Citation: Privacy International: Amazon’s contract with the NHS raises data privacy concerns

Privacy International (“PI”) has scrutinized Amazon’s contact with the Department of Health to harvest data for Alexa services.  The contract started from 14 December 2018 and will be in effect till 15 October 2024.

The contract covers Amazon using the data of the NHS website and integrating it with Alexa, allowing Alexa to better respond to medical questions. This permits Alexa to better respond to a range of medical questions with the vetted information available from the NHS website. Readers should note that the arrangement DOES NOT SHARE THIRD-PARTY HEALTHCARE DATA. The focus is permitting Alexa to access the NHS website’s publically available data to enhance its response to heathcare questions. Patient data, as far as we know, was not part of the agreement.

PI then goes on to scrutinize the contract in detail giving an overview of the key terms and conditions. The article also covers the commercial vs public interest issues arising from the redaction of parts of the contract, raising matters of transparency in government contracting.

The sharing of data under this agreement permits Alexa to use data gathered from the NHS website. This is for informational purposes as the site is typically a first port of call for those concerned about symptoms. By integrating this data Amazon helps Alexa enhance its service offering. It has notably been said, by the Guardian, that such accessibility was granted free of charge.

 

Privacy concerns around Amazon’s Ring

“A home security product upscaled and diversified into law enforcement and integrated with facial recognition software brings with it some serious privacy concerns.”

What is the Ring?

door wooden bell old

The Ring is Amazon’s bestselling smart security device product line. The most notable of which is the Ring doorbell which allows users to monitor movement by their front doors, video and receive mobile notifications whenever someone presses the doorbell. Users can also benefit from an App which is installed on their mobile, monitors local news and allows social media style sharing with other Ring users.

Ring additionally offers security services, cross-selling into the wider security service market.

Ring and law enforcement  

Recent controversy was sparked when it was found that the Ring in partnering with over 400 police departments in the United States. The extent of the Ring’s collaborative efforts extend to targeting ad words to users encouraging that they share live video feed footage with law enforcement. This in and of itself is a significant extension in police surveillance meriting further legislative scrutiny.

However, pair this with the fact that the Ring may integrate and encourage the use of the Amazon’s Rekognition facial recognition software product and the companies dubbing of the service as “the new neighborhood watch”- it becomes all the more disconcerting.

It is well-established that people’s likeness is considered personal data and that the recording of individuals without their consent is potentially invasive. There are also civil liberties concerns regarding the police acquiring these live video feeds for their own use.

This has drawn the attention of the Senator for Massachusetts, Edward Markey, who recently published a letter sent to Amazons CEO Jeffery Bezos, highlighting civil liberties concerns with the Ring. This highlights issues previously raised in the United Kingdom in relation to the use of facial recognition software; its potential to racially profile individuals. Whilst this was considered by the Administrative Court to be too an intangible argument lacking sufficient supporting data, further scrutiny would be most welcome.

And it looks like further scrutiny seems forthcoming. In his letter Senator Markey highlights 10 key concerns around the Ring system, demanding a response from the Amazon CEO by 26 September 2019. We highly recommend readers consider the letter in its entirety here.

Voice command data and privacy protection, Part II- Apple’s Siri

Apple recently released a statement on its development of automated assistant Siri’s privacy protections. The result is a move towards doing everything right in safeguarding consumer privacy. When compared to Amazon’s protections for its Alexa service market shifts and best practice become clear, making for better adherence to the seven data protection principles underpinning the GDPR.
Continue reading