The smart hubs have eyes: Why the Amazon Echo Show should have you asking questions about privacy

It is, for better or worse, as trustworthy as Amazon itself

Echo Show

Echo Show

Here the Echo Show does a reasonable impression of a smart alarm clock.Amazon

By now, we've grown accustomed to our devices listening to us. Siri, Google Assistant, Alexa, Bixby, Cortana, and every other disembodied virtual taskrabbit has been hearing our commands—and who knows what else—for years. But, with its last two smart hub devices, Amazon has pushed one step beyond the microphone, asking users to install cameras in their homes. Yesterday, with the announcement of the Echo Show, Amazon reaffirmed its plan to have Alexa see you in addition to hear you. It's a small step forward in terms of usability, but a major can of worms when it comes to our security and privacy.

For most users, the greater concern might not be what Amazon or the government wants with the Echo, but what hackers can do with a microphone, camera and screen placed on the bedside table or in their child's nursery. In this case, the only immediate protection for most people will be the skill of Amazon's engineering team. We saw a similar conversation take place regarding smart TVs and their ability to hear things they maybe shouldn't.

"As miscreants learn that the pranks they can pull with this, Amazon's going to be investing more and more into stopping these pranks, " said Bob Gourley, co-founder of Cognitio Corp, a firm that does security consulting. "But there are going to be pranks, you can be sure of that."

Pranks covers a wide range of activity, from a kid ordering a favorite toy over Amazon without parental permission to hackers finding their way into the device to watch live video inside a home. Gourley specifically highlights Shodan, a search engine that finds internet-of-things devices and, if they're unsecured, lets outsiders watch video from cameras set up inside homes. Amazon has likely thought of this and included security features like requiring a voice pin before purchases that make it harder for anyone to simply gain access to all the device's features. Still, it's theoretically possible that a person could find a different internet-connected device, like a nanny cam with a default password, and then try to use that access to get into the Echo Show.

“Amazon likes building with Android and Linux,” said Gourley, “so we can assume this is a tablet with the Amazon build of Android or Linux and probably some additional security. There’s something out there for hackers to target.”

More likely are actions that take advantage of the Echo responding to any voice. Echo at present does not distinguish between the people who own it, their children, houseguests, or even television ads. (Earlier this year, an ad for Burger King activated a similar listening feature on Google devices.) Right now, Amazon mitigates this by letting users change the default word that wakes up Alexa to one of a preselected set of phrases, which provides a modest increase in security. Letting users create custom wakeup words would make it a lot harder to take over the machine by voice activation. Amazon also recommends users turn off the microphone on Echo devices when away from home, so someone can't just ask Alexa to open a garage door.

Echo Show, in a nursery

Echo Show, in a nursery

The Echo Show can work as a nursery camera itself, or with other nursery cameras to show video of what is happening in the crib.Amazon

These smart hubs need to be connected to the internet to work, which opens up the possibility of a malicious actor accessing the devices. The first weak point in that chain, then, is how much users actually trust a company like Amazon. "Amazon recordings get transmitted to Amazon servers," said Jay Stanley, a senior policy analyst at the ACLU. "Amazon is a household-name company, and it has to worry about its public image, which is a significant check on what it's likely to do. Amazon has a published privacy policy that people can inspect, and with existing versions of the Echo, Amazon will let users go online, listen to all the audio they've collected, and then delete it if they like."

This is important, because the second weak point for data transmitted by an Echo is the law and the government. This is a function of third-party doctrine, where data held by an intermediate company loses the protections of private communication, like if someone was making a call with a payphone in an old public telephone booth. But that runs into conflict with devices like Echo, which stores data outside the home in Amazon's servers, and which people use in the privacy of their own home, an area traditionally regarded as having extra constitutional protections. Is the Echo's data private because the conversation took place in the home, or is it less protected because Amazon stored information about that conversation elsewhere?

When it comes to getting information recorded by an Echo, “We think [law enforcement] should definitely have to get a warrant, and that obtaining that information may rise to a higher standard,” said Stanley. Still, “At the end of the day, if Amazon has your data, and if the government comes for it, Amazon can fight it in court. If they lose the government can get your data.”

This is what happened in Arkansas, when Amazon was asked to turn over data recorded by an Echo in case it might add evidence to a murder case. Amazon pushed back on the warrant, before eventually handing over the data at the request of the defendant's counsel. (In that case, Amazon also audaciously argued that Alexa, as an AI used by Amazon, had speech rights).

The convenience of the Echo is that it is an always-listening device, ready to respond to a query by sound alone. With an added camera and screen, that remains the main appeal of the device. The Echo Show is new, so we don’t yet know what unique flaws it may contain, but some weaknesses are the same as before: A device that is always listening and stores data outside the user’s home requires continued management from Amazon, may have less legal protections from the government than if the data is stored inside the home, and it could provide an entry point for hackers.