Does Siri Eavesdrop? Apple Explains How ‘Hey Siri’ Protects Your Privacy
Toggle Dark Mode
In the wake of high-profile data scandals, there has been a groundswell of concern about online and digital privacy.
Uncharacteristically for a massive technology firm, Apple has long been a champion of user privacy rights. But the company’s track record didn’t stop Congress from asking Apple a slew of questions concerning its data and privacy policies.
The U.S. House of Representatives Energy and Commerce Committee recently sent a letter to Apple CEO Tim Cook. The letter was apparently prompted by a recent crackdown on third-party developer permissions and posed a handful of questions about Apple’s data policies.
The Cupertino-based firm responded last Tuesday with its own letter. Apple reiterated that it is an outlier as far as data policies — maintaining that “the customer is not (their) product.”
Part of that is due to Apple’s business model. The company primarily sells products and services and doesn’t leverage user data for targeted advertising or marketing purposes.
“We believe privacy is a fundamental human right and purposely design our products and services to minimize our collection of customer data,” Apple’s Timothy Powderly wrote. “When we do collect data, we’re transparent about it and work to disassociate it from the user.”
Apple responded to one of the letter’s 16 questions specifically asking about the “Hey, Siri” functionality and whether it required iPhones to eavesdrop on users.
The company wrote that iPhones don’t “listen to consumers, except to recognize the clear, unambiguous audio trigger ‘Hey Siri.’” Unless iOS detects this trigger phrase, it doesn’t record or send audio. The short clips used to identify the Hey Siri phrase, known as buffers, are stored locally on a device.
Furthermore, Apple attaches Hey Siri commands to an anonymized number so that users cannot be identified by these audio recordings. They’re to attached to an Apple ID and users can reset this identification number at any time.
Apple was also extremely succinct in responding to another question about whether iPhones collect audio recordings without user consent. It simply wrote “no.”
In addition, iPhones provide a clear visual indicator when Siri or another iOS feature are listening to users. Apple also requires third-party developers to implement similar visual indicators when their apps are collecting audio recordings.
Apple’s Developer Guidelines also bar apps from accessing the microphone, camera or Location Services without getting explicit permission from the user. Apps also need to tell users what they’ll do with that data.
As Sophos’ Naked Security pointed out, Apple doesn’t constantly monitor third-party apps for violations of these developer guidelines. But all apps have to go through a review process to even be placed in the App Store. Apple reviewers check these apps for privacy policy compliance.
Naked Security does note that, while Apple does quite a bit to maintain privacy, some of the responsibility falls to its users.
“Apple does not and cannot monitor what developers do with the customer data they have collected, or prevent the onward transfer of that data, nor do we have the ability to ensure a developer’s compliance with their own privacy policies or local law,” the company wrote.