Mike's Blog – Tech, Travel, Tastebuds

IBM has banned it’s staff from using Siri – Big Blue has allowed it’s staff to BYOD and use their iPhone 4S on the company’s networks, but banned the use of Siri over fears that the sound bites uploaded for processing by Siri could contain IBM proprietary information, which could be stored indefinitely, and analysed by Apple.

This isn’t a new concern for corporates. It came to the forefront when employees commonly used services like MSN Messenger to keep in touch with their colleagues, and of course all but the paranoid thought nothing of discussing company business over IM, in unencyrpted packets, routed over the commodity Internet, to some server farm their employer didn’t have any control over. Who knows if and how long a messaging service could retain transcripts of chat sessions? Or if the packets were “sniffed” in transit and the transcript rebuilt?

Companies then got wise and started to provide internal IM systems which they had control over, and having their IT departments block external chat platforms (let’s assume we’re talking about vanilla users who don’t know how to punch their way through these things for now). This also obviously helped for things like regulatory compliance.

Most recently, this has moved into the social networking arena, with things such as Twitter and Facebook – people have lost their jobs over committing corporate faux-pas on a publically viewable service. This has opened the doors to platforms such as Yammer, a SAAS-based corporate social networking platform, who seek to give the company back some control. All the things your employees know and love about social networking, but just for your company and it’s staff, with you in control of the data and the rules. Your regulatory compliance people can sleep easier at night.

So, while there’s no current evidence to support the notion that Apple are using Siri to spy on Big Blue, it’s fair to say that IBM aren’t bellyaching: I think it’s a legitimate data privacy concern, and it’s one that you should share.

When you post something on Twitter, or Facebook, or write a blog, you know that you’re putting it out into some sort of public (or shared) domain. You expect other people to see it, and you expect it to be stored (though maybe you’re not clear on just how long it’s being stored!).

I think people’s mindset is different when talking to Siri. They have the concept, in their head, they are talking to their phone, and overlook the fact that what they’ve just said has been uploaded to a server farm, possibly in a location outside of their home jurisdiction, to be processed. Do those of you who use Siri even think about that is what happens? Or that what they have just said has been placed into storage, potentially forever?

So many of the geeks I know are horders by nature, so it’s a force of habit for them to turn on lots of logging and want to keep everything forever (or at least until the storage runs out or they can’t afford anymore), “just in case they need it”, and I suspect the backend of Siri is written no differently, because that’s how programmers are.

Given a company the size of Apple, I don’t think there’s any concerns about the storage running out, and the Siri licence agreement doesn’t say for how long you’re consenting to Apple storing the soundbites collected by Siri. With a large enough sample size, statistical analysis also makes it easier to find needles in such haystacks, and we’re getting increasingly good at it.

Could market intelligence generated from analysis of Siri requests even be revenue stream for Apple in due course?

My opinion is that it is a legitimate privacy concern…