Eken Faces $700K Fine for Inactive Address on FCC Filings

FCC Proposes Fines Against Eken for Security Violations

The Federal Communications Commission (FCC) has proposed fines exceeding $700,000 against Eken, a Hong Kong-based manufacturer of video doorbells. This action comes after ongoing investigations revealed that the company's products were vulnerable to hacking and that there were violations of FCC rules.

Background of the Investigation

The FCC began its examination of Eken after a report by Consumer Reports in February 2024 highlighted serious security flaws in its products. These doorbells, which operate under various brand names, including Aiwit, Bitepass, and Tuck, were found to have vulnerabilities that allowed unauthorized access to the video feeds.

Security Vulnerabilities Identified

• Hacker access was permitted through the doorbell’s serial number.
• Security flaws were reported across multiple brands associated with Eken.
• In April, Eken announced a firmware update to remediate these vulnerabilities.

Violation of FCC Regulations

In addition to the security issues, the FCC discovered that Eken had failed to adhere to regulations requiring foreign companies to appoint a US-based agent for official communications. This resulted in the FCC issuing a Letter of Inquiry to Eken's designated US representative, who is based in Colorado Springs, Colorado. However, the FCC found that the address provided was inactive since 2019, and Eken's representative did not respond to communication attempts from the commission.

Proposed Penalties

The FCC reported that the submission of a false address on three separate applications constitutes three violations of their rules, leading to a proposed total fine of $734,872. The enforcement bureau emphasized the importance of compliance and accountability among manufacturers.

The Road Ahead

The FCC's investigation into Eken's security vulnerabilities continues, focusing on ensuring consumer safety and adherence to regulations within the technology sector.

Conclusion

The situation serves as a reminder of the critical importance of cybersecurity in consumer products. Businesses must prioritize the security of their devices and comply with regulatory standards to protect consumers.