Eufy Cameras: They Lied About Local Storage
Eufy marketed "local storage only" and "end-to-end encryption"—then was caught uploading to the cloud and streaming unencrypted video. Here's what happened and what to use instead.
What Eufy Was Caught Doing
These findings come from security researchers, journalists, and legal investigations—not speculation.
Caught Uploading to Cloud Despite "Local Storage" Promise
Security researcher Paul Moore discovered that Eufy cameras were uploading photos, facial recognition data, and video thumbnails to AWS cloud servers—despite Eufy's explicit marketing that all data was stored locally and never left your home.
Unencrypted Video Streams Accessible Remotely
The Verge confirmed that anyone could watch live Eufy camera feeds using VLC media player from anywhere in the country—proving the "end-to-end encryption" claims were false. The streams were completely unencrypted.
$450,000 NY Attorney General Settlement
New York Attorney General Letitia James announced a $450,000 settlement after finding that video streams were transmitted without encryption and active feeds could be accessed without authentication.
Facial Recognition Data Stored in Cloud
A lawsuit filed against Eufy claims the company assigns "unique identifiers" to faces of anyone who walks in front of devices and stores that data in the cloud—essentially logging locations of unsuspecting individuals.
Previous Breach Exposed 712 Customers
In 2021, a bug exposed over 700 customers' security camera streams, allowing random Eufy users to access other customers' live feeds and even control their cameras.
Company Removed Privacy Promises from Website
After being caught, Anker quietly removed ten "privacy promises" from Eufy's website that had claimed local-only storage and end-to-end encryption—essentially admitting the marketing was false.
Why This Matters
Eufy's marketing claimed:
- " All footage is stored locally and never leaves your home
- " End-to-end encryption on all video
- " No cloud, no subscription required
What actually happened:
- Thumbnails and facial data uploaded to AWS cloud
- Live streams accessible via VLC with no encryption
- Company quietly removed privacy promises from website after being caught
When caught, Anker (Eufy's parent company) provided no apology and didn't explain why unencrypted streams were accessible.
Truly Private Alternatives
These options actually deliver on local storage promises—verified by the security community.
UniFi Protect
Enterprise-grade cameras with true local storage. Your footage never leaves your property—no cloud uploads, no false promises.
Best for: Homeowners who want verified privacy and professional reliability
Reolink
Transparent about their storage options—local NVR recording with optional cloud. No deceptive marketing about where data goes.
Best for: Users who want honest, transparent camera systems
Home Assistant + Any RTSP Camera
Use Home Assistant as your local NVR with any RTSP-compatible camera. Complete control over where your footage is stored.
Best for: Tech-savvy users who want complete control
Want Cameras That Actually Respect Privacy?
We install camera systems with verified local storage—no cloud uploads, no subscriptions, no deceptive marketing. Just honest, private surveillance for your home.
Sources & Citations
- TidBITS: Eufy Cameras Caught Uploading to the Cloud (December 2022)
- Gizmodo: Eufy Admits Unencrypted Streams (January 2023)
- NY Attorney General: $450,000 Settlement (January 2025)
- MacRumors: Eufy Cloud Uploads Without Consent (November 2022)
- The Register: Eufy Lawsuit Over Facial Recognition Storage (March 2023)
- 9to5Mac: Eufy 2021 Camera Breach (May 2021)
- 9to5Mac: Eufy Admits Security Breach (December 2022)