A belated Happy New Year! I trust you had a relaxing time with friends and family (or on your own if people aren’t your thing…)
So, the new year is here and I thought I’d start it off grisly by talking about murder. Stay with me, I am not joking!
Over the Christmas break, I was interested to learn of a landmark murder case being built around the data collected by Amazon’s Echo and other smart home devices.
According to subscription-based tech news website The Information, authorities in Bentonville, Arkansas issued a warrant for Amazon to hand over any audio or records from an Echo belonging to James Andrew Bates, who will go on trial next year for the first-degree murder of Victor Collins.
Amazon, significantly, declined to give police any of the information that Echo logged on its servers, but did hand over Bates’ Amazon account details and purchases.
Police say they were able to pull data off the speaker, but it’s unclear exactly what information they were able to access, and if this was of any use.
Some may ask why this information would be useful to police in the first place, but these ‘smart’ devices are ‘always-on’ and have tiny microphones (the Echo has seven) that are often listening, even if the user hasn’t requested the device to do anything.
In Amazon’s example, it is said to keep approximately 60 seconds of audio in memory for pre-processing so responses can be “instant” (think caching with web browsing). This listening is done locally on the device, and not in the cloud – hence the police’s interest in accessing the device.
Echo is activated using the wake-up word ‘Alexa’, but we’ve known for some time that IoT devices do sometimes innocuously pick-up conversations nearby without being ‘on’ – This was the case with Samsung’s Internet-connected Smart TVs, which were caught spying on users in early 2015.
There has clearly been a lot of publicity around this case, but in many respects the access to Echo is actually pretty irrelevant. Cynics would argue that the chance of pulling some useful data is probably pretty low.
What is fascinating, though, is that Bates supposedly had numerous connected devices in his home, including a water meter, which showed that 140 gallons of water were used between the hours of 1 a.m. and 3.am on the night Collins was found dead in Bates’ hot tub. As it is, this is apparently a normal-ish amount of water to be used for a hot tub, but it once again shows how smart home devices can implicate you without you knowing.
The trouble is, as I explored in this lengthy (but worth reading!) post, is that we’re at a time now where smart home adoption is accelerating, there are more devices coming to market – as evidenced at CES in Las Vegas – and yet government agencies and police powers are looking for more access into our daily activities.
They want to undermine encryption, get backdoors into tech products, and essentially decipher any conversations which could lead to the capture of a criminal or terrorist. For them, a smart home device like Echo represents another avenue through which to do that.
Do consumers, and businesses, adopting these technologies truly understand the risks, the changing legal landscape? Do they understand what data these agencies can access? I think not, and that is showing that the privacy as we know it today is dead – or at least dying.
We need to wake-up on how our data, both consumers and businesses, can be used and abused, and we need to stay abreast of governmental laws infringing our privacy. Crucially, we also need tech providers to be our privacy champions. The time starts now.