Voice command data and privacy protection, Part II: Apple’s Siri – Suneet Sharma

13 09 2019

Apple recently released a statement on its development of automated assistant Siri’s privacy protections. The result is a move towards doing everything right in safeguarding consumer privacy. When compared to Amazon’s protections for its Alexa service market shifts and best practice become clear, making for better adherence to the seven data protection principles underpinning the GDPR.

Data Minimization

From the outset, Apple’s statement refers to a hallmark of data protection- data minimization. This is the concept that as little personal data should be processed as absolutely necessary in any given function. In the context of virtual assistants, this means confining any processes of using personal data to those only absolutely necessary for function at the base, with processing being done on the device itself as much as possible- uploading data to the providers Cloud exposes it and transfers data to a different ecosystem. The statement provides a practical example of this:

 “If you ask Siri to read your unread messages, Siri simply instructs your device to read aloud your unread messages. The contents of your messages aren’t transmitted to Siri’s servers, because that isn’t necessary to fulfill your request”.

Furthermore, only a very small volume of voice data clips are reviewed- 0.2%.

Data Anonymization

Personal data, in the form of recorded voice data, being tracked back to users creates risk. Risk of misuse and risk of breaches of privacy. Anonymising data such as randomizing ID details and associated info so individual users cannot be targeted and identified is best practice in mitigating risk. In the event of a data breach, the misuse of data becomes much more difficult with these identifiers removed. Additionally, their inclusion is not necessary for their purpose, improving the voice software algorithms does not require details identifying the user to be used:

“Siri uses a random identifier — a long string of letters and numbers associated with a single device — to keep track of data while it’s being processed, rather than tying it to your identity through your Apple ID or phone number…”

Storage limitation

Simply the concept that as little personal data should only be stored for as long as necessary. Apple directly addresses this, substituting user transcripts for user-generated ones and no longer storing voice data as a default.

“by default, we will no longer retain audio recordings of Siri interactions. We will continue to use computer-generated transcripts to help Siri improve…

Additionally, users will have to opt in to send their voice data to assist in the learning process. Having the default position be that users have to opt-in is an encouraging sign for data privacy. The links to the legitimate basis Apple relies upon for processing the data, establishing consent for processing. This ensures consent underpins the sharing of voice data and gives users more control over the use of their personal data at a granular level:

“users will be able to opt in to help Siri improve by learning from the audio samples of their requests. We hope that many people will choose to help Siri get better, knowing that Apple respects their data and has strong privacy controls in place. Those who choose to participate will be able to opt-out at any time.”

Reduction of third party exposure

The more systems which have access to data the more points of risk are created. Third parties are less likely to have high levels of data encryption and robust systems to adequately protect personal data. In the review of voice data, third party contractors are sometimes onboarded to undertake the review process. This causes unease with customers, undermining confidence, confidentiality and creating un-needed risk factors. It could be argued that instances of outsourcing undermine the data protection principles within the GDPR. Apple has taken significant steps in the right direction by promising only Apple employees will review voice data:

“only Apple employees will be allowed to listen to audio samples of the Siri interactions. Our team will work to delete any recording which is determined to be an inadvertent trigger of Siri.”

Ultimately Apple’s changes to voice data harvesting and reviewing are to be welcomed. Many elements, particularly opting-in and removing third party access, should be considered defaults to set a high industry standard to the protection of users personal data and privacy.

Suneet Sharma is a junior legal professional with a particular interest and experience in media, information and privacy law.

This post originally appeared on The Privacy Perspective Blog and is reproduced with permission and thanks 

 


Actions

Information

Leave a Reply




%d bloggers like this: