What Has SIRI Heard In Your House? Be Aware When Bringing Voice-Controlled Technology Into Your Home

I had a conversation this week at work that I wanted to share with my readers.  It may not be news to you as it is not a new story, but the proliferation of this technology makes it more concerning than ever.  Be aware of the risks.

A coworker was telling me this week that he’d been having dinner with his wife, children, and grandchildren.  The movie “10” with Bo Derek and Dudley Moore came up in reference to a discussion about height differences between couples.  The adults at the table speculated about how tall Bo Derek was until my friend retrieved his iPhone from the holster on his belt and hit the Safari internet browser.  In the search window, he entered a single letter “H” and the search box autocompleted with the term “How tall is Bo Derek?”

My friend was shocked because he does use Siri on his phone but he wasn’t aware that Siri monitors all conversation within earshot as part of waiting for and anticipating commands.  This is not a feature limited to iPhone.  The voice-control technology in Google’s phones and Samsung’s smart TVs also use this same type of input monitoring of voice data.  The problem is that this technology doesn’t make any distinction between a potential command and a private conversation.

The more concerning aspect of this is that the determination as to whether the voice input is a command or not is not taking place at the phone level.  Instead, your phone converts all the voice input to text and sends it to Apple servers where that determination is made.  Apple makes no secret of this.  The Siri user agreement states that these conversations will be used to help Siri learn.  (http://www.pcworld.com/article/256253/is_siri_spying_on_you_.html)

It has also been revealed that this data (your conversations) are shared with third-party developers as part of app development and improvement.  (http://thehackernews.com/2015/03/apple-siri-voice-data-sharing.html)

It doesn’t end there.

According to Wired Magazine the data is kept for up two years.  It’s initially linked to an internal identifier (not your phone #, email address, or Apple ID) but after a few months is de-identified.  (https://www.wired.com/2013/04/siri-two-years/)

I just saw on the news that Amazon’s ECHO device is sold out.  I haven’t read yet how that data is stored.  In the meantime, though, I think it’s wise to consider that any voice-activated technology with data connectivity is constantly listening and broadcasting your conversations (voice data) to someone.  Imagine your phone, your smart TV, or your Alexa as a internet-connected microphone and think carefully of the things you might say in front of them.

Some corporations are concerned enough about this that they are requiring employees to turn off voice-command technology on their phones.  Imagine a foreign government creating a fake company involved in app development simply for the purpose of having access to the voice data on a particular individual.  Imagine that this individual works in the defense industry or in a corporation with technologies that they wish to keep out of foreign hands.  While there are always risks that classified data will be accessed other way, the use of voice-activated technology is a doorway that many are willfully allowing to remain open.

I’m no outlaw (yet), but I prefer my private conversations to remain that way.  I know that government security agencies can activate and use these devices for electronic eavesdropping.  That is beyond my control.  Allowing voice-activated technology to be used in my home is not.  For my family, in my home, I ask that it be turned off.


Comments are closed.