How Much Do We Trust Alexa, Siri, Nest, and Ring — and Their Makers?
The electronic “smart home” promises endless convenience and security. People will control the temperature of their home from their office. This fall, Walmart will launch a service that will let a delivery worker unlock a house with an app and then stock its refrigerator with food, all monitored by a live camera on the worker’s chest.
It all sounds too good to be true. And maybe it is.
Before we plunge headlong into the Brave New World of smart homes, let’s pause and consider potential bugs in the system.
If we’d have done that with Facebook when it started, we might have been able to balance its convenience with the fact that it makes money mostly by creating detailed personal profiles of each of us — and then selling that information. Last Friday, it was reported that the Federal Trade Commission has fined Facebook some $5 billion for violating the privacy of some of its users.
The next possible Big Tech privacy invasion could come with residential surveillance cameras. Ring, which is mostly owned by Amazon, and other companies are busy installing security cameras in or around a customer’s home.
A program called Neighbors, which is linked with Ring, is creating a “neighborhood watch” social network to do everything from identifying package thieves and strange cars to helping find lost pets. Over 50 police departments have partnered with Ring in the last two years to offer free or discounted smart-camera systems to residents. Police say this will allow them to access recorded security footage taken from the doorsteps of houses.
While there are benefits from having electronic eyes in a neighborhood, there are also some ethical issues for the police:
• Police who partner with Ring or other systems are supposed to have access to footage only if residents cooperate. But in Bloomfield, N.J., and other cities, there are examples of police showing up at the door of those with security systems and strongly “requesting” the footage. “What happens if you refuse” police requests for footage, The Intercept asks. “Will you merely be a bad Ring Neighbor, or an uncooperative witness?”
• The police department of Aurora, Colo., set up a sting operation in which bait boxes filled with rocks and sealed with Amazon tape were left on porches with Ring cameras.
There’s also the potential for ubiquitous security cameras to become part of a comprehensive surveillance state.
But it’s not just law enforcement that has to be monitored. Amazon keeps a copy of everything Alexa records after it hears its name. Apple’s Siri also keeps recordings to help train their artificial intelligences.
“They may try to disassociate it from you and remove your username or email address, but just the same, they’ll have actual people listen to it so they can transcribe it,” Jeremy Gillula of the Electronic Frontiers Foundation told the Daily Beast. “So I hope you didn’t say anything embarrassing, because that may become fodder for these people to laugh at.”
Data breaches are sadly all too routine as hackers and rogue employees often move faster than those trying to stop them. The potential for abuse is rampant. The hacking of camera feeds could reveal the private activities and habits of homeowners, such as what time they leave each morning with their children.
And then there is the issue of whether the companies themselves can be fully trusted.
Last month, the Wirecutter blog reported that Google had confirmed that a bug in its security cameras could have allowed spying on users. “If you buy and set up a used Nest indoor camera that has been paired with a Wink hub, the previous owner may have unfettered access to images from that camera,” Wirecutter reported. Google told The Verge it has “rolled out a fit for this issue that will update automatically, so if you own a Nest camera, there’s no need to take any action.” That is, until the next bug is discovered.
There are also other disturbing signs. In January, The Intercept reported on problems with Ring:
Beginning in 2016, according to one source, Ring provided its Ukraine-based research and development team virtually unfettered access to a folder on Amazon’s S3 cloud storage service that contained every video created by every Ring camera around the world. This would amount to an enormous list of highly sensitive files that could be easily browsed and viewed. Downloading and sharing these customer video files would have required little more than a click. . . . At the time the Ukrainian access was provided, the video files were left unencrypted, the source said, because of Ring leadership’s “sense that encryption would make the company less valuable,” owing to the expense of implementing encryption and lost revenue opportunities due to restricted access. The Ukraine team was also provided with a corresponding database that linked each specific video file to corresponding specific Ring customers.
None of this is to dismiss the benefits of technology or of letting law enforcement have more crime-fighting tools. But as we’ve had to learn, painfully, from Big Tech companies such as Facebook, consumers aren’t always made fully aware of the potential for abuse or of alternate uses of these new products.
Some elected officials are worried. Legislatures in California and Illinois are considering bills that would require makers of smart speakers to get permission from customers before storing recordings.
The companies that make smart speakers are giving us “false choices,” Jordan Cunningham, a California GOP assemblyman, told the Washington Post. “We can have these devices and enjoy their functionality and how they enhance our lives without compromising our privacy. Welcome to the age of surveillance capitalism.”
Before we turn our cities and towns over to a network of smart speakers and surveillance cameras, perhaps we should ask the tough and necessary questions about privacy and civil liberties that people in any free society should be worried about.
