Privacy, Security and Voice Search: Does Your Company Know What It’s Getting Into?

man with tape over mouth

These days, everyone is using the voice search function across all platforms on all devices. Look no further than an iPhone to an Android phone to the Windows tablet, and you’ll see most people speaking questions instead of typing them. Without a doubt, it’s much easier to speak a request or question rather than typing it on a small keyboard. But do you know the reason that your device gets more accurate?

The reason is because all of your voice commands are stored on servers that are owned by Microsoft, Apple or Google. As you speak, those servers are accessed and an algorithm is used to match your voice against words you have previously spoken. Everything from dialect to intonation is used to match words and recall them. Everything you have ever said with voice search is stored on those servers – and a transcript of all questions and answers are also kept on your device.

It was recently revealed that Apple keeps Siri data for two years. Here is an excerpt from the story as told by Apple’s spokesperson Trudy Muller to Wired.com’s Robert McMillan: “Apple generates random numbers to represent the user and it associates the voice files with that number. This number — not your Apple user ID or email address — represents you as far as Siri’s back-end voice analysis system is concerned…Once the voice recording is six months old, Apple “disassociates” your user number from the clip, deleting the number from the voice file. But it keeps these disassociated files for up to 18 more months for testing and product improvement purposes.”

Laws governing the right to privacy in this arena are still uncertain. This is another example of technology advancing quicker than legislation can be written and passed. Voice prints based on voice patterns (similar to finger prints) can be matched and files can be collected regardless of how voice files are associated with users. Computing power has advanced significantly where this type of data crunching is feasible.

Now why should companies care? The answer depends on the data that you’re trying to keep safe from prying eyes, even the government. What if you’re a law firm, an accounting firm, or some other form of financial services firm? Your confidential client data could be at risk by prying eyes. Since questions and answers are stored on your mobile devices as well as their servers, anyone who gets their hands on your devices can see what you’ve been asking and the answers that you’ve been receiving. By the same token, the information on those servers could be compromised by law enforcement – either by accident or intentionally – possibly bypassing attorney-client privilege or eventually by hacking.

On one hand, you may have nefarious individuals stealing your devices and discovering partial transcripts of questions you’ve asked, such as, directions to a specific location. This might include a client meeting on a regular basis. Or on the other hand, your data could be at risk by way of servers, which could be searched or even hacked – and your information could be compromised that way.

Where does BYOD fit when it comes to voice search? Consider the increasing use of personal devices for and at work, and after adding all the voice activity into the equation, your management team may think twice about the viability of BYOD. If employees ask questions that relate in some way to their work product, confidential data can easily be saved on servers where it should not be stored.

When it comes to technology, every time that something good is developed, someone evil tries to penetrate it, whether in the form of a hacker or by an abuse of power. All data is at risk in one way or another, but where voice search is concerned, remember what your parents told you, think before you speak.

Image Credit: Courtesy of stockimages via FreeDigitalPhotos.net

This post was brought to you by IBM for Midsize Business and opinions are my own. To read more on this topic, visit IBM’s Midsize Insider. Dedicated to providing businesses with expertise, solutions and tools that are specific to small and midsized companies, the Midsize Business program provides businesses with the materials and knowledge they need to become engines of a smarter planet.

wordpress blog stats
Advertisements

About Allan Pratt

Technology and cybersecurity professional with focus on tech news, cybersecurity, networking, infrastructure, data protection, consumer electronics, and social media.
This entry was posted in BYOD, Data Security, Management and Technology, Mobile Computing, Network Security, Search Technology. Bookmark the permalink.

One Response to Privacy, Security and Voice Search: Does Your Company Know What It’s Getting Into?

  1. Pingback: Privacy, Security and Voice Search: Does Your Company Know What It’s Getting Into? | Tips4Tech Blog | Fraud 2.0

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s