A new privacy scandal looms for Apple, thanks to Thomas Ie Bonniec, a former contractor for the company who revealed how the company collected millions of samples of queries to his Siri voice assistant for a “qualification project” that aimed to improve the accuracy of this software, experts report from a hacking course.
A few months ago the contractor revealed to the Guardian that, while working for Apple, he listened to private (even intimate) recordings of Siri users; consultations included topics such as medical discussions, criminal activities, and sex and business conversations. Ie Bonniec issued these statements anonymously, although he eventually decided to reveal his identity in protest at the null consequences that this user monitoring activity has brought for Apple.
“I can say that there aren’t many records about who works on that project, plus the amount of data that Apple employees and contractors can access is highly substantial,” said Ie Bonniec last July. Hacking course experts mention that Apple has been consulted on multiple occasions, although the company has not spoken out about it.
The letter written by the former contractor (and sent to all data protection organizations in Europe) mentions: “It is really troubling that Apple, and other similar companies, keep ignoring data protection laws and violate user privacy with these mass data collection campaigns.”
Ie Bonniec was extremely concerned about the way technology giants intercept the communications of millions of users even though information protection legislation has advanced in great strides (with the implementation of the GDPR, for example). “It seems that passing a law is not enough to stop those who violate users’ privacy,” the former contractor added.
Ie Bonniec served as a subcontractor at Apple’s cork offices, where he had access to thousands of inquiries in Siri (in English and French) until his resignation in 2019, the hacking course experts mentioned. “This team operates outside the moral and legal, and has been operating on a large scale for years.”
According to the International Institute of Cyber Security (IICS), Apple listens to thousands of query recordings to Siri every day and from a variety of devices, including iPhone, Apple Watch, or iPad (in short, any device that includes the voice assistant). Needless to say, the company does not have the express authorization of users to collect these records.
When Ie Bonniec revealed this information, Apple released a statement stating that it would implement some changes to Siri in favor of user privacy, although these changes may not have been enough.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.