Is Alexa really eavesdropping on you?
I’VE GONE all-in on Amazon’s line of Alexa-powered speakers, installing them throughout my home and buying them for family members. We use them to play music and news, tell jokes and get the weather.
But stories like one in Gizmodo suggest that the popular and inexpensive line of voice-activated speakers pose a threat to user privacy. The writer argues that devices like the Amazon Echo and Google Home contain microphones that are “always on” and sending volumes of data back to their parent companies.
These speakers might also make it possible for hackers and law enforcement authorities to drop a secret wiretap into your living room, the article says.
The American Civil Liberties Union agrees, inveighing against the Echo and other connected speakers. Boing Boing’s Cory Doctorow writes that they “normalise surveillance.” Even InfoWars conspiracy theorist Alex Jones got into the act last week, interrogating an Echo on his show with hilarious earnestness. “Alexa, do you work for the CIA?... Alexa, you are lying to me!... Alexa, who is Jeff Bezos?”
But devices like the Echo and Google Home are not really “always on.” They’re in passive listening mode, using a small amount of power for something called “device keyword spotting.”
In effect, the companies say, the device is recording about one second of ambient sound, hunting for the acoustic signature of their wake words, “Alexa” or “OK Google,” and then constantly overwriting and discarding that fraction of sound.
When the wake word is uttered, the Echo glows with a blue crown of light. Only then does it send the command to the cloud and fetch a response from Amazon’s servers. Users can look at their personal history in the Alexa smartphone app to see exactly what sound Amazon has sent to its servers.
These are typically anodyne commands (“Alexa, play Harry Potter trivia”) or expressions of frustration when the device has misinterpreted a request and is going haywire (“Alexa, STOP!”).
The Gizmodo piece acknowledges this but raises some hypothetical scenarios. What if hackers get a hold of the device and change how it operates? This apparently happened once, when a British security researcher had to physically disassemble the device to demonstrate an Echo vulnerability.
Then there’s the sensational example from earlier in the year when police officials in Bentonville, Arkansas subpoenaed a customer’s Alexa records in connection with a 2015 homicide at his home. — Bloomberg