Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy Businesses Technology

Amazon's Alexa Team Can Access Users' Home Addresses (bloomberg.com) 70

An anonymous reader quotes a report from Bloomberg: An Amazon team auditing Alexa users' commands has access to location data and can, in some cases, easily find a customer's home address, according to five employees familiar with the program. The team, spread across three continents, transcribes, annotates and analyzes a portion of the voice recordings picked up by Alexa. The program, whose existence Bloomberg revealed earlier this month, was set up to help Amazon's digital voice assistant get better at understanding and responding to commands.

Team members with access to Alexa users' geographic coordinates can easily type them into third-party mapping software and find home residences, according to the employees, who signed nondisclosure agreements barring them from speaking publicly about the program. While there's no indication Amazon employees with access to the data have attempted to track down individual users, two members of the Alexa team expressed concern to Bloomberg that Amazon was granting unnecessarily broad access to customer data that would make it easy to identify a device's owner.
When Bloomberg first reported on the Alexa auditing program, Amazon said "employees do not have direct access to information that can identify the person or account as part of this workflow."

In a new statement responding to this story, Amazon said "access to internal tools is highly controlled, and is only granted to a limited number of employees who require these tools to train and improve the service by processing an extremely small sample of interactions. Our policies strictly prohibit employee access to or use of customer data for any other reason, and we have a zero tolerance policy for abuse of our systems. We regularly audit employee access to internal tools and limit access whenever and wherever possible."
This discussion has been archived. No new comments can be posted.

Amazon's Alexa Team Can Access Users' Home Addresses

Comments Filter:
  • Hard to imagine (Score:2, Interesting)

    by Anonymous Coward

    Why and sane person would use this garbage much less pay for the privilege to do so. Idiots

  • 1984 (Score:5, Interesting)

    by AHuxley ( 892839 ) on Wednesday April 24, 2019 @07:50PM (#58486884) Journal
    Having camera and microphone like devices in the home that are alway on is not a good idea.
    What to buy something? Clear the browser, get a new ip.
    Look it up, find the product/service and find the best price.
    Clear the browser. Get a new ip.
    No need to keep a mic/camera on 24/7.
  • What’s the point if it cannot?
    • by jrumney ( 197329 )

      The Amazon Alexa team presumably refers to the employees developing and supporting the Alexa software and hardware. Not to the Amazon employees tasked with sending your purchases out to you. This is absolutely unnecessary.

      So over the past few weeks we've discovered:

      1. Amazon workers listen in at random to your Alexa device
      2. Amazon Alexa team has access to your home address
      3. Amazon workers have heard crimes such as assault and rape being committed while listening in at random, but did not report them to law e
      • So over the past few weeks we've discovered: Amazon workers listen in at random to your Alexa device

        If you are referring to the story from April 10, no, we did not learn this. We learned that they can listen to the recordings made when someone interacts with Alexa. This is not "listen[ing] in at random", it's listening to the speech that Alexa tried to interpret to see if or why it failed in an effort to make it better. Yes, it will include "false triggers", like when Alexi Lawles is introduced on TV, or someone mentions their new Lexis automobile, but those are the kinds of things that they SHOULD work w

  • hmmm (Score:5, Interesting)

    by Patent Lover ( 779809 ) on Wednesday April 24, 2019 @07:58PM (#58486922)
    You mean that Amazon needs Alexa to find my home address without using the data from hundreds of Amazon deliveries to my home address? Scary.
    • Exactly this. John Q Taxpayer buys an Alexa device, using his billing address and presumably shipping address (if they are different, lucky Amazon, they now have two addresses linked to that account). Then there's the worry that those addresses could, in theory, in some cases, be found by the team analyzing the voice recordings?
      Wow.

  • by Anonymous Coward

    I don't have any of these surveillance devices in my home, but I am curious about how much companies like Google, Apple, or Facebook are paying you people for that privilege? If it is enough money, I might get one.

  • Comment removed based on user account deletion
  • In other news there are employees at almost every company that can access their customer's home address. How do you suppose they handle billing and on site service (e.g. plumbing services, etc.) Or IOW, who gives a shit. This is the equivalent of adding "with a computer" to something and pretending it changes everything.
    • by jrumney ( 197329 )
      In other news there are employees at almost every company that have no business accessing their customers' home address. And at most companies, access to customer information is strictly controlled so employees who have no need to access it cannot. The Amazon Alexa team can create dummy databases if they need to do testing, they should not have access to the production database. After this revelation, it would not surprise me in the least to hear that the Alexa team can access Amazon customers' plaintext
      • Any idiot that concludes that this non-issue suggests that Amazon stores their passwords in plaintext would do the world a favor if they shut the fuck up and killed themselves. Off you go now mental midget ... (Send me your address and I'll order you a rope from Amazon)
    • In other news there are employees at almost every company that can access their customer's home address.

      yeah but this isn't that. The only way for keeping secret (private) information secret is compartmentalisation. Letting everyone access everything is a privacy nightmare. In this case it seems like a privacy leak, they leak too much infomation about one thing and that lets other information leak.

      • All this talk about taking a leak, I finally understand it; Amazon has Zero__Kelvin's pee-pee tape, and he's trying to create a distraction.

        Lock him up!

    • In other news there are employees at almost every company that can access their customer's home address.

      Yo dog, around here all access to that database is logged and the logs are audited.

      And if I accidentally gave your account access to that database, you would still set off a bunch of TXT messages to the security team if you used it, because security policies are enforced where technically feasible.

      That's the problem. This data can be abused in a way that harms the reputation of the company, by harming customers. Yes, various employees work with your package and see your address. That is not the same risk as

  • Team members with access to Alexa users' geographic coordinates can easily type them into third-party mapping software and find home residences

    No shit. You mean people can look up addresses in any mapping tool? Shocking!
    The problems really lies in the fact that team members have access to Alexa users' geographic coordinates in the first place, methinks.

  • This makes me wonder if Google and Apple can also access home addresses. Or how about my ISP or cable company? It's terrifying to think that a service you subscribe to might know your address.
  • So you mean to tell me if I enable a device that has a GPS chip in it and the device regularly broadcast it's location to a server AND the device is one that is intended primary for use at my residence , that someone with access to the server, who knows where the device is , might be able to look on a map and get the address of the the building the device is located in and never moved from ??? Oh my goodness? Who ... ever ... would have suspected that.

    ( in related news when you drop something it almost alwa

    • In case you didn't know, if you own an android phone and use the maps feature, and don't go intentionally shut off data collection, good regular reports to advertisers not just the location category of where you live, also things like which denomination of church building you frequent and how often , and although I haven't dug deeply into the list, basically all kinds of other things that can be intuited from your location data, like which retailers you frequent and what kind of occupation you have.

      • Yes. Since I participate in the Google Rewards survey program, they routinely ask me to rate my experience at some retailer that's located in the same shopping center where I had dinner yesterday. And since I'm a boring old guy who never does anything interesting, I accept a few dollars a month as compensation for intruding on my non-existent privacy.

  • Employees must wash their hands before returning to work.

  • The second and third words of the article - "An Amazon team auditing Alexa users' commands" -- tell you what's going on. If I purchase an Amazon device with Alexa, I probably bought it FROM AMAZON. Amazon Customer Service (and there's no better customer service on the planet) has EVERY detail of every Amazon purchase I've ever made, including my address and the address to which the device was shipped. So it is't at all surprising that Amazon has my address.

    Since, y'know, they've been sending me stuff

  • I ordered a gadget to my home and now they know where I live?
    Preposterous!

  • Isn't Alexa the one that is specifically made to help/encourage shopping? Why wouldn't you want your shopping interface to know your delivery address? That's what it's for!
  • Can we agree that proclaiming "policies are in place" has nothing to do with the underlying practice, and that statements like these are just lip service? It's nice they thought of that policy, but why are they performing this surveillance to begin with? At what point does "usability" cross the line to "enforcement of behavior"?

One good suit is worth a thousand resumes.

Working...