There's no indication any workers have tried to look up a customer's home (say, on Google Street View) using the data from these tools. However, the fact they were able to access more information than they perhaps need to might be cause for concern, particularly as smart speakers become more prevalent. In fact, analysts are predicting they'll be in most US homes by late next year.
According to the report, a number of Amazon workers use a tool that provides audio clips along with some data about the devices on which they were recorded, such as geographic coordinates. When plugged into the likes of Google Maps, the coordinates might pinpoint a user's location. That location data isn't always spot on though, as Amazon often relies on a device's internet connection (which can be masked) or GPS on phones. It uses such data to help Alexa give more accurate answers to location-based queries for things like the weather or local businesses, and for location-based routines and reminders.
Another tool is said to include more intimate contact data, such as addresses and phone numbers, along with the names, email addresses and numbers of contacts if a user shared them with Alexa. That tool was available to a small number of employees -- those who tag recordings to train Alexa to categorize requests. As such, the auditors would be able to, for instance, help Alexa be more accurate when you ask it to start a video call with a contact on Echo Show.
It's uncertain how many employees were able to use the systems, though Amazon seems to have been restricting access, particularly after details about the Alexa auditing program were revealed this month. An Amazon spokesperson provided Engadget with the following statement:
"[Access] to internal tools is highly controlled, and is only granted to a limited number of employees who require these tools to train and improve the service by processing an extremely small sample of interactions. Our policies strictly prohibit employee access to or use of customer data for any other reason, and we have a zero tolerance policy for abuse of our systems. We regularly audit employee access to internal tools and limit access whenever and wherever possible."