
Police seek Amazon Echo data in murder case - gscott
https://www.engadget.com/2016/12/27/amazon-echo-audio-data-murder-case/
======
Flammy
I'm curious if the police will push this, as it could reveal how much voice
information is actually stored. Amazon has declined to answer how much voice
information is stored online[1] and how much if that is tied to your identity.
We do know that Alexa stores a list of queries you've spoken, and you can
"delete" these records, but it is unknown if this impacts the actual voice
data behind them.

[1]
[https://www.amazon.com/gp/help/customer/display.html?nodeId=...](https://www.amazon.com/gp/help/customer/display.html?nodeId=201809740)
and [https://www.washingtonpost.com/news/the-
switch/wp/2014/11/11...](https://www.washingtonpost.com/news/the-
switch/wp/2014/11/11/how-closely-is-amazons-echo-listening/)

~~~
FrancoDiaz
Wait a minute, we'd already know if Alexa was recording everything by the
network traffic that obviously has already been sniffed. We can assume that
Amazon is storing every "Alex,..." query that you've ever done. So what is
there to know?

~~~
Flammy
We know they are streaming it to do all the NLP in the cloud. This is obvious
from the computational costs alone of doing NLP.

The important question here is "What happens to the audio data streamed to the
cloud, a few seconds AFTER the query has been identified (or not identified)
and the results sent back to the Alexa device?"

The nieve assumption is "all audio data is deleted after processing". The
reality is that data is still valuable to Amazon for a variety of uses such as

(1) further training their voice recognition software

(2) advertising data mining [how many people are in the room, things they are
talking about --- note, Facebook's mobile app infamously does this]

If they just store the query text, that is 'best case' from a privacy
perspective. If they just store query text and query audio, that is less than
ideal, but not too bad. If they store all audio, ever recorded, for an
indefinite period of time... that is what this police request could reveal:
Audio data stored for a non-keyword-trigger, and for days/weeks after the
fact.

~~~
frik
> computational costs alone of doing NLP

The speech recognition part could run on a Pentium 133 in the nineties (Nuance
software, Dragon naturally speaking), the Echo device has probably a more
powerful CPU than that.

The NLP part could run on the device as well, it's mainly a storage problem,
you need dozens of GB, at least 32GB sdcard.

Ideally only the search phrases would be sent to Google/Amazon/etc. That's
also how Bill Gates vision was described in his 1995 book The Road Ahead. A
personal agent in a wallet PC would surf the information super highway for
you. ...well we are "almost" there but with a different solution.

~~~
matthewmacleod
Speech recognition in the 90s was absolutely turd.

~~~
frik
Speech recognition worked fine in the late 90s. You could optionally train it
for 15min with your own voive to improve the results. The Nuance software was
better back then than what shipped with Win Vista inbuilt by default in 2006
and later. The same Nuance software runs nowadays on servers to power Siri,
Google Now, Cortana. And who in the right mind would think every user gets its
on dedicated super-computer. In reality, cloud based speech recognition and
NLP has the advantage of a central database to collect different voice samples
(to train) and a multi Gigabyte central NLP database, etc. But you won't get
more CPU cycles than what would be available on a modern smartphone or a Smart
TV or (what would fit in) an Echo like device. An offline-available software
assistant as kind of premium feature for people who care.

------
politician
The device doesn't start listening when you say the wake word, the device is
_always listening_. It's only the UX that responds when the presence of the
wake word is detected. This means that the device is continuously monitoring
the environment for the presence of the wake word we know about ("Alexa").

Can the device monitor for other words that trigger other UX sequences? Of
course it can!

Can Amazon deliver an OTA update to this network connected device to change
behavior after it leaves the factory? There is _no reason_ to believe that
they cannot.

So, no, I don't believe the police are wrong here. In fact, I would be in
favor of law enforcement having the ability to "tap" these network-attached
microphone appliances with a warrant. Then, perhaps, people will begin to
understand what they've really bought.

EDIT: Passive monitoring ("listening") is not the same thing as storage
("recording"). In some cases below, these are being conflated.

~~~
supergeek133
You're making quite a few assumptions.

1) The device is storing any amount of locally recorded audio. So far evidence
says no.

2) Amazon would OTA all echos to upload everything it hears. So far evidence
says this hasn't happened. It also likely won't because IMO security people
monitor these devices more than anything else on the planet. Some I believe
for good reasons, the others just want to play gotcha.

3) If 1 and 2 are true, Amazon keeps the data for an extended period of time.

Can we please not tinfoil hat the hell out of these devices like we do the
rest of IoT sometimes?

~~~
jdiez17
(I think) the argument your parent is making is that Amazon could easily send
a software update to a specific Echo to make it record everything it hears.

~~~
supergeek133
If at the request of the government, yeah that's a problem unless there is
some kind of warrant, right?

I'm all for people being suspicious, but the intent of this was to say "the
cops are hoping it might catch something" as in it was accidentally triggered.

~~~
rhizome
_If at the request of the government, yeah that 's a problem unless there is
some kind of warrant, right?_

Nope: [https://en.wikipedia.org/wiki/Third-
party_doctrine](https://en.wikipedia.org/wiki/Third-party_doctrine)

~~~
supergeek133
Yes and that's a problem with law not catching up with technology.
Unfortunately for many people in the country, other social/financial issues
are more important to them.

------
notlisted
Alexa listens only to the words after the wake word. What's more it doesn't
capture more than 10-12s past the wake word. If you have a device you can
check this yourself (Alexa, One Mississippi, Two Mississippi…).

It's actually hard to get it to capture this much. Take a breath or pause to
long and capture stops sooner.

The request of the police is nutty and indicative of not understanding the
technology. Unless the murdered woman yelled out "Alexa {pause a little bit
for wakeword recognition} Heeelp, my husband is killing me, call the police"
or the husband asked "Alexa, how do I clean a bloody hottub", nothing material
will be discovered.

I have 4 of them. After the first one I checked what was captured, what was
stored, what was streamed. Nothing that mattered.

~~~
dingaling
> Alexa listens only to the words after the wake word.

It only _records_ after hearing the wake-word. It listens all the time.

> After the first one I checked what was captured, what was stored, what was
> streamed.

How did you MitM the SSL?

~~~
sib
Alexa is the service in the cloud - Alexa doesn't get the words that are
spoken before the _device_ (the Echo / Dot) detects the wake word.*

This sounds like a small distinction, but it is critical to a clear discussion
of what's going on.

If you review the interaction history in the Alexa app or on Amazon's web
site, you won't see those utterances that did not result in detection of the
wake word, because that audio _was not streamed to the cloud._

* Technically, there is a very short buffer of audio that is captured on a rolling basis in order to detect and stream the front of the wake word sound.

------
d136o
We were playing with one this xmas and of course someone shouted "Alexa, how
do I get rid of a body?" Its answer was to call the police.

We all laughed but it made a few of us nervous. Brave new world we live in!

~~~
mcbits
The answer was "call the police," or it actually called the police as an
answer? I assume you meant the first, but I'm not quite 100% on that.

~~~
d136o
It just said to call the police, but given it can also turn the tree lights on
and off it's not far fetched to imagine law enforcement being looped in via
some nutty integration.

------
CodeWriter23
From the privacy perspective, IMO, once you put a device in your home that you
know is always listening, and is forwarding an unknown amount of audio from
your home to a third party, at that point, you have surrendered your right to
privacy.

Edit: not just my opinion, it's a matter of law. (thanks @mnm1)
[https://en.wikipedia.org/wiki/Third-
party_doctrine](https://en.wikipedia.org/wiki/Third-party_doctrine)

~~~
alexwebb2
No, you haven't, any more than when you buy a cell phone with a camera and
microphone built in. People still have rights regardless of the products they
buy.

~~~
mnm1
Actually, according to the third party doctrine, you have. The difference
between this and a cellphone is that you voluntarily give up this information
whereas a cellphone does not transmit such data voluntarily. There are
surveillance laws and other problems if a phone is recording you unknowingly.
With Alexa, the recordings are submitted voluntarily. I'd be shocked if the
police don't get their hands on this data. It's not like Amazon can claim,
like Apple, that they can't themselves access it because it's encrypted.

'The third-party doctrine is a United States legal theory that holds that
people who voluntarily give information to third parties—such as banks, phone
companies, internet service providers (ISPs), and e-mail servers—have "no
reasonable expectation of privacy."'

[https://en.wikipedia.org/wiki/Third-
party_doctrine](https://en.wikipedia.org/wiki/Third-party_doctrine)

~~~
calibration263
How is any smart phone that supports OK Google and Hey Siri different from an
Echo in this respect?

~~~
alexwebb2
It's not. I think the poster may be confused about how the Echo works - it's
not constantly streaming audio or transcripts back to Amazon, just when it's
directed to do so via the "Alexa" trigger word.

You are absolutely not consenting to send full transcripts of your
conversations to Amazon. If they are in possession of it, it's entirely
illegal, and the third party doctrine doesn't apply.

~~~
mnm1
Whether the device constantly streams data or sends it every once in awhile is
irrelevant. In the agreement with Amazon you agree to give them them the data,
including the voice data. Amazon even lets you manage/delete the data after
the fact. They're not collecting it illegally. Whether it is full voice
transcripts or not that you're agreeing to send to Amazon is not 100% clear,
but that's also irrelevant because by using Alexa you've agreed to send that
data. It really depends on Amazon's definition of "when you interact with
Alexa." I'm pretty sure that's quite broad.

This isn't Apple fighting encryption backdoors. This is Amazon impeding
justice.

"1.3 Voice Services. You control Alexa with your voice. Alexa streams audio to
the cloud when you interact with Alexa. Alexa processes and retains your voice
input and other information, such as your music playlists and your Alexa to-do
and shopping lists, in the cloud to respond to your requests and improve our
services."

[https://www.amazon.com/gp/help/customer/display.html?nodeId=...](https://www.amazon.com/gp/help/customer/display.html?nodeId=201809740)

------
bkbridge
Alexa only waits for the wake word "Alexa." It would cost more money than God
in hardware to store every thing Alexa ever heard. She saves you're requests.
And shows you those request in the Alexa App. And you can also delete it if
you wish.

There is no data for the police to have, because beyond requests, there is no
data.

Unless someone knows more about this than Amazon is telling us?

~~~
cryptarch
It would cost about $30m a year if you tailor the system to flagging specific
data for storage and don't naively store every moment (e.g. you scrap silent
moments and use VBR encoding).

Storing a year's worth of 96kbps audio costs 380GB. If you don't record
silence and you assume the people around an Alexa are only speaking for at
most 4 hours a day on average, that goes down to 76GB a year.

So if you then assume 5m Alexa's are active at any given point in time that
works out to 380k PB. Ok, that doesn't work yet.

However, if you then layer on a flagging system, where only certain users'
full record is stored, or only "suspicious incidents" are stored, and you get
this down to only flagging 0.1% of all data, you arrive at 380PB of storage.

Amazon Glacier costs about $88.000 a year per PB, but there's a profit margin
included in that, so I'll assume it costs Amazon just $75k a year.

In conclusion, it would cost Amazon about $28.5m a year to run such a system.
That's certainly within the realm of possibility and of what LE/SIGINT clients
would pay; I assume the NSA would gladly pay that sum x100 for that
capability. Sounds like it'd be booming business for Amazon.

~~~
tclancy
I really like the math here, but isn't this a bit pointless? The system wants
to parse meaning from audio; storing just the text it parsed is a lot smaller.
Store just the text and whatever machine learning score of how probable the
text is correctly parsed and that sounds like something prosecutors would love
to bring into court: "Please read this line and let's see what score you get .
. . "

~~~
jasonkostempski
For improvements they'd store the raw input so that when a mistake happens
they can manually try to figure out why the machine got it wrong (e.g. a hi-
hat was hit while they were saying "deuce" so it sounded like "douche").

------
hbt
The part that listens for the "Alexa" word is analog not digital.

It cannot be updated remotely by firmware.

Crack open the device, test the analog component and confirm the signal only
fires when you speak alexa and nothing else.

Having said all that, I wouldn't buy it. NSA is known to temper with devices
behind the back of companies (no matter how trustworthy you think
Amazon/Google/Apple are). Check what they did with Cisco equipment sold to
foreigners. They intercepted the shipment, tempered with the device and no one
was any wiser until the Snowden leaks. Cisco now ships via proxy to guarantee
no tempering.

American businesses shouldn't fear globalization or chinese disregard for
intellectual property; their own government is fucking them.

~~~
jonnytran
> The part that listens for the "Alexa" word is analog not digital. > It
> cannot be updated remotely by firmware.

I used to think that about my phone, that it was hard-wired to "OK, Google". I
had a Moto X (first generation), which is one of the first phones to have this
always-listening feature. They claimed that it had special hardware that
allowed it to work using very little power.

But after a software update, they added a feature that allowed me to retrain
the activation phrase to whatever I wanted. They recommend using something
with 5 syllables or more. It works. I haven't addressed my phone with "OK,
Google" for years.

If Motorola (owned by Google at the time) can do it with Moto X, I'm sure
Amazon could do it with Alexa too.

------
alistproducer2
I would never put a closed source hot mic in my house. You can trust big
brother all you want, but I'm going to stay clear.

~~~
zanny
Every smart phone ever can do this. You have no way to verify the mic isn't in
use, you have no way to verify cellular data transmission is not taking place,
and you have no way to know the modem is not doing a remote execution
injection to change whatever aftermarket free software OS you have running on
the device is doing.

~~~
CaptSpify
So just because my phone is potentially not secure means I should just open up
my home to all other sorts of intrusion/attacks?

Yes, phones generally can do that, but it doesn't mean we shouldn't be
concerned about what the Echo is doing.

~~~
illumin8
No, it means that you're sitting in your house without a roof, and saying "I
would never forget to close my windows during a rainstorm." Never mind the
rain is pouring through your roof.

You're seriously willing to carry smartphones, which have both microphones and
cameras, and give no indication visible or otherwise, of when they are
listening or recording or sending data, and run whatever dodgy code some asian
device manufacturer wanted it to run, but you won't trust a device made by
Amazon that people have run wireshark captures against and lights up with big
blue LEDs whenever it is listening.

Reality called - it wants the tinfoil hat back.

~~~
zanny
In defense of the downvotes (albeit its bad manners whoever is downvoting
you), camera / mic LEDs are nonsense. They are all software controlled, and
the control software is almost always proprietary, and thus you cannot trust
those either.

Additionally, I'm pretty sure the Amazon Echo is just rebranded third party
mic / soc boards put together by Amazon. It is still "asian device
manufacturer" firmware.

~~~
Buge
Downvotes are not bad manners.

[https://news.ycombinator.com/item?id=117171](https://news.ycombinator.com/item?id=117171)

But saying "Reality called - it wants the tinfoil hat back." seems like bad
manners to me.

------
focusgroup0
>Police say Bates had several other smart home devices, including a water
meter. That piece of tech shows that 140 gallons of water were used between
1AM and 3AM the night Collins was found dead in Bates' hot tub. Investigators
allege the water was used to wash away evidence of what happened off of the
patio.

When every house is IoT connected, we will be very close to a 'post-crime'
world.

~~~
scottmf
Or a world where hackers frame innocent people for murder by modifying their
water usage stats.

------
damieng
Surprised so much confusion around this.

You log into
[http://alexa.amazon.com/spa/index.html#cards](http://alexa.amazon.com/spa/index.html#cards)
and you see all sorts of queries Alexa/Echo heard from you but didn't
understand complete with the audio snippet.

If Amazon gave them the account details they just need to log-in to hear them.

------
guscost
This brings up an interesting question. If I say "Alexa, call the police!" or
"Alexa, I need an ambulance!" will anything happen? It doesn't officially say
it can be used to request emergency response and I'm scared to try it.

I wonder if they've received a lot of these requests and/or if they have an
emergency team on standby.

~~~
smileysteve
This would be of interest for the elderly, "help, I can't get up" with an
omnidirectional microphone instead of a fragile, not waterproof, awkward
beeper that you carry everywhere

~~~
JamieF1
I'm going to look in to this and develop a skill that allows someone to ask
for help. Unless it has already been done,will check it out.

~~~
guscost
Awesome idea. Even if it is just "text my emergency contact" that could be
really helpful in a pinch.

------
roflchoppa
Interesting that the police is going after this electronic speech data,
reminds me of the instance where a parrot witnessed a murder that was posted
on this site couple of months ago, in that case the parrot was not able to
testify...

Also interesting that the lawyer is going for the reasonable expectation of
privacy regarding that data, if that holds, then it could allow them to argue
due protections from the 4th amendment.

But let's ask the question here; is data regarding usage of utilities private?
It seems that something that you installed for water usage, should be. Could
this data not have been acquired from the water department?

------
sirtastic
Late to the game here and apologize if this has already been mentioned but may
shed some light on what is actually stored. A while back facebook officially
announced what they "store" in regards to what they record when the app is
open and has access to your microphone. The app itself turns your voice audio
into a profile that is then sent to the server, it does not send your actual
audio. This light(er) weight audio profile is then matched to words which are
then used for marketing. I wouldn't be surprised if Echo, Google Home, etc do
something similar since sending the full audio recordings would be both
bandwidth and storage heavy.

~~~
kobeya
"Audio profile" meaning MFCC coefficients? That's still enough to fully
reconstruct a meaningful audio stream. Obviously, since it's enough to do
speech recognition.

------
bogomipz
The article states:

>"A ring on the top of the device turns blue to give a visual indication that
audio is being recorded. Those clips, or "utterances" as the company calls
them, are stored in the cloud until a customer deletes them either
individually or all at once."

Is there a technical reason for storing this after NLP processing has been
completed on the "utterance."? Wouldn't an ephemeral cache be sufficient?

------
lstroud
Probably wouldn't be a horrible thing to be able to add to your will
instructions to release data if possible.

------
funkyy
I see that a lot of people say that police did that because it is incompetent.
But what if this is actually a way for police and other low tier agencies to
check how much Amazon collects? I bet NSA would never work with police and
most likely not much with FBI etc. So this might be just a check? This is just
a speculation, but we should not assume stupidity of some of the agencies just
because its an easy answer.

------
rpd9803
Alexa, how do you hide a dead body?

~~~
rhizome
Alexa would be an expensive proxy for [http://ask.metafilter.com/7921/If-you-
killed-somebody-how-wo...](http://ask.metafilter.com/7921/If-you-killed-
somebody-how-would-you-dispose-of-the-body-without-getting-caught#155715)

------
drumttocs8
Well, that didn't take long.

------
andrewclunn
"Alexa, who is the murderer?"

"I'm sorry, I can't find the answer to the question you asked."

