Friday, 16 September 2016

Amazon Echo raises the stakes on privacy in the home and IP protection in the digital age.

Is it safe or is there a storm coming over the horizon ? Difficult to tell. Great excitement about the new Amazon Echo (new to the UK) which is a voice activated networked microphone and speaker which allows interaction with the web via voice command. It is intended to sit in the home and answer questions, play selected music, adjust smart devices in the home order things online etc.

It works by constantly monitoring sounds in the home and responding to its name Alexa. However in order to recognise the word Alexa it needs to listen to everything and the microphones are so good that it can listen across the room and filter our loud music.

The convenience is very appealing but the loss of privacy substantial. Who owns the data that is collected by Alexa and the profiling that results from that data ? Who will carry the liability if that data is misplaced or stolen or for example voice activated financial transactions are carried out by the wrong people ?

A company with the scale of Amazon will have worked through these issues no doubt but the significance of networked always on audio monitoring in the home may not fully register with a technology enthusiast simply looking for an easier way to stream music in the home.

Thursday, 8 September 2016

There is no data cloud, only somebody else's computer

Perhaps because digital data has negligible physical presence we often struggle to view it as property.

If we stored our valuable physical possessions in a facility with no security people would think we were crazy and possibly partly to blame if our stuff went walkabout.

The penny is starting to drop however that remote digital storage of our valuable digital IP needs to be evaluated in respect of its security and that contracts need to deal with the sticky subject of liability in the event of data breach or loss. This is particularly the case when the IT company who are in theory holding your data are in fact outsourcing it to another third party. It seems likely that aside from contractual terms the tort of negligence may have a part to play here when the basic requirements of cyber security have been ignored by those handling personal data.