attack to deanonymize you. This is done a lot more than people realize/think all over the world. In order to maintain half their reason for existing, some of the best VPN’s have been forced to try to combat this with new features where you can enable different levels of “Decoy Traffic” between your device and VPN server, but it has it’s own share of drawbacks when you are generating Gigabytes of fake traffic (especially on an ISP like Xfinity or Starlink that has a Data Cap). The more decoy traffic, the more difficult to execute a network correlation attack to deanonymize you, but the worse your side-effects will be too. It’s also hard to gauge how effective this mitigation is. Nobody really knows for sure at this point. We only know that Network correlation has been proven repeatedly as a successful method of deanonymization irrespective of VPN’s or TOR. This is one way they have demonstrably figured out who is doing what when a no-logs VPN is involved. AI will be able to do this even more effectively–hence why people are cautioned not to rely on Decoy Traffic to make them feel safe.
• Browser/Device/machine/user Fingerprinting is another HUGE thing going on lately to identify people who think they are anonymous, but aren’t. It doesn’t matter anymore if you use a private tab blocking ads and cookies, and scripts etc with a VPN’d IP address…they can still figure out who most people are since the majority of people don’t understand what info is gathered for all this. There are ways to combat it, but 99.99% of people don’t even know how, let alone do it. There are dozens of variables like Software versions, screen resolution, make/model, MAC address, countless things that are still leaked through and not changed by [most] VPN’s and when a only a few of them are combined it basically flawlessly identifies a user all across the internet.
• A lot of VPN’s actually LEAK data (IP addresses, DNS requests, Geolocation, WebRTC, etc) a lot more than people realize
  • Using WebRTC while using a VPN can actually compromise VPN connections
  • DNS hijacking
  • Most people don’t realize that their devices still broadcast their GPS/location with their traffic and don’t bother to spoof their GPS
  • IPv6 and dual-stack networks are vulnerable to VPN data leaks. “almost all VPN service providers at that time (and still today) are ignoring the IPv6 routing table. So all IPv6 traffic bypasses the VPN gateway interface — that means no VPN tunnel for IPv6 traffic. Additionally, VPN services that only consider IPv4 will also ignore the IPv6 DNS lookups and ultimately expose DNS information.”
  • Some older protocols (PPTP with MS-CHAPv@) can be broken with simple Brute Force, and others have other vulnerabilities.
• VPN’s not “logging” is a minimal practice that is not good enough. In some cases Keys can still be recovered from confiscated servers, some may not have short lived certificates and keys with a short expiry or get rotated regularly, Often server certificates don’t have uniquely identifying Common Name + SANs, or client configurations are flawed, particularly in their metadata.
  • Note: Some time ago, NordVPN’s server certificate + key was publicly leaked after a breach. They downplayed it but others have demonstrated how easy it would be to use that to impersonate one of their servers for a whole year and gather any info they wanted. Similar issues of how possible it is to gather allegedly “anonymous” traffic from “non-logging” VPN’s have been demonstrated for TorGuard, PIA, Surfshark, ExpressVPN, and others.
• Free VPNs nearly all log even when they say they don’t, so they can sell it for marketing (you are the product and paying for it in a diff way).
• In some cases, VPN’s are REQUIRED to save logs, whatever they say. In some cases it can depend on what server in which country you are connecting to. China, Russia, and Sweden definitely require logs for 6-10mo, and I wouldn’t trust using a server in any Five-eyes country if you’re really concerned about logs.

Bottom line: VPN’s shouldn’t be relied on for anonymity. They do give extra privacy and particularly security, and they are worth having and using, especially in public places, but if you want true privacy, it takes a lot more work than just running a VPN to change your IP address to something else. That is a huge false sense of security.

The above are reasons why “torrenters” and others are occasionally surprised to find out that they weren’t actually as anonymous and “Safe” as they assumed.

I don’t think most VPN’s purposely violate customer privacy, it’s just that the majority of them are not actually doing the things people THINK they are doing. Contrary to popular belief, they aren’t preventing traffic from being deanonymized. Most aren’t using decoy traffic. Most don’t spoof the Location/GPS, most aren’t cycling a spoofed MAC address with every single connection, most can’t do anything about the amazingly accurate fingerprinting techniques, etc. They aren’t being malicious, and in some cases they aren’t being incompetent (in some cases they are)…they just aren’t actually a good “anonymizer” if that is one’s goal…so…don’t use them with the intent to do anything “illegal” since they don’t actually really protect you that way…I mostly recommend them for use against hackers and snoops on public networks.

Any and everybody in business and government misrepresents the full privacy reality these days.

It’s ‘legal.’

Or maybe more precisely, it isn’t illegal.

Here is an interesting article from CNET.

No videos will be shared with the

With my Reolink’s it’s a bit tougher for them to get them, all video resides on my NVR and SD’s.

But an accidental format could be an issue

~50 years ago. Holy .

Forest Kitty stepped on the format button

That’s crazy, it says that a lot of the law enforcement registration options out there require a contract that you promise you won’t share any video with anybody but law enforcement and bans you from sharing it with the media. So even if you’re willing to help the cops, they make you promise that they are the only ones you can share things with. That’s ridiculous. I wouldn’t sign up for that for sure. It’s my video. I can share it with whoever I want.

To a small degree, yes. It does Force them to get a court order. In my opinion, the biggest benefit from this is that they can’t take video without your knowledge. They have to tell you that they’re doing it. There’s no other way to access your recordings except for going through you. That’s a huge benefit because with cloud recordings not only do they not have to tell you about it, but they often forbid the company from telling you about it. Storing everything locally means that they can’t ever get the video without telling you about it. They can still get a warrant pretty easily though. The downside is that by the time they have a warrant, you can’t try to limit the scope or argue that it’s too broad, whereas the brand company can try to argue that with a subpoena. The other downside of doing it yourself is it means that they will take all of your equipment and you may never get it back.

Also, " accidental" formatting an SD card doesn’t do as much as you would think. All the data is still there and easily retrievable until every sector has been written over. Flash memory doesn’t keep magnetic residue like the mechanical storage does, so a single rewrite definitely removes the data, but most formatting doesn’t do that. And if you get one that does it wears out the flash storage a lot faster. Just saying, don’t count on formatting to do much of anything.

It’s much more important to have encryption. Now, reolink does support encrypting video files to the SD card or other local storage, but it’s disabled by default because it often causes performance issues for a lot of people. So most people don’t use it, but the encryption is more important than formatting. Part of the reason for this, is that in this case, even if they have a warrant, they still need your cooperation and consent in most cases Because depending on the type of encryption you use, they would need a password to unlock the encryption, and passwords that are in your head are generally protected by the fifth amendment. So they can get a warrant to confiscate your equipment, but they still won’t be able to view your security footage unless you cooperate and give them permission, making it pointless to be coercive and rude. This gives you some leverage to make sure they don’t steal your property. If they tried to steal my property and asked me for my password for the encryption, I would tell them where to go. I would tell them that what they can do is return all of my equipment to me instead of steal it coercively, and then sometime after they leave and I feel safe I will unlock the encryption and go review the footage and get it to them, but only if I’m in control and guaranteed to keep my equipment that I paid for and if they start being courteous and respectful. Instead of disrespectful and intrusive unnecessarily.

I have willingly shared videos for law enforcement use or others in certain extreme cases that I caught on my cameras, But me sharing absolutely requires people to be courteous and respectful of me, not entitled and coercive. If someone jumps straight to trying not to let me know that they are accessing my property, or they try to coercively steal my equipment, or they try to slip in some small print contract that I’m not allowed to share my videos with anybody but them, then I’m a lot more likely to exercise my rights instead. A little courtesy goes a long way in my opinion.

The SD only holds 4 days anyway before rewrite over, but the NVR can have a hard format through pc with proper application that writes an alternating pattern to all sectors/ locations

May have to quit using SD if the political climate suits that

so what’s this here in the last bullet point? Wyze sates they will share video data “if we believe you have violated the law”? Which law? Does “the law” mean “all\any law? Who and how is the cloud data being processed and monitored for violations of “the law”?

Welcome RookAdams. This forum is primarily a user-to-user community. Wyze employees do not actively monitor this forum. Answers to your questions depend on where you are located. If your screenshot is sourced from the Wyze Privacy Policy, you may wish to contact Wyze via email or phone to properly address your concerns. Wyze has a special team set up to answer privacy questions. Contact information is located at the bottom of the Privacy Policy page.

If you are worried about control of your videos you should not be using a camera system that stores your videos on the cloud like Wyze.

Many other brands have local storage you are in control of completely.

I use Reolink 4k cams in locations needing real security and data privacy.

I now only use my Wyze cams for monitoring animals in the barn and other non-security uses. None are in critical locations.