Open Mic in Smart Homes: A Privacy Wake-up Call

Voice Control Takes Charge of the Smart Home
February 16, 2017
Arrayent Sponsors Febreze Home™ Hackathon, Challenging Developers to Create Personalized Connected Experiences for the Smart Home
February 27, 2017
Show all

The second in a series taking a closer look at Arrayent’s Top 10 Predictions for 2017.
No. 2: IoT in 2017…will foment a wake-up call for more privacy and security control as millions of homes now have an Internet connected, always-on ‘open mic’ with Amazon Echo, Google Home, Nest Cam, and other entrants yet to emerge.

HAL9000A SPY IN YOUR HOME

When authorities went to investigate the murder of Arkansas man, who had been found dead in his hot tub at the end of November, they discovered that an unusual witness may have been present at the crime: an Amazon Echo. Prosecutors in the case proceeded to ask the court for a search warrant to force Amazon to provide data from Echo, which was owned by the man charged with committing the murder, making the device into a potential ‘witness’ at the trial.

To date, Amazon has declined: “Amazon will not release customer information without a valid and binding legal demand properly served on us. Amazon objects to overbroad or otherwise inappropriate demands as a matter of course.”

The much-discussed case (in tech circles) is surely a first test for how evidence rules apply to information from home appliances connected to the Internet. But it also poses much broader privacy questions for the industry and our connected online lives.

Murder cases aside, we have also read reports of a kid ordering 4 pounds of cookies and a very expensive dollhouse unbeknownst to her parents via Alexa/Echo (another 2016 holiday story making the rounds). And just recently an official watchdog in Germany—the Federal Network Agency, has banned a talking doll called ‘My Friend Cayla’ (see video) from sale and told parents to destroy ones already purchased because its smart technology can reveal personal data. An agency spokesman said that My Friend Cayla amounted to a “concealed transmitting device” which is illegal under German telecom laws.

THE WILD WILD WEST

These and other stories about having always-on microphones in connected home devices are rightly drawing greater scrutiny and raising alarms for greater consumer awareness and protection. In the wake of these cases and more expected to come as Amazon Echo/Alexa and other voice control platforms proliferate in the market, the ACLU recently came out with a series of recommendations. Among them:

  • Best for privacy is for no such activation to be possible and consumers must also be given explicit warnings where any such capabilities exist with visual indicators for when a device is on and recording.
  • Companies and policymakers need to address the raft of issues around connected in-home devices with microphones and cameras – including the need for automatic and ongoing updates. “Devices that start out as private and secure can become a toxic presence inside the home as a result of things happening in the outside world, and right now, consumers are on their own in a Wild West.”
  • ACLU also encourages speech recognition capabilities to be embedded locally in a device, so there’s no need to send audio clips to servers across the Internet. “While that can work now for some simple commands, experts say that good recognition of a broader array of speech still requires processing in the cloud.”
  • Finally, ACLU says legislative privacy protections are also needed. “Congress should lay out strong and precise standards for when the government can access data from these new devices. As with wiretaps, the privacy and public interests at stake may require protections beyond a warrant and notice requirement…”

A NEED FOR LEADERSHIP & COOPERATION

We tend to agree with the San Jose Mercury News’ analysis: “The tech industry needs to work with Congress to find the proper balance between individuals’ privacy rights and government’s security needs, as every other major developed country has done.” With cybersecurity being one of the items on top of the new administration’s agenda, we certainly hope this will be the case.