Several weeks ago, a family in Portland, Oregon, in the United States, reported an issue with their Amazon Echo smart home hub. According to the family at the centre of the supposed privacy breach, their Echo recorded details about a private conversation without their knowledge. If that wasn’t enough, the conversation was transmitted to a known contact who worked with one of the people involved. Clearly, this is a serious breach of privacy and there will be many owners of the device worrying about whether they could be affected, too.
Smart home security has long been an ongoing issue, ever since the devices were first released into the market. As a technology that is still in its infancy, there are concerns that the ever evolving ‘Internet of Things’ – the collective name for an always-connected range of devices – could pose many new security threats that we’ve never dealt with before. For example, hackers could theoretically control devices plugged into your smart home system, including CCTV systems, door locks and more.
So, what exactly happened to expose the family’s private conversations to the outside world, and could it have been avoided? Below, we’ll look at what happened, why, and how Amazon has responded to the privacy breach.
The privacy breach in detail
Several weeks ago, a woman named Danielle reported a problem with her Amazon Echo smart hub that was serious enough for her to claim, "I'm never plugging that device in again; I can't trust it (…) I felt invaded – like total privacy invasion." The woman reported the incident to media, with the story coming out on a US TV station and Amazon soon becoming involved themselves.
It started with a telephone call from a colleague of her husband's, who said he had been sent audio recordings of a private conversation held between Danielle and her husband. Initially, the couple didn't believe the reports, until the colleague referenced something relatively obscure that the conversation had referred to. Although no personal or financial details were disclosed during the conversation, it is of course still a major concern that the conversation was captured and sent to an unrelated third party.
Amazon’s response to the issue
As is typical for a headline as concerning as this one, Amazon chose to issue a statement about the problem and how exactly it occurred. The retail giant referred to the family’s problem as an "extremely rare occurrence", as well as stating that they would be "taking steps to avoid this from happening in the future". Crucially, though, Amazon didn’t deny that the problem existed; they confirmed that the audio recording had indeed been sent to the third-party colleague. They also offered additional insight into how this could happen:
“Echo woke up due to a word in background conversation sounding like “Alexa.” Then, the subsequent conversation was heard as a “send message” request. At which point, Alexa said out loud “To whom?” At which point, the background conversation was interpreted as a name in the customer’s contact list. Alexa then asked out loud, “[contact name], right?” Alexa then interpreted background conversation as “right”. As unlikely as this string of events is, we are evaluating options to make this case even less likely.”
Though it may seem unlikely that this exact string of events could occur, it has been known to happen in the past. The competing smart home hub, the Google Home, has experienced similar behaviour in the past due to advertising for the device; the audio associated with the television advert was able to trigger the device when the Home hub heard its ‘activation phrase’. These events are simply a further reminder that smart hubs are always turned on and listening out for their ‘activation phrase’, which begs the question as to whether hackers could potentially eavesdrop on our conversations in the future.
Should you be concerned?
As you can see from the above, this string of events is highly unlikely. Although you could inadvertently activate your smart home hub, this type of device has been available for sale for a few years now and this is one of the first reported incidents we’ve heard of.
Still, though we’re confident that this type of technology will continue to develop and grow in popularity, we’ve yet to see what other security problems or breaches could arise in future. If you’re concerned about these issues, or would like any help setting up your devices or lights to connect to your smart home hub, then you can get in touch with WiseGuys on 0808 123 2820.