Many lawyers and legal support staff are working from home, using their laptops, personal smartphones, and online video conferencing to stay connected. These services and devices have features that may be listening and collecting confidential information. Other devices in the home, like webcams, smart TVs, voice-activated assistants, and Internet of Things (IoT) connected hardware, may also be listening. While you can turn off or unplug many of these devices, you may need to use them. You can maintain some control over what is listening and deleting any data that may have been collected – at least until the Bracelet of Silence is on the market.
“I always feel like somebody’s watching me
And I have no privacy” – Rockwell
Many people have “smart speakers” in their homes. Models like Google Home, Amazon’s Echo, Apple’s HomePod, Sonos, and others use voice-activated assistants like the Google Assistant, Apple’s Siri, and Amazon’s Alexa. You can call out “Siri, play soothing beach music” or “Hey Google, what is the weather like today” or “Alexa, add buttermilk to my shopping list”. These speakers are always on and always listening. In order to make them better at voice recognition your commands are recorded and available to the companies, possibly third party contractors, and sometimes even to random third parties.
If you have a smart speaker within the proximity of your work environment, you can consider unplugging it during working hours. If you want to delete any previous recordings this Gizmodo article gives instructions for Siri, Alexa and the Google Assistant. You can now even tell Alexa to “delete what I say”.
Your smartphone likely comes with a built-in voice-activated assistant. On Android, there is the Google Assistant. On some Samsung models, you may also have Bixby. On iOS there is Siri. It is likely you also have apps that you have given permission to use your smartphone’s camera and microphone.
This article from VentureBeat provides instructions on how to turn off the voice recording and collection in Google Assistant, Siri, Samsung Bixby, and more.
To find and disable apps you have given permission to access your smartphone’s microphone and camera follow the instructions for Android and iOS from Wired.
Law firms are using Zoom, Webex, Skype, MS Teams, Google Hangouts, and many other video conferencing platforms to stay connected and get work done. However, these business tools are not without both privacy and security risks.
The National Institute of Standards and Technology (NIST) has a great checklist you can apply to any virtual conference to maintain better security. John Simek and Sharon Nelson from Sensei Enterprises, Inc. writing at Attorney at Work provide step by step instructions for using Zoom securely.
Smart TVs and Gaming Devices
If you are working from home and there is a TV in the room with you it is likely a “smart” TV, which is internet enabled so you can stream popular networks like Hulu, Netflix and Disney Plus. However, the FBI warns that these smart TVs can be vulnerable to hacking, in addition to data collection and listening.
Consumer Reports provides instructions for turning off ACR – automatic content recognition – on popular smart TVs. Or, just keep the television off (and possibly unplugged) while you are working in the same room.
Similarly, devices like Xbox consoles may be listening and recording conversations. Turn this capability off and delete the recordings. You can unplug them or hold confidential conversations in a different room.
Other smart devices in the home, like a security system or climate control, may have microphones that are listening and potentially recording data.
The popular Ring security system records audio in your home. You can disable the audio streaming and recording functions of your device. For those using Google Nest, you can change the camera’s microphone, speaker and audio settings.
Your web browser of choice (Chrome, Firefox, Safari, Edge, etc.) needs specific permissions to enable access to your microphone and webcam. You can toggle this permission off until you permit access. Online Tech Tips has step by step instructions to turn off access to the microphone and webcam for every major browser.
Operating systems like the MacOS and Windows 10 can listen, record and act on commands through Siri and Cortana. In Window 10 you can turn off Cortana entirely, and check your privacy settings for the installed camera and microphone. Additionally, applications installed on your devices may have access to your microphone. You can check to see which apps on your Windows 10 device are using your microphone. Similarly, you can turn Siri off on your Apple devices and check to see what applications have access to your microphone.
If you have a laptop there is likely a web camera and microphone installed. You may have also purchased a USB external webcam with a built-in microphone. It is possible for these devices to be hacked or misused. If you aren’t actively using the camera you can put a piece of tape over it or unplug it if it is external. MakeUseOf has some tips to check if your webcam could have been hacked, while HowtoGeek provides instructions on how to disable your webcam.
Security is always a balance between usability and security. Being aware of the potential risks inherent in technology is the first step. You can then decide how to mitigate the risks in modern computing devices and services and find a way to leverage them while maintaining client confidentiality, privilege, and security.
Hat tip to LeAnn Nease Brown, President of the North Carolina Bar Association for inspiring this post. Let us know if you have a suggestion for a future blog post!