Amazon Key In-Garage Delivery: Unauthorized Entry
In today’s digital age, convenience often comes at a price. For some Amazon customers, that price might be their privacy and security.
Amazon Key is an in-garage delivery service that partners with garage door opener apps MyQ, Aladdin Connect, and Overhead Door to deliver packages directly inside the garages of Amazon customers.
A simple four step process is laid out on the Amazon Key page to illustrate the simplicity and security of the service.
Participating garage door opener apps grant Amazon Key access. These partnerships are what makes this service possible.
This delivery practice could mean a significant reduction in porch piracy, but raises significant privacy concerns and highlights the need for customers to be vigilant about their digital and physical security.
The Uninvited Intrusion
Where this moves from convenience to violation is in some customers experiencing this service being enabled without their permission.
One Austin-based Amazon customer we spoke to shared a troubling experience that highlights the gravity of the issue.
When checking on her Amazon orders, she noticed a message indicating her package was going to be delivered into her garage.
“We never opted into this service on Amazon or in the MyQ app,” she explained.
The couple witnessed their garage door being opened and talked with the delivery driver who was in an Amazon uniform and drove an Amazon Prime truck. The driver relayed that his Amazon delivery app instructs him as to how each package is to be delivered and provides him the ability to open customers’ garage doors.
While Amazon Key is supposed to be an opt-in service, this accounting indicates this may not always be the case.
Not The First Occurance
This story is not an isolated incident. Many users on Reddit have reported similar unauthorized entries by Amazon delivery drivers, all facilitated through the MyQ app.
According to a 2019 press release from Chamberlain Group, the app’s parent company, the integration is supposed to be activated only when customers link their Amazon and MyQ accounts via the Amazon Key app.
However, many customers assert that they never went through this linking process or authorized such access. The result is an alarming breach of privacy, with Amazon deliveries occurring inside private garages without explicit consent.
Privacy and Security at Stake
The potential implications of this unauthorized access are profound. Beyond the immediate concern of unwanted intrusions, there are broader security risks towards both customers and drivers.
These risks include:
- Theft or vandalism of property inside the garage or home.
- Accidental damage to homeowner’s property.
- Complex liability issues in case of accidents or injuries occurring during the delivery process. For example, an Amazon delivery driver could be injured by a pet or tripping hazard inside the garage, leading to liability issues for the homeowner.
- Unexpected garage access could trigger home security systems, leading to false alarms and potential fines from local authorities for repeated false alarms.
- Amazon drivers might unintentionally gain access to personal or sensitive information stored in the garage, such as documents, tools, or equipment.
- Personal safety risks to the inhabitants, especially if they are unaware of the delivery or misinterpret the entry as a break-in attempt. For example, this instance where the driver accidentally left a garage door open.
There have been instances where individuals felt violated and unsafe knowing that someone could enter their property without their knowledge or permission.
On a Reddit thread discussing Amazon delivering in garage without authorization, poster WestRoyal5079 wrote, “I have never authorised Amazon Key. I know this for fact because every time I opened the MyQ app I would get notification on the top of the app to create Amazon Key, but I never did because I didn’t want any of those delivery guy coming to my house. I feel so violated. I know that I can turn off the key but what are the chances that they turn it back on if they need to? They will probably say I did it accidentally again.”
Another poster commented, “This also happened to me as well on 12/3. I came home one evening & found the packages delivered inside my garage. I wasn’t even aware that this garage delivery option was available. I did not authorized this & it’s an invasion of privacy. I also have MyQ garage opener which I installed 6 months ago. This was the 1st time this happened. I’ve been on the phone with multiple Amazon reps including the Supervisor of Logistics for answers. It’s been 2 weeks & I have not heard back from Amazon.
If the Amazon driver can change the delivery option & has access to my garage, that’s scary! I’m still waiting for answers from Amazon.”
Indeed, the breach of trust is significant, and the lack of clear communication and consent from Amazon and MyQ is troubling.
Loss of Control Over Personal Data
If Amazon can access your garage without permission, it also raises questions about the control and security of other smart home devices and systems, specifically about how personal data is being used and shared with third-party apps.
Moreover, this situation brings to mind previous privacy lapses by Amazon such as issues with its Ring and Alexa products, which have led to substantial fines and settlements.
How Did This Happen?
For many, the problem began with MyQ’s app interface, which offers several opportunities to enable in-garage delivery, sometimes leading users to unknowingly activate the service.
In other cases, it appears that Amazon and MyQ automatically enabled the feature without proper user consent, as suggested by numerous Reddit posters. This automatic opt-in mechanism lacks transparency and undermines consumer trust.
In a post, Claude_Henry_Smoot reported that “MyQ has turned on Amazon Key (without my permission) and I cannot find a way to turn it off.”
He said that he never set this up because he doesn’t need it and doesn’t want delivery people in his garage.
“It was fine until last week when I noticed someone putting my garage door up. I ran out … it was Amazon. I never activated it. I looked in the MyQ app and it now indicates I am ‘all setup’ in the Amazon Key section and seems to provide no way to turn it off. I didn’t want to be all setup.”
The Broader Implications
The broader issue at play is the delicate balance between convenience and security. While in-garage delivery can be seen as a solution to package theft and missed deliveries, it should never come at the expense of user autonomy and consent. Consumers should have full control over who has access to their property and under what circumstances.
Furthermore, this situation highlights the need for stricter regulations and standards regarding smart home technologies and services. Companies must be held accountable for ensuring that their products and services are secure and that user permissions are clear, transparent, and respected.
Potential FTC Violations
If unauthorized in-garage deliveries continue to surface, Amazon and MyQ could potentially be exposing themselves to a class action lawsuit for violation of several Federal Trade Commission (FTC) regulations. Some relevant areas include:
Unfair and Deceptive Practices
The FTC Act prohibits “unfair or deceptive acts or practices in or affecting commerce” (Section 5). Unauthorized access to customers’ garages could be deemed an unfair practice, especially if Amazon did not provide clear, conspicuous, and truthful information about the service or failed to obtain explicit consent.
Related: Amazon Faces Backlash for Alleged Abusive Practices, FTC Lawsuit Alleges Amazon of Tricking and Trapping Customers into Recurring Prime Subscriptions
Data Privacy Violations
The FTC has taken action against companies that fail to protect consumers’ personal data or mislead them about privacy and security practices. If Amazon did not adequately inform customers about the garage delivery feature or circumvented security settings, this could be seen as a failure to protect customer data and privacy.
Consent and Notification Issues
The FTC requires companies to obtain explicit consent from consumers for services that affect their privacy. If Amazon activated in-garage delivery without obtaining clear, affirmative consent from customers, it could be in violation of FTC guidelines on consent and notification.
Protecting Your Privacy
For those concerned about their privacy and security, there are several steps you can take to protect yourself:
- Check Your App Settings: Verify that Amazon Key In-Garage Delivery is turned off in your Amazon account.
On the Amazon website:- Navigate to Your Account.
- Scroll down to Ordering and Shopping Preferences.
- Amazon Key settings.
- Select In-Garage Deliver is OFF.
- Continue to Monitor: Regularly review the settings in your garage door opener and Amazon apps to ensure that in-garage delivery is disabled unless you explicitly want it enabled.
- Enable Security Features: Use any available security features, such as multi-factor authentication, to add an extra layer of protection to your smart home devices.
- Stay Informed: Keep up to date with any changes or updates to the terms and conditions of your smart home devices and delivery services.
- Communicate Concerns: If you experience unauthorized access, report it to the companies (Chamberlain Group and Amazon) involved and demand action. Concerns can also be addressed with the FTC. Sharing your experience can help raise awareness and prompt necessary changes.
- Consider Alternatives: If you are uncomfortable with the potential for unauthorized access, consider using alternative delivery options or even reverting to non-smart systems for critical home access points.
While the convenience of in-garage delivery is appealing, it should never compromise your privacy and security.
Tech companies like Amazon and MyQ must prioritize user consent and transparency, ensuring that their services enhance convenience without infringing on personal property and privacy. Consumers, in turn, must remain vigilant and proactive in safeguarding their homes against unauthorized intrusions.
Related: Amazon in the Crosshairs: Unveiling Recent Legal Turmoil, New Security Issues Leave Many Sellers Vulnerable to Cyberattacks, Amazon Faces Tougher Scrutiny Under EU’s Digital Services Act (DSA)
Need more information?
- Send Message: We typically reply within 2 hours during office hours.
- Schedule Demo: Dive deeper into the nuances of our software with Chelsea.
- Join Live Upcoming Webinar: New to Amazon inventory management? Learn three inventory techniques you can implement right away.