More allegations about how owners of the Amazon Echo smart speaker range are having their privacy infringed by the retailer have surfaced, with the latest claim involving an internal team of Alexa auditors having access to customer data that can reveal their home address.
It was revealed earlier in April Amazon employs thousands of workers to listen to snippets of audio recorded by Echo devices when users speak to Alexa, Amazon's digital assistant, for training purposes. Amazon did not advise the recordings of Alexa conversations were heard by employees, including background conversations not connected to the request.
In a new report, it is alleged those working on analyzing and transcribing the voice recordings for training purposes have access to far more data than first thought. Five employees familiar with the program advised to Bloomberg the team has access to location data, allowing it to determine a customer's home address in some cases.
Using the geographic coordinates provided along with the recording, the team members can find out the addresses using third-party mapping software.
Though there is no sign that Amazon employees are misusing the data by tracking down individuals, two team members were concerned over the "unnecessarily broad access" to customer data that would make otherwise anonymous data easy to identify.
The employees working on the recordings are largely based in Boston, Romania, and India, but some are provided extra information in an Amazon-produced tool that shows data about the device itself. While most of the data cannot be used to trace to a particular user, with items like device ID and customer ID numbers being relatively anonymous, location data is also offered in the tool.
One demonstration showed to the publication had a recording's coordinates pasted into Google Maps, quickly showing what could be the user's address.
On entering a customer ID into a separate tool, the home and work addresses, as well as phone numbers entered into the device at setup, can be viewed. Users who share contacts with Alexa can also find names, numbers, and email addresses appearing in the same tool.
It is thought Amazon is already restricting the amount of employees who can access the data, and the level of access. One dashboard tool that showed a user's contacts in full last year has been updated to have some digits from phone numbers obscured from view.
"Access to internal tools is highly controlled, and is only granted to a limited number of employees who require these tools to train and improve the service by processing an extremely small sample of interactions," an Amazon Spokesperson advises. "Our policies strictly prohibit employee access to or use of customer data for any other reason, and we have a zero tolerance policy for abuse of our systems. We regularly audit employee access to internal tools and limit access whenever and wherever possible."
12 Comments
Most Echo owners won’t care about this in the same way that most Facebook users don’t care about things Facebook does.
To be fair, though, this is a Bloomberg report. Should I believe it any more than the spy chip report?
Every time I think about how nice it'd be to use these types of devices and services, stories like this break and remind me that I've made the right decision in not buying these things.
Remember when the tech sites manufactured a privacy controversy about your own Mac having your own location data from your own iphone backups? Yeah. That’s funny.
Business as usual when anybody else does it or far worse.
I use my devices to check on the weather, my travelling time to work, my planned journeys etc. So course it needs your location, and in addition, my bank holds far more data on me than I care to think about, is a bank employee any different than an Amazon employee whose role is to understand the data they process?