Skip to content

Apple

Apple contractors ‘regularly hear confidential details’ on Siri recordings

Why anyone in their right mind would us a “smartspeaker” or digital assistance is beyond me. Apple got caught with their pants down and has “suspended” the practice. That said, can you trust them, or Google, or Amazon? No. Just say no to this technology. There will always be leaks. “What happens on your iPhone goes to our contractors” in this case.

Quote

Apple contractors regularly hear confidential medical information, drug deals, and recordings of couples having sex, as part of their job providing quality control, or “grading”, the company’s Siri voice assistant, the Guardian has learned.

Although Apple does not explicitly disclose it in its consumer-facing privacy documentation, a small proportion of Siri recordings are passed on to contractors working for the company around the world. They are tasked with grading the responses on a variety of factors, including whether the activation of the voice assistant was deliberate or accidental, whether the query was something Siri could be expected to help with and whether Siri’s response was appropriate.

Apple says the data “is used to help Siri and dictation … understand you better and recognise what you say”.

But the company does not explicitly state that that work is undertaken by humans who listen to the pseudonymised recordings.

Apple told the Guardian: “A small portion of Siri requests are analysed to improve Siri and dictation. User requests are not associated with the user’s Apple ID. Siri responses are analysed in secure facilities and all reviewers are under the obligation to adhere to Apple’s strict confidentiality requirements.” The company added that a very small random subset, less than 1% of daily Siri activations, are used for grading, and those used are typically only a few seconds long.

A whistleblower working for the firm, who asked to remain anonymous due to fears over their job, expressed concerns about this lack of disclosure, particularly given the frequency with which accidental activations pick up extremely sensitive personal information.

Siri can be accidentally activated when it mistakenly hears its “wake word”, the phrase “hey Siri”. Those mistakes can be understandable – a BBC interview about Syria was interrupted by the assistant last year – or less so. “The sound of a zip, Siri often hears as a trigger,” the contractor said. The service can also be activated in other ways. For instance, if an Apple Watch detects it has been raised and then hears speech, Siri is automatically activated.

The whistleblower said: “There have been countless instances of recordings featuring private discussions between doctors and patients, business deals, seemingly criminal dealings, sexual encounters and so on. These recordings are accompanied by user data showing location, contact details, and app data.”

That accompanying information may be used to verify whether a request was successfully dealt with. In its privacy documents, Apple says the Siri data “is not linked to other data that Apple may have from your use of other Apple services”. There is no specific name or identifier attached to a record and no individual recording can be easily linked to other recordings.

Accidental activations led to the receipt of the most sensitive data that was sent to Apple. Although Siri is included on most Apple devices, the contractor highlighted the Apple Watch and the company’s HomePod smart speaker as the most frequent sources of mistaken recordings. “The regularity of accidental triggers on the watch is incredibly high,” they said. “The watch can record some snippets that will be 30 seconds – not that long but you can gather a good idea of what’s going on.”

Sometimes, “you can definitely hear a doctor and patient, talking about the medical history of the patient. Or you’d hear someone, maybe with car engine background noise – you can’t say definitely, but it’s a drug deal … you can definitely hear it happening. And you’d hear, like, people engaging in sexual acts that are accidentally recorded on the pod or the watch.”

The contractor said staff were encouraged to report accidental activations “but only as a technical problem”, with no specific procedures to deal with sensitive recordings. “We’re encouraged to hit targets, and get through work as fast as possible. The only function for reporting what you’re listening to seems to be for technical problems. There’s nothing about reporting the content.”

As well as the discomfort they felt listening to such private information, the contractor said they were motivated to go public about their job because of their fears that such information could be misused. “There’s not much vetting of who works there, and the amount of data that we’re free to look through seems quite broad. It wouldn’t be difficult to identify the person that you’re listening to, especially with accidental triggers – addresses, names and so on.

“Apple is subcontracting out, there’s a high turnover. It’s not like people are being encouraged to have consideration for people’s privacy, or even consider it. If there were someone with nefarious intentions, it wouldn’t be hard to identify [people on the recordings].”

The contractor argued Apple should reveal to users this human oversight exists – and, specifically, stop publishing some of its jokier responses to Siri queries. Ask the personal assistant “are you always listening”, for instance, and it will respond with: “I only listen when you’re talking to me.”

That is patently false, the contractor said. They argued that accidental triggers are too regular for such a lighthearted response.

Apple is not alone in employing human oversight of its automatic voice assistants. In April, Amazon was revealed to employ staff to listen to some Alexa recordings, and earlier this month, Google workers were found to be doing the same with Google Assistant.

Apple differs from those companies in some ways, however. For one, Amazon and Google allow users to opt out of some uses of their recordings; Apple offers no similar choice short of disabling Siri entirely. According to Counterpoint Research, Apple has 35% of the smartwatch market, more than three times its nearest competitor Samsung, and more than its next six biggest competitors combined.

The company values its reputation for user privacy highly, regularly wielding it as a competitive advantage against Google and Amazon. In January, it bought a billboard at the Consumer Electronics Show in Las Vegas announcing that “what happens on your iPhone stays on your iPhone”.

Break up Facebook (and while we’re at it, Google, Apple and Amazon)

Reich concludes “We must resurrect antitrust” – yes and we need to do that very fast.

Quote

Big tech has ushered in a second Gilded Age. We must relearn the lessons of the first, writes the former US labor secretary

Last week, the New York Times revealed that Facebook executives withheld evidence of Russian activity on their platform far longer than previously disclosed. They also employed a political opposition research firm to discredit critics.

There’s a larger story here.

America’s Gilded Age of the late 19th century began with a raft of innovations – railroads, steel production, oil extraction – but culminated in mammoth trusts owned by “robber barons” who used their wealth and power to drive out competitors and corrupt American politics.

We’re now in a second Gilded Age – ushered in by semiconductors, software and the internet – that has spawned a handful of giant hi-tech companies.

Facebook and Google dominate advertising. They’re the first stops for many Americans seeking news. Apple dominates smartphones and laptop computers. Amazon is now the first stop for a third of all American consumers seeking to buy anything.

“Amazon the first stop..” — The main reason is that they have allowed illegal predatory pricing to drive out competition. And Amazon is usually never a good deal. Check it out carefully: Prime products are always more expansion than elsewhere even on the Amazon site. With Prime you pay twice. Brilliant!

This consolidation at the heart of the American economy creates two big problems.

First, it stifles innovation. Contrary to the conventional view of a US economy bubbling with inventive small companies, the rate at which new job-creating businesses have formed in the United States has been halved since 2004, according to the census.

A major culprit: big tech’s sweeping patents, data, growing networks and dominant platforms have become formidable barriers to new entrants.

The second problem is political. These massive concentrations of economic power generate political clout that’s easily abused, as the New York Times investigation of Facebook reveals. How long will it be before Facebook uses its own data and platform against critics? Or before potential critics are silenced even by the possibility?

America responded to the Gilded Age’s abuses of corporate power with antitrust laws that allowed the government to break up the largest concentrations.

President Teddy Roosevelt went after the Northern Securities Company, a giant railroad trust financed by JP Morgan and John D Rockefeller, the nation’s two most powerful businessmen. The US supreme court backed Roosevelt and ordered the company dismantled.

In 1911, President William Howard Taft broke up Rockefeller’s sprawling Standard Oil empire.

It is time to use antitrust again. We should break up the hi-tech behemoths, or at least require they make their proprietary technology and data publicly available and share their platforms with smaller competitors.

There would be little cost to the economy, since these giant firms rely on innovation rather than economies of scale – and, as noted, they’re likely to be impeding innovation overall.

But is this politically feasible? Unlike the Teddy Roosevelt Republicans, Trump and his enablers in Congress have shown little appetite for antitrust enforcement.

Republicans rhapsodize about the “free market” but have no qualms about allowing big corporations to rig it at the expense of average people. Yet as the late Robert Pitofsky, former chairman of the Federal Trade Commission, once noted: “Antitrust is a deregulatory philosophy. If you’re going to let the free market work, you’d better protect the free market.”

But the Democrats, for their part, have shown no greater appetite for antitrust – especially when it comes to big tech.

In 2012, the staff of the FTC’s bureau of competition submitted to the commissioners a 160-page analysis of Google’s dominance in the search and related advertising markets, and recommended suing Google for conduct that “has resulted – and will result – in real harm to consumers and to innovation”.

But the commissioners, most of them Democratic appointees, chose not to pursue the case.

The Democrats’ recent “better deal” platform, which they unveiled a few months before the midterm election, included a proposal to attack corporate monopolies in industries as wide-ranging as airlines, eyeglasses and beer. But, notably, the proposal didn’t mention big tech.

Maybe the Democrats are reluctant to attack the industry because it has directed so much political funding to Democrats. In the 2018 midterms, the largest recipient of big tech’s largesse, ActBlue, a fundraising platform for progressive candidates, collected nearly $1bn, according to the Center for Responsive Politics.

As the New York Times investigation makes clear, political power can’t be separated from economic power. Both are prone to abuse.

Antitrust law was viewed as a means of preventing giant corporations from undermining democracy. “If we will not endure a king as a political power,” thundered Ohio’s Senator John Sherman, the sponsor of the nation’s first antitrust law in 1890, “we should not endure a king over the production, transportation and sale” of what the nation produced.

In the second Gilded Age as in the first, giant firms at the center of the American economy are distorting the market and our politics.

We must resurrect antitrust.

Thousand-dollar iPhone X’s Face ID wrecked by ‘$150 3D-printed mask

Quote

Apple’s facial-recognition login system in its rather expensive iPhone X can be, it is claimed, fooled by a 3D printed mask, a couple of photos, and a blob of silicone.

Bkav Corporation, an tech security biz with offices in the US and Singapore, specializes in bypassing facial-recognition systems, and set out to do the same with Face ID when it got hold of a $999 iPhone X earlier this month. The team took less than a week to apparently crack Cupertino’s vaunted new security mechanism, demonstrating that miscreants can potentially unlock a phone with a mask of the owner’s face.

“Everything went much more easily than you expect. You can try it out with your own iPhone X, the phone shall recognize you even when you cover a half of your face,” the biz said in an advisory last updated on Saturday.

The team is still researching how to crack the system more easily and refining their methods. In the meantime the biz advises sticking to fingerprints for biometric security. ®