Information & Ethics Committee on May 29th, 2019

Yes, absolutely. It's in the mobile app, on the website and on the Alexa privacy page that you can see all of your interactions. You can see what the transcription system believed you said, and so forth.

Presumably all of that is merged into a bucket of data that Amazon holds about me in terms of my purchasing habits and other things as well.

It's part of your account data.

It's a lot of data.

I wanted to jump in to just say that I think this also highlights the problem we've been talking about with consent.

I'm a loyal Amazon Echo user. They've done a wonderful thing by putting this up. A couple of weeks ago, I went with my family, and we saw the data that was stored, but I have to say it is....

I'm a total privacy nut. I read all this stuff that you get, and I was shocked, honestly, and my family was shocked to see these recordings about us and our young children from years ago that are stored in the cloud. It's not to say that something was done wrongly or unlawfully. I think it's wonderful to see this kind of level of transparency, but users have no idea it's there. I think that many users have just no idea that this data is out there, and they don't know how it's going to be used in the future either.

I think that as an industry, we need to do a much better job of giving people better granular consent about this, or better information about it.

I don't mean to pick on Amazon; it's a wonderful product.

We do contract with third parties for certain delivery of some services and, under very carefully controlled conditions, we share personal data.

For example, if we're contracting with a delivery service, we share the name and address of the customer where the package has to be delivered, but I think, for all of these core machine-learning cases of the kind you're talking about, that is all internal to our company. We do not contract out access to the core business data that we use for, essentially, running our business. It's only going to be around the peripheral use cases, and in cases where we do share data, we have audit rights and we carefully control, through contract and audit, the usage that our contractors make of any data of our customers that we do share with them for these very limited purposes.

We have a very robust data governance model at Microsoft whereby we recognize and are able to attribute and mark data and appropriately protect it. In areas where we need subcontractors, we use a very limited set.

A lot of adjudication occurs before we select our subcontractors, and they must enter into agreements with us to maintain the privacy of the data they are safeguarding. We have strict rules around the use of that data and the return of that data to us. We have a very robust program of policies, procedures and technical safeguards around subcontractor use to ensure that data isn't misused.

Artificial intelligence is an area of key interest to us, and certainly Satya Nadella, in his book Hit Refresh, has put together principles around the responsible use of AI to empower people. It's really the first principle. We've embraced them within our organization, ensuring that we have a robust governance structure around AI. We have a committee that looks at application of AI both inside and outside the organization to make sure we use it responsibly.

Putting these pieces in place internally helps us better manage and understand how those tools are being used and put them in place in an ethical framework. We're quite pleased that we're working with governments around the world, be they the EU with their AI ethics work or the recent OECD guidelines, or even here in Canada with the CIO Strategy Council's work on an AI ethics framework, so that we can help people and other organizations get a better sense of some of those responsible techniques, processes and governance models that need to be put in place.

I'm not aware of Apple doing the kind of modelling you're talking about. Instead, our machine learning tends to be on device intelligence.

For instance, as the keyboard learns about the user, the device itself collects and uses this information to train itself for that user without the information leaving the device. Where we are collecting data to help inform community models, we're using things like local differential privacy, which applies randomization to the data before it leaves the user's device, so we're not able to go back and tie the individual user inputs and their content to a user. It's very much a device focus for us.

We don't deploy any of those kinds of systems. In some of our research we have been looking at experimenting on devices also. I think that's a very solid approach to trying to protect people's privacy.

If I can pick up on what Mr. Collins was asking, I was intrigued about both the phone for Apple and the Alexa device. Have there been any attempts to hack into the systems you have and access the information you retain?

Apple's systems are under constant attack. I don't know precisely if Siri itself has been a subject of attack or not, but I think a good default position would be to assume it has. However, because the Siri data is not associated with the overall Apple account, while we consider it very sensitive and will strive to protect it, it would also be challenging to gather an individual user's data out of the Siri system, even if it were breached.

Has there ever been a successful hack into the system with respect to a particular individual?

I'm not aware of any, no.

Similarly, we've been protecting customer data very successfully for 20-plus years. This is a new kind of data, obviously a very sensitive kind, but we continue to have a very successful record there, and there's no indication of any kind of compromise of Alexa-related data.

Thank you.

Going back to security and data privacy and encryption, I think Apple talked about the Key Store on the iPhone and iPad, and Mozilla, I think, also has a Key Store-type feature in the browser.

One of the challenges of security is that our passwords, I think, have become so secure that nobody knows what they are anymore, except for the devices themselves. On the Apple Key Store—I think it's called the Key Store application—you can ask it to generate a password for you, and then you can ask it to remember it for you. You don't know what it is, but the app and the device know what it is, and I guess that's stored in the cloud somewhere. I know you gave an overview at the start.

I suppose Mozilla has a similar feature that allows you to ask the platform to remember the password for you, so you have multiple passwords, and I think probably Microsoft does as well in its browsers. Again, if you log in to Mozilla or Edge or any browser, you find you can autopopulate all your password keys. We end up with this situation like Lord of the Rings, in a “one ring to rule them all” scenario. In our attempts to complicate and derive better security, we've ended up with one link in the chain, and that link is pretty vulnerable.

Maybe I could get some comments on that particular conundrum from all the platforms.