Apple Contractors Listened to 1,000+ Siri Recordings Per Shift

[gugy]

Man, I might need to move to the wilderness and living entirely off the grid to avoid any privacy issue.
Not giving a pass to Apple or any other company, but how can we altogether avoid this issue in a modern society?

 

[SDJim]

Siri often heard private data including confidential medical information, drug deals, recordings of couples having sex, and more.

 

[coolfactor]

Like the battery thing talking in vague language buried in some fine print somewhere isn't enough. Particularly, as in this case, when you are shouting about privacy to anybody who will listen.

Apple is deliberately vague when it comes to this kind of thing, take this paragraph from their iCloud security overview document. It's very misleading.

https://support.apple.com/en-gb/HT202303

I'm not an expert on exactly how iCloud handles end-to-end encryption, but I suspect it's something like this:

• Each device connected to an iCloud account uses a unique public-private key pair. The private keys always remain on the device.
• Each device registers their public key with the iCloud account.
• When sending data from one device to another, the data is encrypted using the sender's key, stored on iCloud using the cloud key, then sent to the receiver's device using the receiver's key.

End-to-end encryption. This is exactly how SSH works, except multiple (more than two) parties are involved in a single transaction instead of just two parties. And this fits with the language that the data is "protected with a key derived from information unique to your device" because you can't transfer public-private keys to another device and have them work without some effort. Each device has a unique signature that the key is validated against. iCloud likely does the validation as part of the process.

Public-private key authentication is very common, and iCloud likely employs it between all authorized devices.

 

[JPack]

I'm puzzled. When setting up a new iOS device, one the questions is "Do you agree to share information with Apple to help make their products and services better?". Every single consumer has the option to decline.

If declining, is the Siri data not shared? Or was Siri an exception to this agreement, hence the media firestorm?

That setting is about analytics and refers to hardware and iOS data. It does not refer to personal data.

 

[macfacts]

Sounds like some idiot contractor who made it sound way worse than it actually was just got 300 people laid off...

I personally don't understand how you would expect the process to improve if it wasn't randomly sampled and corrected. Sounds like exactly what I would have expected to be going on, with zero concern.

I expect apple to hire actual beta testers to use Siri.

 

[I7guy]

I expect apple to hire actual beta testers to use Siri.

That’s what they did. Contractors or employees would do the same job.

 

[MVMNT]

That’s over two a minute for 7.5 hours straight. Hmmm.

 

[mikayla82ca]

What's disappointing is Apple, Google, and Amazon have people listening to recordings.

Yet Google and Amazon are so far ahead in terms of the voice assistant game. What is Apple doing?

Perfecting butterfly keyboards.

 

[69Mustang]

Canadian accents are distinguishable from American ones, eh?

Easily distinguishable. Canadian accents are annoyingly nice and smell like Tim Hortons' coffee.

 

[typonaut]

It's not good enough to give people the ability to opt-out, they should have the ability to opt-in. ie, the default position is that they have opted-out.

There's also a question as to whether the appropriate way to test your product is with people paid to test it, or with the general public not knowing they are testing it. I think it must be the former, no. Silicon Valley seems to have "different" ideas - Apple or others.

 

[BGPL]

There must be some sort of misunderstanding. Because Timmy Cook said himself privacy is a top priority for Apple.

LOL. Everyone is listening to everything. I don't care or think it's a big deal, but when companies act like they ain't doin' it... gets annoying.

 

[thadoggfather]

Apple throwing stones from a glass house with their privacy PR campaigns. I’ve always thought they spy on users, just for themselves, not to sell to ad agencies by virtue of their business model. But spying is still spying isn’t it? Not much transparency.

They come across as genuine as Tim Cook these days...

 

[Rob_2811]

I'm not an expert on exactly how iCloud handles end-to-end encryption, but I suspect it's something like this:

• Each device connected to an iCloud account uses a unique public-private key pair. The private keys always remain on the device.
• Each device registers their public key with the iCloud account.
• When sending data from one device to another, the data is encrypted using the sender's key, stored on iCloud using the cloud key, then sent to the receiver's device using the receiver's key.

End-to-end encryption. This is exactly how SSH works, except multiple (more than two) parties are involved in a single transaction instead of just two parties. And this fits with the language that the data is "protected with a key derived from information unique to your device" because you can't transfer public-private keys to another device and have them work without some effort. Each device has a unique signature that the key is validated against. iCloud likely does the validation as part of the process.

Public-private key authentication is very common, and iCloud likely employs it between all authorized devices.

The fact is Apple can, and does, provide iCloud data to third parties when legally required to do so. No mention of that at all in that support doc.

The average iOS user is not going to delve into the technical minutiae of how their device and Apples servers handle encryption.

 

[TeeHawkZ32]

"I understood the reasons why the company was doing it but I could see why people would feel it was a breach of privacy because they weren't telling people. I think the lack of consent was the issue.”

Can I just say this is a huge load of ********? Nobody actually reads the terms of use. It’s clearly stated that Siri recordings are listened to by Apple and Apple Contractors. Let’s ****ing stop feeding into the media’s ******** please.
[doublepost=1566602499][/doublepost]

Like the battery thing talking in vague language buried in some fine print somewhere isn't enough. Particularly, as in this case, when you are shouting about privacy to anybody who will listen.

Apple is deliberately vague when it comes to this kind of thing, take this paragraph from their iCloud security overview document. It's very misleading.




https://support.apple.com/en-gb/HT202303

Just FYI these are TOU for iCloud, not for Siri. Go back and read the Siri TOU. Apple is very clear that recordings are sent to Apple and analyzed by contractors.

 

[palmerc2]

“I don’t know why people would voluntarily bug your own house”

Me too, Bill.

Some of my family members have a HomePod and get false “hey Siri” requests all the time, out of the blue will pipe up and say something or play a song.

 

[Infinite Vortex]

What's disappointing is Apple, Google, and Amazon have people listening to recordings.

Don't forget Microsoft in that list and they're not stopping with it… and Cortana is significantly less useful than Siri.

 

[TeeHawkZ32]

Apple throwing stones from a glass house with their privacy PR campaigns. I’ve always thought they spy on users, just for themselves, not to sell to ad agencies by virtue of their business model. But spying is still spying isn’t it? Not much transparency.

They come across as genuine as Tim Cook these days...

Once again, I’ll repeat. You pressed “I Accept”. Have you ACTUALLY read the Software Licensing Agreement? I think you’d be surprised how transparent Apple is.

Huh. There it is right there on page 3 in BOLD;

By using Siri or Dictation, you agree and consent to Apple’s and its subsidiaries’ and agents’ transmission, collection, maintenance, processing, and use of this information, including your voice input and User Data, to provide and improve Siri, Dictation, and dictation functionality in other Apple products and services.

This is old news. Can we quit with the necroposting?

https://bgr.com/2015/03/13/siri-recording-voice-conversations/

 

[Rob_2811]

Just FYI these are TOU for iCloud, not for Siri. Go back and read the Siri TOU. Apple is very clear that recordings are sent to Apple and analyzed by contractors.

Yes I know it is. I was simply pointing out that Apples own documentation is often very misleading.

By the way at the point when the Guardian broke this story (26th July) Apples privacy page made no mention of Siri recording being listened to by Apple staff or contractors it only made some vague comment about details being transported using encryption. So it may have been in the TOU but their privacy page, again, very misleading.

 

[Chrjy]

Can I just say this is a huge load of ********? Nobody actually reads the terms of use. It’s clearly stated that Siri recordings are listened to by Apple and Apple Contractors. Let’s ****ing stop feeding into the media’s ******** please.
[doublepost=1566602499][/doublepost]

I think you're missing the point. Yes, Apple do state in their T&Cs but at the same time they put up massive billboards so every Tom, Dick and Harry can see them tout how everything stays on your iPhone. That's clearly not true.

I don't see them putting up massive posters that say 'When you speak to Siri, it's listened to by contractors, iPhone...it just gets better'!

 

[XXPP]

If someone listens to a 1,000+ Siri Recordings Per Shift, they don't really care who and what they say.

 

[jkcerruti]

And yet they still haven't fixed the "are you serious?" false "hey siri"

 

[JPack]

Once again, I’ll repeat. You pressed “I Accept”. Have you ACTUALLY read the Software Licensing Agreement? I think you’d be surprised how transparent Apple is.

Huh. There it is right there on page 3 in BOLD;



This is old news. Can we quit with the necroposting?

https://bgr.com/2015/03/13/siri-recording-voice-conversations/

You're pointing to old information from iOS 8.

Have YOU actually read the current Privacy Policy or the SLA for iOS 12? There is no mention of Siri collecting personal information.

 

[TeeHawkZ32]

I think you're missing the point. Yes, Apple do state in their T&Cs but at the same time they put up massive billboards so every Tom, Dick and Harry can see them tout how everything stays on your iPhone. That's clearly not true.

I don't see them putting up massive posters that say 'When you speak to Siri, it's listened to by contractors, iPhone...it just gets better'!

Name one other company that posts their actual terms of use on a billboard. How clear are other manufacturers about their voice assistant analytic processes?

My point is all of this information is readily available from the manufacturer before you buy a phone IF you actually give a crap about these privacy issues. If you’re worried about your privacy for whatever reason it is your responsibility to inform yourself as a consumer. Welcome to capitalism.

So did you make an uninformed purchase and now you’re having buyer’s remorse? Doesn’t sound like the manufacturers fault.

Yes I know it is. I was simply pointing out that Apples own documentation is often very misleading.

By the way at the point when the Guardian broke this story (26th July) Apples privacy page made no mention of Siri recording being listened to by Apple staff or contractors it only made some vague comment about details being transported using encryption. So it may have been in the TOU but their privacy page, again, very misleading.

Siri T&C are archived back through iOS 7 (and probably earlier), I’d encourage you to also go check those out too before you try to claim Apple hasn’t been clear about this in the past
[doublepost=1566604162][/doublepost]

You're pointing to old information from iOS 8.

Have YOU actually read the current Privacy Policy or the SLA for iOS 12? There is no mention of Siri collecting personal information.

Did you forget the part where they suspended the entire program because of the media uproar? Why would it still be in the SLA or on the privacy page anymore if it’s not being used?

 

[apolloa]

According to The Verge it was actually 1000 recordings for EACH employee..

http://www.theverge.com/2019/8/23/20830120/apple-contractors-siri-recordings-listening-1000-a-day-globetech-microsoft-cortana

So as they’ve reportedly laid off 300 data analysts due to Apple stopping this after being exposed, that was at least 300,000 recordings per day being listened to....

But I’m sure people will defend this on here who lost attempting to claim google and Amazon are evil...

 

[JGIGS]

Sounds like some idiot contractor who made it sound way worse than it actually was just got 300 people laid off...

I personally don't understand how you would expect the process to improve if it wasn't randomly sampled and corrected. Sounds like exactly what I would have expected to be going on, with zero concern.

The point is they weren't up front about it and beat the privacy drum and chide the competition about privacy yet they have contractors also listening the same way? On top of that Siri is miles behind those other assistants. Insult to injury if you ask me.