And they also were sending data to China at one point. Not sure if they still do from the camera. But even if they don't, they could just be relaying it from AWS to wherever.
There's a lot of cheap Chinese home automation and surveillance stuff on amazon. Some of it is so cheap that it makes me (and others) think that their profit is not from selling the devices, but from the data those devices collect. Look at those cheap smartplugs, by themselves they are relatively innocuous, but look at the permissions that the app requires on your phone to work... Shady.
I work with a team of people who reverse engineer stuff like this, and there's definitely shady stuff going on with some of it. Most of their work is ICS and SCADA type stuff... But they get bored in their spare time and start looking at stuff in their homes. Another HUGE offender, kid's games for Android and iOS. We have specific devices that are only used for games, never on devices that contain personal data. Almost all of my security alerts on my home network are these game-designated devices sending data out of the country to known malicious IP addresses gathered from threat intelligence feeds. People worry about Alexa and Google Home... The apps on your phone that have mic access are a way bigger threat. And the companies that gather that data will approach developers of store apps and offer them a payment of a few thousand bucks to just insert a couple of lines of code... That loads libraries that pilfer your data and spy on you. If I ever install a sketchy app on my phone, I put it in a container using Island.
We are all being spied on way more than we know, and it's not necessarily amazon and Google doing it.