SPONSORED:

Dem lawmaker raises concerns over 'eavesdropping' smart speakers

Dem lawmaker raises concerns over 'eavesdropping' smart speakers
© Greg Nash

Rep. Debbie DingellDeborah (Debbie) Ann DingellRecovering America through the lens of wildlife Shakespeare gets a congressional hearing in this year's 'Will on the Hill' OVERNIGHT ENERGY: Biden suspends Arctic oil leases issued under Trump |  Experts warn US needs to better prepare for hurricane season | Progressives set sights on Civilian Climate Corps MORE (D-Mich.) in letters to Amazon and Google this week raised concerns that smart speakers are "eavesdropping" on customers without their consent.

In a pair of letters on Thursday, Dingell pressed Amazon executive Jeff BezosJeffrey (Jeff) Preston BezosOn The Money: House Democrats line up .5T in spending without budget | GOP takes aim at IRS | House Democrat mulls wealth tax What will Elon Musk and Richard Branson do about Jeff Bezos flying into space? Republicans open new line of attack on IRS MORE and Google CEO Sundar Pichai over how they vet applications running on Amazon's Alexa and Google Assistant.

ADVERTISEMENT

"These smart speakers and the advancement of speech recognition technology represent an incredible convenience for consumers, allowing them to bypass screens and for those with physical disabilities to access the internet like everyone else," Dingell wrote in the letters.

"But the same feature that contributes to that [convenience], not having a screen, also eliminates an important feedback loop for consumers to understand how these applications are performing and puts your company in an even greater position to look after consumers well-being," she wrote.

Her letter comes in response to research from SRLabs that found hackers could take advantage of Google and Amazon smart speakers to eavesdrop or steal passwords from users. The researchers uploaded malicious software to the smart speakers, successfully getting them to obtain recordings.

There is no evidence that the vulnerability has been exploited by real-world hackers.

"Recently a number of articles were published regarding research done by a German cybersecurity company SRLabs in which researchers created apps that passed both Google and Amazon security-vetting processes and allowed the app to eavesdrop on users as well as phish for their passwords," Dingell wrote.

"While these apps were created and used only for research purposes, there is potential for either copycat apps or that malicious actors have already used these techniques to target consumers and their personal information," she added.

She is asking a series of questions, including how Amazon and Google are "addressing apps like this from being able to obtain" information moving forward, and how they are getting ahead of hacking attempts.

Amazon and Google did not immediately respond to The Hill's request for comment. 

Lawmakers are becoming more invested in cybersecurity and privacy concerns around artificial intelligence technologies like those used within smart speakers. Last month, Republicans Sens. Marco RubioMarco Antonio RubioFive years after the Pulse nightclub massacre the fight for LGBTQ+ rights continues Rubio calls on Biden to 'forcefully' confront Iran over movement of war ships Bipartisan lawmakers want Biden to take tougher action on Nicaragua MORE (Fla.), Tom CottonTom Bryant CottonOvernight Defense: Austin and Milley talk budget, Afghanistan, sexual assault and more at wide-ranging Senate hearing Cotton, Pentagon chief tangle over diversity training in military Media continues to lionize Anthony Fauci, despite his damning emails MORE (Ark.) and Josh HawleyJoshua (Josh) David HawleyConcerns grow over China's Taiwan plans GOP's attacks on Fauci at center of pandemic message Colonial Pipeline CEO grilled over ransomware attack MORE (Mo.) demanded answers from Google about its work to develop a smart speaker with Chinese telecommunications group Huawei.

Dingell is a member of the House Energy and Commerce Committee, which is engaged in efforts to draw up the country's first comprehensive federal privacy law.