- Health Is Wealth
- Posts
- Siri data protection: All information at a glance
Siri data protection: All information at a glance
[ad_1]
Nothing works at Siri without the Internet
iCloud, iMessage, location services, photo sharing and more: When using Apple's Siri voice control, a lot of highly sensitive data quickly comes together. Why should that make users pay attention? So that voice assistants such as Siri, Amazon's Alexa, Cortana and Co. can understand us, they send this information together with our voice recordings to the server of the manufacturer, i.e. Apple, Amazon or Microsoft. That means: From the respective device, the data travels across the world once. This happens so quickly that the user usually doesn't notice anything. But give it a try and activate airplane mode on your iPhone. You will see: If you are not smart health connected to the Internet, Assistant Siri immediately falls silent.
Legal basis: The General Data Protection Regulation GDPR
As soon as users turn to voice assistants with questions and commands, data is generated that is exchanged with the respective manufacturer over the Internet. That's not a bad thing either – as long as the manufacturer takes the protection of this data seriously and ensures its security. The General Data Protection Regulation, or GDPR for short, determines what this should look like in Europe. This specifies the following rules, for example:
data may only be collected at all with the consent of the data subject
the data processing is always earmarked
data collection must be kept as minimal as possible
Data that identify a person may only be stored to a limited extent
Data must be protected against loss, destruction and unauthorized processing
Apple and Siri: criticism of data protection
So is there no need to worry? Unfortunately it's not that easy. Because wherever data is generated, it is important to ensure that it actually remains protected and is not intercepted by third parties or even misused by the service provider. However, it is usually not so easy for end customers to understand which of their data is collected and how it is protected. In the case of Apple, for example, it is completely unclear whether the data of European users are also processed in European data centers – and thus are actually subject to the above-mentioned requirements of the GDPR.
Consumer advocates are therefore particularly critical of the practice of modern voice assistants in leaving the microphone permanently on. This is the case on iPhones as well as on Amazon Echo or Google health home. They are constantly listening to their surroundings in order to be able to react immediately to their activation word – for example "Hey, Siri!" The user cannot see which data is actually being transmitted. Even if the manufacturers promise that their devices will only transmit voice data to the server with the activation word – there is no real transparency.
If you want to be on the safe side, you can simply deactivate the "Hey Siri" function
(Apple)
Why is data exchange with Apple necessary?
Whether HomePod, Google health home or Amazon Echo, the so-called intelligent speakers share a secret: In fact, they are quite stupid, no trace of intelligence. Your only task is to record voice data and transmit it to the manufacturers' computers via the local WLAN. Only here does artificial intelligence come into play, which evaluates this data in a computationally intensive manner. The slim computing chips in the loudspeakers are not designed for such a mammoth task – they can only perform this task in conjunction with the huge server farms that are distributed all over the world. In the background, they also ensure that the language assistants become smarter, understand us better and better, and can provide more useful answers.
What data does Siri collect?
Apple has deactivated the so-called "Hey Siri" function – the permanently switched on microphone – on the iPhone by default. Even when it is switched on, the device only listens to the activation word. This process takes place purely locally on the device, and the continuous recordings are constantly overwritten. Audio recordings are only transferred to Apple's computer when Siri has been activated.
In principle, every request to Siri is transmitted to the Apple server. Here the voice data is analyzed by speech recognition software. In order to be able to provide meaningful answers adapted to the user, information associated with the end device is added to them. If location services are activated, Siri also transmits the current location for each request. In order to better understand the user and find answers tailored to his questions, Siri stores various information about him in the Apple cloud. This includes name, location data, contacts and relationships, played song titles and past searches. According to Apple information, this data is not linked to the user's Apple ID and is anonymized for up to six months under a random identifier.
Important to know: At Apple, not only software is responsible for speech analysis, some people also evaluate the data for quality assurance. This task is carried out by third parties.
How does Apple protect user data?
Apple has been very active in the area of data protection in recent years and has always developed new strategies. Today, the company relies on a multi-level security strategy that focuses on local encryption, data processing on the device and data minimization.
On the device itself, a native encryption of the hard drive should ensure the security of the local data. iMessage and FaceTime are also encrypted on iPhone, Mac and Co., so that nobody can access the content without the user code – not even Apple itself. In principle, Siri does not forward sensitive message content, e.g. from SMS, iMessage or WhatsApp, to the server. The same applies to photos that are analyzed purely locally. Third-party apps must agree to Apple's guidelines for handling user data and ask the user for permission before they can access location data or photos. Wherever data transfer takes place, Apple relies on consistent encryption: For iCloud content such as photos, documents, contacts, calendar entries and more, this means that they are not only encrypted, but also saved on the server in this way. The manufacturer from Cupertino calls its concept for anonymized user data evaluation "differential privacy". For this purpose, random information is added to the data collected before it is analyzed. In this way, they can no longer be associated with the individual device.
What does consumer protection say about data security at Apple?
The Stiftung Warentest recently took a close look at smart loudspeakers on a large scale. It has come to sobering results with regard to data protection. Not a single provider was able to present a convincing concept for protecting user data. From spongy terms in the terms and conditions to the lack of a right to object, the practices remain far from what the European Union stipulates in the GDPR – Apple does not stand out here either. Another problem is that terms of use can change at any time. The practical impact that this has on data protection is often difficult or impossible for individual users to understand.
Be smart and save: The Apple HomeKit starter sets from tink.com enable iOS users to get into the smart health home with just a few clicks. The devices can then be controlled directly in the Control Center.
Are Siri privacy vulnerabilities known?
The "Hey Siri" function allows the phone to be used to a very large extent without user authentication. This raises data protection concerns: sending text messages, having messages read out, all of this also works by third parties without entering a password, Touch ID or Face ID.
In 2018, Apple started with an acute Siri data leak, which caused quite a stir. Siri simply reads confidential messages from various third-party apps such as WhatsApp, Facebook and Gmail from the lock screen. Already in 2017 there was similar turmoil when Siri – also from the locked screen – allowed access to the Apple photo gallery.
Tips and tricks for data-saving use of Siri
The clever Apple assistant Siri can now be found on almost all devices from the manufacturer, regardless of whether they use the operating systems iOS, macOS, watchOS or tvOS. Reason enough to take a thorough look at the privacy settings and increase the protection of your own data. Three points are particularly relevant for data security and economy:
If in doubt, deactivate the "Hey Siri" function: Those who have privacy concerns should prefer to forego the convenience of the function. In contrast to Amazon and Google users, Apple leaves the free choice here. The option can be found in the settings of iOS devices under "Siri & Search" – "Pay attention to 'Hey Siri'".
Disable Siri completely once the lock screen is active. This prevents unauthorized third parties from accessing private phone content. To do this, deactivate the "Siri" option in the settings under "Touch ID & Code".
For more intelligent answers, Siri uses information from various apps on the iPhone and iPad. If you want to keep control here, certain apps can be excluded. To do this, select "Siri & Search" in the settings and make the desired settings for individual apps.
Data security: Siri usage via the lock screen can be easily deactivated
(Apple)
Conclusion: use security options for Apple
Voice assistants such as Apple's Siri make our day-to-day life considerably easier and surprise us with ever new, practical functions. Above all, however, they make technology accessible to all those who have so far not been able to cope with it. With regard to data protection, in particular, opening up to manufacturers with commercial interests must always be critically examined. Since the unbroken trust of customers is becoming increasingly important for their financial success, a lot has already happened in this field. Apple in particular has emerged as a pioneer in data protection in the past few years and has shown this card as a unique feature compared to its strongest competitors. No art for the manufacturer from Cupertino, after all, unlike Amazon and Google, he does not earn his money from advertising. Siri therefore offers numerous functions to ensure the protection of your own data without completely foregoing the convenience that voice assistant offers users. If you prevent Siri use from the locked screen as described above, you are already effectively protecting your data from third-party access.
Reading tips on data protection
How seriously does Amazon take Alexa data protection?Google health home Privacy Policy – What Does the Voice Assistant Know About Me?What the EU GDPR means for smart homes
More information and trends on the smart health home
[ad_2]
AB SMART HEALTH health home & BUILDING REVIEW