"Talk to me," says Amazon's Alexa in the commercial, and it's tempting: lights on, lights off, play music without lifting a finger. But for Alexa and other voice assistants to even recognize when they're being spoken to, they have to listen all the time, even when we're actually talking to our kids or visiting.

That opens up a whole new set of problems in the area of data security.  "The usual privacy mechanisms no longer work," says Dr.-Ing. Stefan Köpsell, who currently holds the chair for privacy and data security. He is also conducting research in the Disruptions of Networked Privacy (DIPCY) project, which is based at the Disruption and Societal Change Center (TUDiSC) at TU Dresden, together with sociologists and communication scientists on the challenges that the Internet of Things presents for established privacy mechanisms and ways of thinking.

A common principle of data security is "informed consent," which means that the user is informed about what happens to his or her data and consents to it, as is the case, at least in theory, with anyone who brings a voice assistant into their home. The problem comes with the visit: If the visitor is not informed that Alexa is listening, he cannot agree to it. According to Stefan Köpsell, the situation will be even more precarious in the future: "I can still recognize a voice assistant if I look around the room a bit, but it will be more difficult with smart refrigerators and televisions, and when we think about smart cities, it will be a question for society as a whole how we deal with it. Already, we're also seeing shifts in the ethical discussion: in connection with Corona and the warning app, it was already being said that data security would prevent effective pandemic control."

Of course, there's also the question of why data collection is a problem in the first place, given that people have "nothing to hide." "Data breaches are perceived very differently depending on how far away the person listening in is. Things we don't want our family to know are unquestioningly entrusted to American intelligence agencies. But it is also generally true that knowledge is power and data is knowledge. As we've seen in some elections in recent years, data that's been sold and bought can have serious societal implications that individuals aren't even aware of."

Of course, it's not just the smart home that collects data; smartphones and computers, in most cases, also send data to American servers all the time, and many people put up with that for the convenience offered by the services that collect it. Is it even possible to avoid it? "It's difficult to impossible," says Stefan Köpsell. "You can, of course, use a smartphone with an alternative operating system and not install apps that collect data, but that usually comes with a loss of convenience or the network effects strike." That is, the secure apps don't work as well as the data-collecting ones, or they can no longer communicate easily with their relatives and friends because they use a different messenger service.

So what can we do without having to restrict ourselves too much? Stefan Köpsell is no opponent of the smart home; he has had a few networked devices himself for years, but without a cloud connection and without voice assistants. "In addition, everyone can look in their smartphone once in the settings and make the appropriate choice for data security, where you have the option." There are also some good alternatives to the big, data-collecting providers when it comes to messenger services: "I use Wire, but Signal, for example, is also a secure option, along with others."

Contact:
Dr.-Ing. Stefan Köpsell
Tel.: +49 351 463-38247 (office)

Projekt DIPCY

Website: https://tu-dresden.de/gsw/phil/ifk/forschung/forschungsprojekte-2/dipcy