SIRI IS ALWAYS LISTENING
An anonymous Apple contractor came forward in an interview with The Guardian to address customer privacy concerns related to Apple’s invasive grading process for Siri. The company insufficiently disclosed in their terms and conditions that the grading process is even taking place. Apple did not inform users that brief audio recordings are transmitted and analyzed by human contractors for the company globally. Anonymous contractor revealed that employees regularly hear confidential information and identifiable situations that compromise the users’ right to privacy. While customer information and identification is not associated with the recordings, the audio information is at times sufficient for identification, so customers’ concerns for security and privacy have increased.
The frequent unintentional activations of Siri lead to the collection of sensitive data. The brief recordings frequently pick up conversations between doctors and patients about confidential medical records, identifiable drug deals, and other private situations. The accidental activations are reported as technical issues, but there are no procedures for how to deal with sensitive content. Apple has currently suspended Siri’s grading while they review the process. In a future Apple tech update, users will be able to choose if they want to participate in Siri’s grading process. For more information, read the full article on The Guardian.
In other web security news, the Capital One data breach has drawn attention to cloud security in the tech world. This data breach leaked millions of customers social security, credit card, and bank account numbers in the U.S. and Canada. Chris Vickery, Director of Cyber Risk Research at UpGuard, discusses the real issue in cloud security on Tech Crunch. The author uses the breach as an opportunity to address an uncomfortable issue for cloud providers and users alike.
Vickery argues that the concern in cloud platform security is customers not knowing who has access to their data. Executives who sign off their customers data to cloud services need to understand the risks. Operating under a cloud host puts all of your customer and business information at risk of being compromised and inappropriately used by them. Vickery says a legal contract cannot stop a cloud provider from abusing trusted access and inappropriately using information, and the customer will probably never know about it.
WHAT THIS MEANS FOR YOU
“The mic is always hot,” is a common phrase in the broadcasting world, and it should apply to every one of us as well – treat a microphone as if it is always on. Also, maybe turn off the “Hey Siri,” function on your iPhone. And when it comes to storing data in the cloud, check and see what your devices are syncing up. Some of that information (pictures, texts, etc.), might not be what you want stored online.