In order to obey the commands of the user, Voice assistants are recording what is said to them and this data is sent to massive servers in order to formulate a response; this data is processed and stored in the Cloud (Bolton 2021). During this process, it is possible that there may be a breach in privacy when it comes to voice assistants listening and recording the users. Many people are holding off investing in voice assistants because of the fear of losing their privacy. All people are concerned with the lack of assurance or security that is provided to keep users’ private and personal information intact. In 2018, the Guardian reported that an Alexa user from Portland, Oregon, asked Amazon to investigate when her device recorded a private conversation between her and her husband on the subject of hardwood floors and sent the audio to a contact in her address book without her command and knowledge. In 2019, the Daily Telegraph reported that Amazon employees were listening to Alexa users’ audio—including that which was recorded accidentally—at a rate of up to 1000 recordings per day (Bolton, 2021).
Security and privacy are popular and valid concerns of users when it comes to voice assistants. Other people have the ability to impersonate a user and extract their information from the voice assistants. With data being recorded and sent to other servers and clouds, cyber attacks and data theft are highly possible. Amazon and Google have skill stores which allow the uploading of malicious applications deliberately designed to access a user’s data means that the user is unable to rely on the fact that the skill they downloaded, and use is safe, which poses as a serious security threat (Bolton, 2021).The act of recording information without the consent of the user can cause serious legal trouble for the voice assistants’ industry. Amazon acquires consent from the consumer who is purchasing the assistant by making them agree to the terms and conditions at check out (Pfeifle, 2018). But what happens when this consumer may have guests, who never consented to being recorded by Alexa? This common situation can cause problems for both parties. Amazon has obtained the right to record the user who purchased the product, but an unsuspecting guest remains naïve to the fact that they may be recorded, which is a violation of the individual privacy law. There are various risks associated with the Echo's recording function. For example, the device can breach privacy by recording and transcribing personal and sensitive information. Not only can it retain the recordings, but it can also inadvertently send them out. Moreover, the information it gathers can be used by Amazon without consent-for example, to advertise or to sell to third parties (Pfeifle, 2018). If voice assistants like Amazon Alexa continue to overlook this problem and fail implement the right type of security, people will possess the right to sue them on the right accounts.
As voice assistants become more and more advanced, more security requirements should be instilled. There should be a way for a user to have solid authentication to access their data in order to erase the risk of information theft. Companies, like Alexa, should find a way to ensure that third parties are aware of a recording device being present among them and obtain their consent. There should be a screening process for all voice assistants in which if recordings are deemed to have private information, it should quickly be deleted. The more security there is to ensure the safety for the users, the better the situation will be for voice assistant companies.