This is our high-tech nightmare come true: A man in Germany who requested his personal data files from Amazon was instead given dozens of Alexa recordings of someone he does not know.
Now, before we go on, if you are not familiar, Amazon’s Alexa device is supposed to be at our beck and call to do our bidding. But to do this, the device actually records things in your home. You speak to it, it records your requests, then does what you asked of it. But those recordings are not deleted. Indeed, they are stored in a database.
When the man in Germany asked for his data from Amazon, he was given hours of these recordings. But, as it turned out, the customer does not have an Alexa device. All these recordings were from another customer.
So, this customer ended up with hours of private conversations, and recordings of the doings of some other person.
It is a massive invasion of privacy. And it is the worst high-tech nightmare come true.
The story comes from Gizmodo:
Germany’s c’t magazine reports that in August the Amazon user—exercising his rights under the EU’s General Data Protection Regulation—requested his own data that Amazon has stored. Two months later, Amazon sent him a downloadable 100Mb zip file.
Some of the files reportedly related to his Amazon searches. But according to the report there were also hundreds of Wav files and a PDF cataloging transcripts of Alexa’s interpretations of voice commands. According to c’t magazine, this was peculiar to this user because he doesn’t own any Alexa devices and had never used the service. He also didn’t recognize the voices in the files.
The user reported the matter to Amazon and asked for information. He reportedly didn’t receive a response, but soon found that the link to the data was dead. However, he had already saved the files, and he shared his experience with c’t magazine out of concern that the person whose privacy had been compromised was not told about the mistake.
The German magazine listened to the files and were shocked at how much information they were able to piece together about this unknown customer.
We were able to navigate around a complete stranger’s private life without his knowledge, and the immoral, almost voyeuristic nature of what we were doing got our hair standing on end. The alarms, Spotify commands, and public transport inquiries included in the data revealed a lot about the victims’ personal habits, their jobs, and their taste in music. Using these files, it was fairly easy to identify the person involved and his female companion. Weather queries, first names, and even someone’s last name enabled us to quickly zero in on his circle of friends. Public data from Facebook and Twitter rounded out the picture.
The magazine was even able to identify the man’s girlfriend from the recordings.
The German publication eventually contacted the unknown customer and he was shocked over the whole story.
Naturally, Amazon did not want to discuss the story.
But this is all just the sort of invasion of privacy that the tech age makes us fear, isn’t it?
Follow Warner Todd Huston on Twitter @warnerthuston.Don't forget to Like Godfather Politics on Facebook and Twitter, and visit our friends at RepublicanLegion.com.
Become an insider!
Sign up for the free Godfather Politics email newsletter, and we'll make sure to keep you in the loop.