Your smart speaker could be listening to more than you think

Smart speakers are a must for anyone wanting to create a voice-activated home – from listening to music and podcasts to controlling your latest connected gadgets, the devices have become a household staple.

So much so that, in the first three months of 2022, more than 30 million were shipped globally, with Amazon at the forefront of the race accounting for around one-third of them with its Alexa-enabled devices.

However VPNOverview has uncovered some troubling research indicating that your smart speaker is collecting more data about you than you may have initially realized.

Smart speakers always listening

Smart speakers are always listening to you (unless you turn off that functionality, which kind of defeats the point), and they’re widely able to keep recordings or transcriptions of what you said to help developers make them even more intuitive, but at what cost?

While Amazon, Google, and Apple all make promises of minimal data collection and high levels of security, many users will have enabled third-party integrations that allow them to interact with a number of services, from connected cars to food ordering apps and just about everything in between. 

VPNOverview says that “some of these third-party skills are not thoroughly moderated” which can open up a gateway for hackers, risking various leaks and hacks. Activating a VPN goes some of the way to alleviating these risks.

Another concern raised by the company is that some smart speakers can carry out online purchases directly on the device. It recommends setting up two-factor authentication (2FA) to authorize these transactions, but for many, that again defeats the point of having an enabled device in their home.

Ultimately, in most use cases customers are found to be prioritizing convenience over privacy, almost rendering many of the measures that companies put in place useless.

Google says that by default, it does not retain audio recordings on its servers. Amazon says that its users can review and delete their voice recordings and transcripts that are securely stored in its cloud. Finally, Apple says that it only stores the minimum required data for six months. We reached out to all three companies for advice on what users can do to ensure the maximum protection possible for their data when using smart speakers.

Apple directed us to its HomePod privacy and security webpage, Amazon told us to check out its explainer page and FAQ page, and Google sent us to its privacy information page and guide of actionable steps users can take. 

• We’ve rounded up the best endpoint protection software