How Amazon, Apple and Google listen to their customers


DusseldorfSuddenly, Jochen Adler's display pops up a window on Apple's map service. "In 38 minutes with Dr. med. Mierzwa, psychological psychotherapist, dense traffic ", is there. Adler sits in his car and is stunned. Apart from his wife, no one really knows that the 43-year-old cleans his soul every Tuesday evening with Alexander Mierzwa. Actually. Because apparently it now knows Apple.

Adler is technical sales representative of the software company OpenText. With algorithms and AI knows the business IT specialist. He made sure to leave no digital traces with his therapy sessions. In his address list he has only entered the name and number of the psychologist. He has not stored the appointment digitally, never entered the address on Google. How does his iPhone know where to go this Tuesday?

What Adler has experienced is the small form of loss of control. The irritating experience that an electronic device and cloud software know more about a person's life than they would like. An explanation for the incident does not supply Apple on demand. Adler now has a guess, but more on that later.

The larger form of loss of control occurs on a daily basis in the Globalworth Building, an office building with a mirrored glass facade in Bucharest. In the top three floors, the news agency Bloomberg revealed in mid-April, Amazon employees are listening to conversations that lead customers to Amazon's voice assistant Alexa.

The staff write down the text of the conversation and analyze where Alexa misunderstood something. Other teams will use the transcripts to improve Alexa's abilities. Other such teams are distributed around the globe.

language assistants

Devices like Alexa can collect sensitive data.

(Photo: Mario Wagner)

Amazon does not deny this practice on request, but points out that only a very small part of the conversation will be intercepted and the analysis teams would not have access to the associated customer data. In addition, only conversations would be recorded after the customers had said the startup word "Alexa", meaning that they wanted to expressly communicate with the language assistant.

A few days ago, however, it came out that some Amazon employees could well see the whereabouts of Alexa users – in the past, even their phone numbers. In addition, research by the Handelsblatt revealed that Alexa repeatedly mistakenly thinks he heard the start word. Then the voice assistant cuts with what is certainly not intended for foreign ears: crooked children's songs, confidential bank data and family quarrels.

In the Smart Speaker Terms of Use, customers agree that the conversations can be recorded and evaluated. Whether of people or machines, is not so accurate. Amazon sees himself with the practice in law. However, according to the Data Protection Regulation (DSGVO), which entered into force in 2018 across the EU, companies are no longer allowed to use the data for services other than those requested by the user.

Spongy formulations

"The news that Amazon evaluates and stores the voice commands has shocked many. Those who offer such products must guarantee the highest possible data protection and security standards, "says Federal Minister of Justice Katarina Barley the Handelsblatt. "In particular," said the SPD politician, "the customer must be informed about everything simple, clear and understandable."

The recording of voice commands due to an unclear and vague wording in the privacy policy was unacceptable. Barley: "Businesses are fully accountable and face fatal fines totaling four percent of global annual revenue."


The whole thing is not a specific Amazon problem. At Apple ("Siri") and according to Handelsblatt information also on Google ("Assistant"), Amazon's main competitors in the market for language assistants, randomly selected conversations can be evaluated anonymously by employees.

Artificial intelligence and above all speech control just do not work well enough, the algorithms have to learn – and in some cases they still need human help.

Overwhelmed by data protection

However, we users have long since lost track of how close we have let the Internet companies into our lives. Impatiently we keep clicking "Yes, I agree" when Google, Amazon or Facebook show us new terms of use. We almost never finished reading them.

We manage almost all of our everyday life via an Apple or Android smartphone and download new apps. What information these apps exchange with each other, whether we have given them access to camera, GPS sensor or address book: Who knows that yet?

This confusion has method. The Internet companies have little interest in informing us in a truly understandable and transparent way about the use of our data. Because then would probably use a significantly larger proportion of customers its very opportunities to control the data collection of corporations. But only a small percentage uses offers like Google's Privacy Dashboard.

As sophisticated as the instruments for the analysis of the data are, so lax sometimes affects their dealings with them. This was demonstrated, for example, by the mass distribution of data from Facebook users to 150 other companies, including Amazon, Microsoft and Yahoo. Or in the case of a German Amazon customer who exercised his legal rights and asked Amazon for the data that the company stored about him.

He received numerous files, including transcriptions of conversations with Alexa. But the data came from another Amazon user. An employee had accidentally issued it. "A regrettable human error," says the company.

Users are powerless to face such mishaps, because giving up the services of Google or Facebook is akin to "getting out of society," says Marc Al-Hames. The managing director of the alternative browser Cliqz experienced it himself, when he decided to do without the Facebook-owned messenger WhatsApp. All of a sudden, he no longer learned about measles outbreaks or sick educators in the day care center.

No harmless data collection

The Internet companies scout us, but they are not interested in us as a person. Whether we are gay or heterosexual, left or right, or tend to "heavy use of alcohol at home," as Handelsblatt informs the Quantcast network of some users, all of this is for one purpose only: to promote us to the right products or Overlay parties.

In many cases, the ad networks do not even associate their online dossiers they store about us with our common name. He is not needed for this form of spy 4.0.

But harmless is the data collection therefore not a long time. If necessary, in many cases the data can easily be linked to the plain names again – and then the danger of misuse is great. If health insurers or employers are interested in information about our way of life and willing to pay a lot of money for it, then we must rely on the promises of online companies to use the data collected for research and marketing purposes only.

"There are companies that specialize in linking behavior from different areas of life," says Frederict Kaltheuner of Privacy International. With smartphones, smart TVs and fitness trackers, the possibilities for this analysis are even more extensive than a few years ago – some service providers are already promoting users across different devices.

"The more detailed the data, the easier it is to identify an individual," says Kaltheuner, who herself has retrieved her data from some of these service providers. The data reveal the place of residence and work, the websites visited, the hobbies, political interests or marital status.

Pseudonyms can be leveraged

With the apparent anonymity, it is quickly over when needed. The pseudonyms that many providers use for their user profiles can be easily undone. The industry uses a range of identifiers, including e-mail addresses, device identifiers, and so-called promotional IDs, which allow direct or indirect assignment of profiles to individual users. Anyone who knows about an e-mail address, comes in most cases also to the plain name.

The anonymous user profile becomes a concrete person again. Privacy International does not want to settle for this: the organization has filed a complaint with several data brokers, advertising service providers and credit bureaus with data protection authorities in the United Kingdom, Ireland and France. "We believe that this behavior is not compatible with the General Data Protection Regulation," says Kaltheuer. Ireland has meanwhile adopted the Handelsblatt information procedure.

The privacy activists are not alone. In the meantime, one of the most important Silicon Valley greats, Tim Cook, is one of the prosecution's witnesses. "That's surveillance," the Apple boss judged during an appearance in Brussels on its neighboring companies in Silicon Valley. "And these mountains of data serve only to enrich the companies."

For Cook, many of his US West Coast counterparts are part of a "data-industrial complex." An allusion to the "military-industrial complex", against whose dark power US President Dwight D. Eisenhower warned in 1961. However, Cook can also safely claim his reputation as a critic because his company has failed to build a data-based business model. Apple still lives mainly from hardware sales.

At least in Germany, Cook meets with his criticism on open ears. 56 percent of Germans are of the opinion that corporations such as Google, Facebook and Amazon are not responsible with their data. This was the result of a representative survey by Yougov on behalf of the Handelsblatt.

The microphones are everywhere

Customer confidence is vanishing at a time when computer access to our lives has reached a new level. Over the past decades, the relationship between man and machine has changed dramatically. First the PC conquered the desks. With the invention of the smartphone then the time of the mobile Internet began. Now smartphone sales are falling – and we are again facing the beginning of a new era.

Over the next few years, many devices will "disappear from our lives," says Google CEO Sundar Pichai. In the future, the computer will be a voice assistant equipped with Artificial Intelligence (AI) to help its users through the day. Pichai: "We will move from a mobile-first world into a KI-first world."


It's a time when computers get to know people as well as never before. Well over 150 million people worldwide already wear a smartwatch, which typically measures data such as physical activity, heart rate, location, and sometimes eating habits – often analyzing and storing that information in a remote cloud.

Sneakers give their owners training tips, scales broadcast their body weight to their owners' smartphones, bracelets count steps, and smart mattresses analyze sleep quality. In the coming Internet of Things, more and more everyday objects will be networked and incessantly data will spark, on which again self-learning software sharpens their prognosis qualities.

Former Harvard professor Shoshana Zuboff calls this new era "surveillance capitalism" – and the most valuable commodity in this new era is the prediction of human behavior.

The fact that tech companies such as Google and Facebook have opened this knowledge to other companies has made them one of the most valuable companies in the world, says Zuboff, because companies want to know what potential customers will do in the future. "Many of these data," says Zuboff, "would not push users out if they were asked."

Data analysis requires user knowledge

From the analysis of these data, it is sometimes possible to deduce what the users themselves do not yet know. For example, a study by Microsoft researchers revealed that people's searches often detect cancer before they know about it. Because often months before they receive the cancer diagnosis, they are looking for reasons for certain symptoms.

The new AI technology makes services possible that make the lives of many users easier. But the numerous microphones that surround people are already abused. In hundreds of Android apps, for example, the software of the start-up Alphonso is integrated, which allows users to spy on their smartphone microphone.

Using the software, apps can monitor what TV programs users are watching and which ads they have been shown on television in order to be able to offer them suitable products online. Alphonso helps advertisers determine if their ads are truly reaching their audiences, the company says. And that's all legal, because users would have agreed to appropriate methods in the privacy policy.

Even those who still manage to read through the terms of use for each newly installed smartphone app: At the latest with the control of all the interactive everyday objects, most should finally be overwhelmed. After all, it is no longer just the microphones in the cell phone that need to be controlled. Anyone with a smartwatch wears a microphone with them from morning to night.

The same applies to wireless headphones from Apple and Bose. In Google's home control technology Nest even microphones were installed without the users knew about it. An oversight, they have been forgotten in the description of the device, the Group assures.

This boom was made possible by the drop in prices. Already for about ten dollars can equip an electrical device with small microphones and a technique that could interpret simple voice commands, promises the US company Vesper Technologies, which develops just such a language assistant. At the end of 2018, there were already 2.5 billion devices with voice assistants in use worldwide – 2023 according to Jupiter Research it should be eight billion.

There have long been toilet seats that can be controlled with voice commands, power sockets, irrigation systems, sphygmomanometers, televisions, and air polluters that spray essential oils on orders.

Digital cars

The next major area of ​​application is already identified: cars are increasingly turning into smartphones on wheels. Even today, modern mid-range cars have well over 60 control units and computers that not only regulate classic functions such as fuel delivery to the engine. BMW works with gesture controls. In the future, just one look and a short hand movement will be enough to move the sun visor on the sunroof.

Connected driving

Even today, modern mid-range cars have more than 60 control units and computers. And the networking has just begun.

(Photo: Mario Wagner)

The car does not keep its knowledge about the inmates for themselves. Much of the information is stored in cloud data clouds. Even today, every modern navigation system sends position data to the navigation service provider, which links the data of millions of road users to detect traffic jams and warn users.

Consulting Accenture estimates the market potential for connected driving to be 500 billion euros by 2025. "Augmented reality and voice assistants are getting into the cars and the calendar is cleverly networked with voice assistant and navigation system. Artificial intelligence will move through all areas, "explains Accenture car expert Gabriel Seiberth.

The maxim applies to German vehicle manufacturers: data generated in the car belongs to the customer. Only if this explicitly agrees, they want to prepare the information. But a battle between established providers and tech companies has long since flared up for their sovereignty in the vehicle cockpit.

Hardly any company collects as much mobility data as Tesla does. To continually improve its offerings, the company constantly collects and analyzes information from Tesla vehicles and their owners around the world. For example, it records how fast you drive and where, how full or empty the battery is or what music Tesla drivers hear. If you couple your smartphone by car, contacts and browsing history are also revealed.

The Californians promise in their privacy policy, to pass on all collected information so that they "do not allow identification of you or your vehicle". If that sounds too vague, you may object. Tesla points to the significant consequences. A contradiction could lead to the fact that "with your vehicle a limited functionality, serious damage or functional inability can occur".

Ferdinand Dudenhöffer, head of the Center of Automotive Research, calls for a new ethic for the data-driven mobility world in light of such "cut-throat" deals. In order to protect the privacy rights, it must be ensured that the data can not be broken down to individual users.

"We do not want to lose our freedom with robotic cars by glazing for security agencies, intelligence services, insurers or banks," says Dudenhöffer. In addition to hacker attacks, he sees above all the danger that the state could read out user data.

It does not have to be intelligence services or police forces causing calamities in the new data capitalism. Sometimes simple malfunctions are sufficient. So language assistants sometimes jump at the wrong time.

In the worst case, they then send intimate calls to arbitrarily selected contacts in the address book. That happened last year to a couple in the US state of Oregon. A technical error and an absolute exception, as Amazon assures. The two had recently installed an Alexa language assistant and connected light bulbs in their home.

Even if the content of a conversation is harmless: The voice reveals much more about humans than, for example, an e-mail typed in the computer. Alone in the sound can already be read whether the speaker is angry, timid or happy. Amazon has filed a patent for a technique that Alexa uses to help her learn to recognize the emotional state or health of users, whether they have a sore throat or are sad.

Then the language assistant can then respond – with the offer of a suitable sore throat, for example. In another patent, Amazon has secured a technique that Alexa should always listen to when users say "I like" or "I love". This data could be incorporated as additional information in the profiles of users. According to Amazon, these patents have been submitted only in a forward-looking manner – currently the company does not use the technology.

Google also shows with patents pending, in which direction the engineers think: Accordingly, cameras could scan the users' space, match these findings with the search history and then provide the user with appropriate buy recommendations. So far, only an indication of a technical future, Google seems to be possible.

Already a reality is the offer of the large US insurer UnitedHealthcare. He has offered customers a free Apple Watch when in return they are physically active every day – and have the watch checked by the smartwatch.

The German company Wefox, financed with millions of euros, offers travel insurance, which only becomes active when customers enter the airport. This is measured via apps on the smartphone. "The data-driven insurance companies will completely change the business," says Wefox CEO Julian Teicke.

The secret world of data dealers

For years now, some major Silicon Valley corporations have been saying that the more data they can collect, the better. A use for it will be found already. This is even more true for the language assistants. The more conversations they have, the faster they are able to communicate naturally.

Data source wrist

The US insurer United Healthcare has offered customers a free Apple Watch, if in return they are physically active every day – and have it checked by the smartwatch.

(Photo: Mario Wagner)

Therefore, Amazon and Google also throw their devices at ridiculous prices on the market, "even if that means making a loss on every device sold," says Ed Thomas analyst at the technology analysis house GlobalData. "But they do not earn their money with the devices, but with the data."

With the ear in the domestic living room the enterprises close one last large data gap. According to the tracking report of the Munich-based software company Cliqz, Google sees almost 90 percent of all digital activities of every Internet user on the Internet. Facebook tracks nearly 30 percent of all user actions on the web via a wide variety of tracking tools and at least 20 percent of all actions by users. Online sending Amazon also knows in millions of people what they actually buy.

Depending on the website, up to 60 so-called trackers monitor what users are doing there. The trackers run on a variety of pages – they act as little observers, the user on his journey through the network not out of sight.

These little spyware programs are not just from Google, Facebook or Amazon, but in many cases from global ad networks. The companies are called Acxiom and Criteo, Experian and Open X. Some are independent, others belong to corporations such as Oracle and Bertelsmann.

A clue as to how the invisible spies proceed provides documents that are intended for their customers. The software company Oracle describes in a presentation that customers of the acquired data management platform Bluekai can enrich their own customer data with extensive information from 200 other sources. These include demographic data, the location of the user, his previous purchases, interests and lifestyle.

Unlike many online users believe, data collectors simply can not be shaken off by regularly deleting cookies or putting the browser in "home" mode. Because there is still, for example, the "browser fingerprinting", in which the data sniffers take a kind of digital fingerprint of the device used.

Thus, the computer automatically transmits some information, such as operating system, screen resolution and language settings. The browser also reveals a lot, from the version number to the extensions used. The combinations are usually unique.

The face of the resistance

Austin, March 10, 2019: Margrethe Vestager takes to the stage in the fully occupied "Salon H" at the Downtown Hilton. The EU Commissioner for Competition is announced by the presenter at the SXSW Technology Festival as a "heroine" because she is so brave against the tech companies.

Visitors listen as if Vestager says sentences such as: "We want this innovation, but we want it on humane terms." When the presenter asks the audience whether the US tech companies should be more strictly regulated, almost all hands go up ,

Just a few years ago, European data protection was seen as a brake pad for the notoriously optimistic Americans. Meanwhile, even in the US, the mood is turning. A few days ago, influential design philosopher Tristan Harris invited around 300 tech elite representatives to the SF Jazz San Francisco cultural center.

In the first row Apple co-founder Steve Wozniak, further behind personalities such as the inventor of the photo platform Flickr, Katharina Fake, or Justin Rosenstein, the inventor of Facebook's "Like" button. Harris, formerly Apple and Google programmer, launched a policy debate with his theses.

He believes that some tech companies are taking advantage of human weaknesses and tricking the brain to get users more clicks and time – the currency for the data-driven advertising business model: "The people behind the screen have far more power than the people behind the computer Screen."

Many privacy advocates in the US, the 2018 introduced in the EU against many opposition DSGVO is considered a role model. But even she lacks in practice to force effectively curb the data collection.

"Unfortunately, the new data protection law is not clear enough to really force a change in behavior here," says former head of the monopoly commission Daniel Zimmer, now director of the Center for Advanced Studies in Law and Economics at the University of Bonn. Admittedly, according to data protection law, providers must indicate in the terms and conditions what happens to the data. But practically nobody reads the terms and conditions.

Jurist Zimmer therefore speaks of a "privacy paradox": On the one hand, people say that privacy is important to them. In fact, they do not care much about what happens to their data.

One way out might be that, for example, language assistants read aloud when they set up their devices that they record conversations, store them, and that these recordings may later be intercepted by staff. Similar to what happens when calling the call center today.

Rules could be the Interior Minister Horst Seehofer. The CSU politician wants to extend the competencies of the Federal Office for Information Security (BSI), which is already responsible in Germany for promoting cyber security, to the protection of consumers in the digital world. This emerges from a draft for the second IT security law, which is the Handelsblatt. Sounds good.

But especially with the language assistants of the shock Alexa pushes the Ministry of the Interior from the responsibility to the user. In response to a request from the Green Bundestag Konstantin von Notz, Secretary of State Günter Krings (CDU) writes that in a cloud-based processing "technically unchecked" let to what extent the actual data processing complies with the terms and conditions of the provider or privacy policy.

"The willingness to use cloud-based digital voice assistants in private households is therefore the result of an individual risk assessment of the user. This depends significantly on the trust of the user in the provider of appropriate services, "it says in the document, which is the Handelsblatt. Green parliamentary group of Notz evaluates the statements of the Ministry as "disclosure" for the Federal Government.

The Germans are often assumed that they always see the risks of new technologies, rarely the opportunities. But just because the new technology world around voice assistants, Internet of Things and Artificial Intelligence offers great potential for real progress, this world needs transparency and control. Because only when people trust technology can it ultimately be successful.

In a way, the situation is similar to the rise of the automobile. At first, it lacked even the most basic rules. Until the 50s, you could drive on German roads as drunk and as fast as you wanted. Only when the number of accidents continued to climb, speed limits and alcohol limits followed. They made today's mass mobility consensual.

At a similar point are the data-based business models. It now defines what the rules of the incipient digital age will look like that have been missing so far. If the Internet corporations are smart, they create the necessary transparency on their own, conquering the dwindling confidence of their customers.

Instead of endless terms of use, which must be agreed on a flat rate, the corporations could choose a fair way: They could highlight the key points and make individual approval – such as the agreement that data from voice assistants can be recorded.

Social networks

Facebook has been repeatedly targeted by privacy advocates in recent months.

(Photo: Mario Wagner)

At the same time, corporations could be transparent about what they know about their users, and most importantly, what happens to the information. If this self-regulation does not succeed, the Internet companies undermine their own long-term business foundation. They risk strict government regulations and worse, they lose the trust of their customers.

As happened in the case of Jochen Adler. "Above all, I want to decide myself with whom and when I share this information," says the software expert, whose psychotherapy appointment had mysteriously landed in the Apple Cosmos. "Where is the flight mode for tracking?"

Adler vermutet, dass das iPhone unbemerkt Bewegungsmuster mit anderen Datenquellen abgleicht, etwa öffentlichen Adressverzeichnissen, und daraus mit der Zeit Prognosen ableitet, wohin der Telefonbesitzer gerade unterwegs sein könnte. Gerne wüsste er Näheres, doch Apple will sich zu solchen Einzelfällen nicht äußern.

Mitarbeit: Eva Fischer, Dana Heide, Franz Hubik, Angelika Ivanov, Dietmar Neuerer, Britta Weddeling

.(tagsToTranslate)Agenda(t)Wochenende(t)Sicherheit(t)Datenschutz(t)Amazon(t)Facebook(t)Apple(t)Google(t)Alphabet(t)Sprachassistenten(t)Smartphone(t)Email(t)Autos(t)Digitalisierung(t)Smartwatch(t)BigData(t)Daten(t)Datennetze(t)Internet(t)Finance-App(t)Tesla(t)Microsoft(t)Yahoo(t)Accenture(t)Oracle(t)Bertelsmann(t)Acxiom(t)BSI(t)Experian(t)Rheinische Friedrich-Wilhelms-Universität Bonn(t)BMW(t)CSU(t)OpenX(t)SPD(t)Criteo(t)WhatsApp(t)SXSW(t)CDU(t)Monopolkommission(t)Tim Cook(t)Daniel Zimmer(t)Shoshana Zuboff(t)Margrethe Vestager(t)Katarina Barley(t)Ferdinand Dudenhöffer(t)Sundar Pichai(t)Tristan Harris(t)Konstantin von Notz


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.