Sonos app can turn a disabled Sonos One microphone back on - privacy issue?

  • 1 January 2018
  • 36 replies
  • 19066 views

Userlevel 1
Badge
Hi all. I have a set of stereo paired Sonos Ones. I have manually disabled the microphone on the right speaker by pressing the button on top. Today I disabled Alexa by going to [Settings - Room Settings - Living Riving Room (L+R) - Voice Services]. When I followed the same steps to re-enable, I was surprised to see that the app turned the right speaker's microphone back on. Seems to me that a manually disabled microphone should not be able to be turned back on through the network. It's a potential privacy hole. Have others noticed this, and has Sonos stated whether this is expected behavior?

This topic has been closed for further comments. You can use the search bar to find a similar topic, or create a new one by clicking Create Topic at the top of the page.

36 replies

Userlevel 1
Badge
@pwt Thanks for that link!

I'm not shunning Sonos. On the contrary, I'm a customer and I like their products. I even promote them. I've gotten other people to purchase thousands of dollars of their products.

> On the very unlikely chance it gets turned on in software, the LED gets turned on. That cannot be defeated via software, for it is hardwired to the power lead to the microphones.

I appreciate that Sonos designed the device with privacy in mind, as evidenced by that light. With due respect to the designers, I'll reiterate what I said before: as a privacy-conscious user, having to look at the device to make sure the mic is still off is not a good user experience.

Regarding smartphones: privacy decisions can be thought of as questions of cost and benefit. Smartphones are bad for privacy: they have a high cost. However, for many users, they provide enough utility that the benefit outweighs. Home devices that send audio to the cloud don't provide enough benefit for me to make that tradeoff. Or should I say, they don't… yet.
So you aren't actually worried about privacy, only that the positives of losing that privacy outweigh the negatives?

Color me confused. It seems like someone concerned about privacy would be more worried about the various and sundry data collection practices of dozens to hundreds of app manufacturers, not to mention billion dollar conglomerates whose very business is to hoard and exploit personal data, over a small audio company who at the very most is going to collect your musical tastes. A small company who, by the way, has actually told you what they collect of your data, how much of the voice data is stored (none), and has put in a legally binding privacy statement that they do not, nor ever will, sell your data. Try getting Google and Apple to do that.

I can understand those who eschew smart phones would have a problem with Sonos. I cannot fathom one accepting the proven to be guilty listening/spying actions of Apple/Google and the various apps they host, while simultaneously bringing the wrath down on Sonos for having a microphone. It's like worrying about the locks on the attic windows while leaving the front door wide open.

Soapbox dismounted. Regardless, unlike my fellow poster back a page, I give the chance of a microphone-less Sonos One to between slim and none, and slim ain't looking too healthy.
Userlevel 7
Badge +22
Who interested in privacy carries a smart phone?
My flip phone supports far too much snooping for my comfort and I often power it down for that reason.
So you aren't actually worried about privacy, only that the positives of losing that privacy outweigh the negatives?


Well yea, I'd agree that privacy concerns can be looked at as a risk/reward decision. People use smartphones because they find them very useful, even though they give up some privacy to do so. That does not mean they'll give up privacy for little or no benefit to themselves. Take GPS for example. People would not want a phone with GPS if it did not provide navigation benefits to them.

And this is not just tech, but life in general. Automobiles are dangerous, but people use them all the time since they see a massive benefit. Not as many people will ride a motorcycle as they do not see the added risk as worth the added benefit.

That said, people often miscalculate the risk based off appearances/perception. Most people would tell you that driving is more dangerous than flying, even though the opposite is true. Much of that has to do with how use they are to driving vs flying and they're comfortable level with what they know. I think voice assistance creep some people out because it actually responds to you, reminding you that's it's listening, while the mic on your phone does not (unless you tell it to)

So I get why people don't want voice assistants in their home. I just don't get why people claim I'm irrational for using them when their privacy is already compromised.
Userlevel 7
Badge +22
A nit on GPS. -- Using GPS is perfectly safe and anonymous, as it is a receive only system. There is only a problem when something else reports your location.

Several paragraphs of non-Sonos related issues deleted before I hit post. 🙂


Well yea, I'd agree that privacy concerns can be looked at as a risk/reward decision.

. . .

So I get why people don't want voice assistants in their home. I just don't get why people claim I'm irrational for using them when their privacy is already compromised.


But I go back to my analogy of worrying about the locks on the attic windows when you are leaving the door wide open. Sure the front door being open may give you a fine cross breeze that is beneficial on a hot summer day, but that doesn't mean the robbers getting in through the attic are more of a worry just because the breeze is nice. This is where I can't understand the cherry picking of what is a worry and what is not; if your concern is actually privacy, and not merely an exercise of one's penchant for worry.

It is also akin to not allowing a trusted friend in your home, one who has never given any reason to be untrustworthy (and even signs an agreement to that end), while simultaneously letting in the local street gang for a party. Sure the street gang might throw great parties, but then why kick your friend out of the house? Apple and Google, not to mention hundreds of apps, have been proven to be spying on you. Sonos has not, aside from the very specific data gathering they have laid out in their very clear privacy policy.
A nit on GPS. -- Using GPS is perfectly safe and anonymous, as it is a receive only system. There is only a problem when something else reports your location.


Well yes, GPS isn't the issue, it's when google decides to store the information of where you've been. It's great that Google can tell me how long my commute is today, not so great that I never told Google where I work.
Userlevel 7
Badge +22
[Apple and Google, not to mention hundreds of apps, have been proven to be spying on you. Sonos has not, aside from the very specific data gathering they have laid out in their very clear privacy policy.

But the voice stuff is not Sonos controlled, or at least I think it is not, they just pass the voice information along to the voice recognition provider, Amazon for Alexa and probably soon Apple and Google as their services get integrated.

If Sonos did the voice stuff in-house I'd feel a bit differently.


But the voice stuff is not Sonos controlled, or at least I think it is not, they just pass the voice information along to the voice recognition provider, Amazon for Alexa and probably soon Apple and Google as their services get integrated.

If Sonos did the voice stuff in-house I'd feel a bit differently.


No, it is controlled by Sonos locally at the point of origin. Sonos controls when the microphones are listening, how much is recorded/stored, and exactly what is sent for processing to the Amazon/Google cloud. And they state quite clearly what that all entails:

In greater depth, this 'listening' means that the voice-enabled Sonos Product buffers and re-records locally, without transmitting or storing any information, until it detects the word or phrase (such as “Alexa”) that triggers the device to begin actively recording. If the Product does not detect the wake-up word, it continues to record over itself in a never-ending loop lasting a few seconds. This is all done locally on your Sonos Product and is not sent to Sonos or any third party. If a wake-up word is detected, the Sonos Product begins recording. In other words, it does not record or retain any audio data, or begin to transmit any data until it is 'woken up.' You are notified that it is recording by a visual element, such as a light on the Sonos Product, and a specific sound.


https://www.sonos.com/en-us/legal/privacy

So if Sonos were ever to record whole conversations not prompted by the wake word and/or they stored or sent them for processing, they would be liable for prosecution/civil suits because their Privacy Policy states just the opposite.
As an aside, I can tell you this stuff is taken very seriously by the FTC. I was involved in a project that required drivers license verification for a point of sale terminal. There was a ton of questions from the legal department about processing and/or retention of the personal info. We had to document and provide proof that the bar code information not only wasn't retained/stored or sent to the central server, but also that there was a call to 'Arrays.fill(array, 0)' to zero out the data after each transaction. A little overkill, but it shut the naysayers up (as much as you can allay the fears of those worried about stuff like that).
Since Sonos is a public company, I imagine their SOX policy also becomes a big factor in this. Auditors, and thus stock holders, surely want to make sure Sonos isn't storing unnecessary customer data as any data breach would surely be a big hit on the stock.

As a side note, my company has been pushing to identify all the locations where PII (Personal Identification Information) of employees is stored. The powers that be don't seem to understand what they are dealing with though as they consider username (which is first initial + last name) to be PII, but the email address (which is username@xxxx.com) is not.