Live video feeds from security cameras in private homes and businesses in Australia and around the world are being broadcast publicly online without permission, an investigation by The New Daily has revealed.
The website responsible, Insecam, claims it has not hacked any of these cameras – but instead uses software to search all accessible broadcasts from cameras that do not have password protection.
In one example, The New Daily watched as a barber in Tasmania held up a mirror for his client to inspect his new hairdo.
However, neither the hairdresser nor the customer were aware they were being watched.
Other Australian-based feeds showed views of front and back yards, public roads, carports, and even inside lounge rooms.
An investigation by The New Daily identified three Melbourne locations, purely based on visual cues, including The Shed Skatepark in Cranbourne East, a car accident repair business in Malvern and a luxury pet accommodation service in Port Melbourne.
Mother of two Talitha, who takes her six and eight-year-old to The Shed, said she was shocked to find out that live video footage of her children was being broadcast online.
“This is really weird,” she told The New Daily outside the City of Casey council-owned venue.
“I don’t even like to post pictures of my kids up on Facebook or Instagram because I’m really paranoid.
“I’m very aware that some people online can use those images for other purposes.
“This is definitely a privacy breach.”
Dave, a father of two children who regularly attend the skatepark, said he believed this kind of footage should only be accessible by businesses and police to assist in break-ins or other crime.
“It’s a bit of a worry,” he said.
“There are rules around greater public photography of children and there are pedophiles who could be watching videos like this online.”
The Shed general manager Pete Robbins told The New Daily he was not aware of the live broadcast but said the business does stream some videos on its own website for parents to watch their kids skate.
“It’s definitely concerning this is happening without any authority to do so,” he said.
“I will be taking steps to address this with our IT department so the video stream is not accessible elsewhere online.”
How to stop your camera from spying on you
Matthew Warren, deputy director of Deakin University’s Cyber Security Research Centre, said the site highlighted the lack of awareness of the need to password-protect security cameras.
“People often never change the default passwords for particular webcams,” he said.
“It’s legally such a grey area. In my view it’s more of an ethical debate because there is no informed consent given by users for these videos to be broadcast online.
“Who’s responsible? The camera manufacturing companies or the users?”
Dr Robert Merkel, a software lecturer at Monash University with a research interest in security, said he believes the responsibility falls largely on manufacturers.
“The big problem is that cameras are sold configured in such a way that, by default, they are publicly accessible to everyone on the internet,” he said.
“It should be near impossible to set up a camera without password authentication on it and manufacturers need to make the consequences clear.”
The anonymous website administrator of Insecam is understood to be hosting the platform in Russia.
Camera owners are encouraged to secure their private feed by protecting it with a password. It also details a disclaimer that anyone who wishes to have their video feed removed can do so through the website’s contact page.
Insecam was contacted for comment but did not respond by deadline.