Users of smart devices should receive more security information, MPs hear

Users of connected devices should be given more information on security and privacy, MPs have heard.

The Commons Digital, Culture, Media and Sport (DCMS) Committee is investigating the impact of devices such as smart speakers and wearable tech and what needs to be done to ensure they are safe to use.

A standardised “ingredients label” that explains the security and privacy quality of a product, wherever in the world it was manufactured, would provide better transparency for consumers, a Google representative told the committee on Tuesday.

David Kleidermacher, vice-president of engineering for Android and Made-by-Google Security and Privacy, said: “We have to give consumers the tools to make better decisions.

“So today, if you’re going to buy a television, you go into the retailer and you can compare things like the screen quality and audio quality.

“But can the consumer actually decide or have any frame of reference for deciding on the security and privacy quality of those products? And I think the answer today is no…

“I fervently hope that in a short period of time we’ll be going into the retailer and we’ll see not just labels on energy for the television, but also a digital label, an online label that tells you the security quality.”

He said that would push manufacturers to start competing on security features.

Mr Kleidermacher agreed with the UK Government’s assessment that cybersecurity tends to be an afterthought for manufacturers, noting that this is “not for malicious reasons”.

While Google is under “constant attack”, including from state sponsors such as China, and therefore has a strong economic incentive to invest in cybersecurity, other companies that have not been targeted are less focused on the issue, he said.

Mr Kleidermacher and Leila Rouhi, Amazon Alexa vice-president of trust and privacy, who both spoke via video link from California, reassured MPs over the safety of their companies’ voice-activated virtual assistants.

Concerns have been raised in the past about user privacy and data collection.

Ms Rouhi said “there is a common misconception that Alexa is always listening” and added that users can delete any recordings, which may otherwise be used by the company to train speech recognition using machine learning.

She said the tech giant is “incredibly mindful” of the risk of information flowing into the wrong hands, adding: “That is why we invest so heavily in ensuring that that does not happen.

“We know that if we have a trust-busting incident like that it would have major ramifications for our business.”

Apple declined to give evidence to the committee.