A new report has revealed that an Amazon team auditing Alexa commands might be able to find a customer’s home address in a matter of minutes.
Citing five employees familiar with the program, Bloomberg reported that the team is spread across three continents — transcribing, annotating and analyzing some of the voice recordings picked up by Alexa. It seems that some of these employees can take that info to find a user’s geographic coordinates and easily find their home address.
In fact, Bloomberg witnessed a demonstration that showed an Amazon team member paste a user’s coordinates into Google Maps. In less than a minute, the employee was able to go from a recording of a person’s Alexa command to what appeared to be an image of their house and corresponding address.
As a result, two members of the Alexa team voiced concerns that the eCommerce giant was giving too much access to customer data to some employees.
“Anytime someone is collecting where you are, that means it could go to someone else who could find you when you don’t want to be found,” said Lindsey Barrett, a teaching fellow at Georgetown Law’s Communications and Technology Clinic. She added that any widespread access to location data associated with Alexa “would set up a big, red flag for me.”
Amazon responded to the report, stating that “access to internal tools is highly controlled, and is only granted to a limited number of employees who require these tools to train and improve the service by processing an extremely small sample of interaction. Our policies strictly prohibit employee access to or use of customer data for any other reason, and we have a zero tolerance policy for abuse of our systems. We regularly audit employee access to internal tools, and limit access whenever and wherever possible.”