pipentassle's profile

Sun, Jul 3, 2022 4:32 AM

Are camera recordings encrypted end-to-end?

I’ve been told by two SimpliSafe employees that the videos captured by the cameras are encrypted end-to-end, meaning it is impossible for anyone (including SimpliSafe) to view them without the encryption phrase. But the only thing I can find on the website is encryption in transit and at rest, which are not the same thing.

Can someone please confirm for me that videos captured by cameras are encrypted end-to-end (not just in transit and at rest)?

Official Solution

Community Admin

 • 

2.9K Messages

Il y a 1 m

Hi @pipentassle ,

So sorry for the miscommunication. The correct answer is that all SimpliSafe communications are encrypted in transit and at rest. There are times when data is decrypted in order for it to be used - for example, if you enabled Video Verification, the Monitoring operators will be able to see recordings for specific alarm events, so they can act as eyewitness if there's a crime in progress.

(edited)

2 Messages

@davey_d​ in light of this, I think I may want a refund, but I’ll need to check with my wife. E2EE was a material consideration for me in buying the video doorbell. Would that be possible, and if so, who do I need to contact to get the refund?

Community Admin

 • 

2.9K Messages

Sorry to hear that @pipentassle . I do want to clarify at least that if you do not give permission (e.g. with Visual Verification, which is opt-in and disabled by default), then our staff do not have access to your cameras. And even if you did allow Visual Verification, only the footage related to a specific alarm event would be decrypted - the operator won't have the ability to just randomly browse your feed. We believe strongly that privacy goes hand-in-hand with security!

But if you're looking to return, we do have a 60 Day Money Back Guarantee. Just give our Support team a call at 800-548-9508 and we'll take care of you.

(edited)

1 Message

It's not entirely true that staff do not have access without the user's permission - thats why E2EE is important. 

*Company policy* may indicate that staff do not have access, but so long as SimpliSafe has access to the unencrypted data (or the decryption key), a malicious insider or a hacker who successfully breaches SimpliSafe could obtain access.  Other issues arise as well - the news has had stories of doorbell camera footage being turned over to law enforcement without a warrant or the permission of the data owner (the camera/homeowner). 

E2EE would permanently block access to monitoring, but it also ensures that private data (like say, *footage of the inside of your home*) cannot be accessed without permission or a lawful warrant.  And there is no amount of guarantee a company can possibly provide that this is not so - as long as you have the decryption keys, you have full control over the data.

(edited)