How to avoid smart speakers’ spying on you
A combination of high consumer interest, low price points and aggressive marketing means a lot of smart assistant speakers have already been bought and more will no doubt be snapped up soon.
The new devices, Google Home and Amazon Echo, have at the heart of their technology a digital assistant the user converses with as a way to ask questions or issue commands, similar in purpose to typing queries on a computer or smartphone.
Unlike past technology advancements that promised to be the next big thing — for example, virtual reality has largely become niche or enterprise focused while smart watches have failed to become as widespread as initially thought — smart speakers are piquing the interest of more than just the early adopting tech aficionado.
More than one million standalone intelligent assistants are expected to be in Canadian homes by the end of 2018, according to a recent report by tech researcher IDC Canada, and the category is expected to grow 121 per cent compounded annually until 2021.
But as the popularity of smart assistant speakers grows, so do the safety and privacy concerns about a device that listens to what you have to say and processes information using that data.
“When you bring a device like this into your home, you’re creating another node on a network,” said Samuel Trosow, an associate professor at the University of Western’s faculty of information and media studies, and a specialist in communications law and policy. “It’s not just a question of viruses spreading, it’s unauthorized entry into a broad network. Every time you add another device, you make it easier for someone to do that.”
The act of communicating verbally with a digital assistant changes how people interact with technology, much the same way touchscreens changed our phone habits, and that can leave open back doors for hackers to exploit, experts say.
Smart speaker makers are trying to address that threat by allowing users to opt out of certain features or keep some data on the device, but Trosow said that still leaves the larger question of privacy and what the companies do with the data being collected.
Most people don’t seem to have given the matter much thought.
Only about 20 per cent of Canadians, e.g., had privacy concerns related to connected home automation and security devices and 16 per cent had security concerns, according to a recent IDC survey.
About 48 per cent said they either trust the company they’re buying from, don’t care or think the pros outweigh the cons when it comes to the “always listening” capabilities of home assistant smart speakers.
“If you think about the world that we live in, there is data being tracked about your every day activity through apps you download, your phone, device or anything you are using,” said Manish Nargas, a consumer and mobile research analyst at IDC Canada. “Everything is measuring or capturing data about its user, but it’s what the companies do with the data that is very important.”
Many of us, he adds, seem to trust that tech companies will resolve any security and privacy concerns.
It’s also likely that some of those concerns may be overblown due to a misunderstanding of how the technology works.
For example, some think smart home speakers, such as the Google Home ($179) or Amazon Echo ($129), are always listening to conversations and either storing the audio or sending it to the cloud.
In reality, the products use what’s called on-device listening to detect hot words or phrases (such as “Okay, Google”). Once detected, the product lights up to indicate it is now recording and will send the audio to the cloud to match up with a command. Until that point, any audio does not leave the device.
These audio snippets are also automatically deleted from the device and the user can delete the hot-word recordings — which include a fraction of a second before the hot word — anytime. Doing so, however, means the product’s artificial intelligence and ability to be an “assistant” is hindered since there is less data for it to learn from.
Nevertheless, Nargas said companies are taking privacy and security concerns more seriously, since consumers simply won’t buy products if they don’t trust all the pieces.
Even component makers are touting their products’ security capabilities.
Earlier, the chipmaker announced its Snapdragon 845 processor will have a “secure processing unit,” a separate core that specifically encrypts data going in and out of it. The processor is being initially designed for mobile devices, but Nargas said it will likely trickle down to other products and sets the stage for built-in security.
“It is an indicator of how seriously these companies are taking security when it comes to mobile devices,” he said. “Expect things like this to become more commonplace as people ask questions such as if a product has a crypto core.”
But smart assistant speakers are just one group of devices in the larger Internet of Things that some such as Trosow remain cautious about due to hacking reports and overall privacy concerns.
“I’m not against these new technologies, but I’m probably more skeptical about them,” he said, adding there needs to be more transparency on how the data being collected is used, including more details on the algorithms that are supposed to only see user patterns and not user identities.
“I’m really worried that there is a lot of commerce going on in data that maybe at some point could be re-identified, and this is separate and apart from security concerns,” he said.
IDC’s Nargas said he owns a Google Home and has used the Amazon Echo.
Experts think the smart assistant speaker battle in Canada is only beginning, so Amazon hasn’t lost much ground to Google when it comes to fighting for consumer dollars.
It’s hard to argue that smart devices don’t bring value to a home, but the key is to choose larger and more respected companies since they tend to be quicker than smaller companies to fix bugs or pre-emptively issue security patches.
If you are going to pick a brand, pick a brand you are familiar with, experts say.