Possible Government Surveillance of the Otter.ai Transcription App

A reporter interviews a Uyghur human-rights advocate, and uses the Otter.ai transcription app.

The next day, I received an odd note from Otter.ai, the automated transcription app that I had used to record the interview. It read: “Hey Phelim, to help us improve your Otter’s experience, what was the purpose of this particular recording with titled ‘Mustafa Aksu’ created at ‘2021-11-08 11:02:41’?”

Customer service or Chinese surveillance? Turns out it’s hard to tell.

EDITED TO ADD (3/12): Another article.

Tags: , ,

Posted on February 17, 2022 at 10:40 AM25 Comments

Comments

Alan February 17, 2022 10:51 AM

The full article is at https://www.politico.com/news/2022/02/16/my-journey-down-the-rabbit-hole-of-every-journalists-favorite-app-00009216

The article eventually stated that Otter.ai claims they only respond information requests from USA-based law enforcement.

But a safer way to generate transcriptions might be to use a Google Pixel phone, which can create transcripts completely on the phone, without sending the audio or the transcript to a server.

https://www.theverge.com/2019/10/15/20915452/google-pixel-4-recorder-app-transcription-real-time-free-language-processing

Ted February 17, 2022 1:18 PM

I had been researching transcription services a few months ago. I thought I saw that Otter.ai was recommended and not crazy expensive.

I used it once. @Clive posted a funny video and I used it as a test. It did a pretty good job on most parts – although it was not an expert on translating frontier gibberish. The transcription is still saved on the website I see.

Once I learned more about the minutes and costs, however, I didn’t continue to use it. It looks like they have Basic, Pro, Business, and Enterprise plans. The costs appear to be Free, $8.33 per month, $20 per month, and ‘contact sales’ respectively. Do you think Otter.ai was asking about the recording purpose to try to put the reporter in a different plan?

It’s crazy though because the Otter.ai website has options to sync to different calendar and contact applications – including Microsoft, Google, and Zoom apps. You can also link to Dropbox. Would you feel comfortable trusting Otter.ai with syncing and storing data from these programs?

I would 100% bet that anyone interacting with a Uyghur human-rights advocate would be extra paranoid. Is this the first time the reporter thought about this? It’s also scary to think other people could upload your info without your knowledge. I think it’s good for people to look into this.

Who? February 17, 2022 1:55 PM

Mr. Schneier wrote:

Customer service or Chinese surveillance? Turns out it’s hard to tell.

Does the difference between corporate and government surveillance matter? These days corporations collect data for governments, and governments provide intelligence to domestic corporations.

Clive Robinson February 17, 2022 5:25 PM

@ ALL,

This is another aspect of,

Second Party Betrayal for gain.

The fact it is by a service and it’s Terms of Service, rather than an individual with agency is rather more concerning.

Legaly individuals with whom you communicate have a duty of care of confidentiality in one form or another often with legaly enforcable penalties that you can use. That is it is you who have a slight upper hand by convention.

However when you contract to a service it is they not you that sets the terms and conditions of the contract which immediately puts you in a disadvantaged position.

Which means there is a very modern difference between you having an “On-Line personal assistant” like Alexa, Siri etc, and being an employer who employes a “human personal assistant”, or has a human assistant provided to you by your employer.

But to many people having such “On-Line assistants” makes them feel important or as they might prefere to say “empowered”… Obviously without the person realising that it is a parasitic relationship where they are the unfortunate host that gets parasitized by the On-Line assistant.

The entomologist E. O. Wilson has characterised parasites as,

“Predators that eat prey in units of less than one”[1]

Which sounds slightly wierd untill you think about being infested with blood sucking fleas, ticks, or similar, where hundreds attack a single host.

Which is the actual reality of all these automated or similar “On-Line Services” including the likes of shopping delivery services and even credit / debit cards.

All these “On-Line agents” quickly end up knowing more about your habits and thus aspects of your private life than even members of your family. And unlike an individual who you employ, you have no control over them and the data they collect and “enhance for gain”.

In the case of US services it is worse than in other places,due to the prevailing attitude of,

1, Who owns the data.
2, Third party business records.

Where the answers are respectively,

A, They not you.
B, No legal oversite is required for access to the data by other parties.

But it is not just services, it is your goods as well with televisions, home entertainment, kitchin and other domestic products including most IoT devices having to be “On-Line by Design”. It’s promoted as ofering “features” but infact they are spying on you one way or another and making data available to others including law enforcment.

As an example the “Ring” home security products where video door bells send the images to Amazon who store them and make them available as a paidfor service to the Police and other security services.

At the moment we are seeing Apple get slated over it’s choices with AirTags that can become “aids to stalkers” and similar.

Well we should also be handing out similar approbation to all these “security products” with an “On-Line need by design” because they to can be used to track individuals without their knowledge or consent.

In fact Amazon Ring is being upgrade to make such stalking even easier as they integrate their “tags” with their “video security” and “voice assistant” and “sales” systems.

This is a reality worse than even George Orwell could think up just a little over the “three score year and ten” of the then average human life time.

And some people have thought of me as “paranoid” when I have repeatedly chosen not to make myself open to such second and third party “services of betrayal”.

The thing is some of them now are starting to think the same unfortunatly in some cases from bitter experience.

A case in point is “WhatsApp” it insists on tying your phone number and phone address book to it’s self and thereby making it all available to others online “for your convenience”, and you have no control over it so it becomes of convenience to others.

Further as an example of “Real Harm” I’ve had reported to me a person who has become very very distresed because they were “facebook messaged” by an agressive agent who was trying to track down another individual, for a supposed “sales opportunity”. When the person ignored the agents insistant messaging a few days later the agent was banging not just on the persons front door but on their neighbours doors as well. It appears the agent got the persons data through commercial databases and linked it all together quickly and easily with On-Line data. So was able to stalk the person, their other family members who live in other parts of the country and also cause “fear alarm and distress” not just to them but their neighbours and friends…

Is this the sort of world people want to live in?

Because that is what we are getting because people are “sleepwalking” into what will be an Orwellian Nightmare of proportions most normal people can not imagine, but psychopaths and similar will revel in.

Atleast in the UK there is the Harassment Act that can be used but that is by no means an inexpensive option for individuals to use.

[1] https://en.m.wikipedia.org/wiki/Parasitism

Clive Robinson February 17, 2022 5:55 PM

@ Ted,

… although it was not an expert on translating frontier gibberish.

+1

Some jokes can be ageless 😉

lurker February 17, 2022 7:33 PM

Customer service or Chinese surveillance?
Does it matter which when equal culpability must go to the journo who broke informant confidentiality by sending his name and voice to a third party of unknown trustworthiness. What is the point of using Signal if you send the data out to another service which makes no mention in its publicity of its connection being encrypted?

lurker February 17, 2022 7:57 PM

@Alan:
Will the Google Pixel record/transcribe function really be that much more secure? After all syphoning off the text transcript must be attractive since it uses a lot less bandwidth. Even if the text is “safe” on the device, how many users will not want to:
• back it up to G Drive
• email it somewhere else
• “share” it via the myriad ways possible.

“Share” must be one of the new ways to rule the world: in the latest Chrome for Android, to copy a page url it is necessary first to click on the “Share” button before the copy function is revealed…

John Brown February 18, 2022 1:22 AM

Mustafa Aksu was involved in recruiting terrorists to fight in Syria alongside ISIS. Seems like a sensible question to ask.

Denton Scratch February 18, 2022 3:15 AM

@Ted

Is this the first time the reporter thought about this?

My question exactly. Cloud service providers gonna do what cloud service providers do. Shock, horror. But I’d expect a responsible journalist to take extreme measures when interviewing an Uyghur human rights campaigner.

Petre Peter February 18, 2022 6:47 AM

I am not sure that we know yet how valuable our data is in an era of AI. It doesn’t matter if you have access to the same data because you probably cannot analyse the data in the same way a company with access to an AI does. You just don’t have the space to organize like an organization.

Grima Squeakersen February 18, 2022 7:58 AM

@Lurker re: does it matter?
Exactly right. The interviewee was effectively doxxed as soon as the otter rep used his identification in an email to the user. Otter is probably playing both sides of the street by selling information that has (or should have) a reasonable expectation of privacy to some nefarious exploiter for money and/or market rights, while at the same time trying to convince the user to upgrade to a more expensive plan. Bad shite all the way ’round.

Larry techwanab February 18, 2022 8:07 AM

@ Clive
“And some people have thought of me as “paranoid””

My best friend in H.S.(class of ’80) used to say “just because you’re paranoid doesn’t mean they’re not out to get you”.
I’ve read others saying that too since then.

JonKnowsNothing February 18, 2022 11:52 AM

@All

A recent MSM article, the author was gushing on how he had improved his productivity by logging into a platform that matched him up with complete strangers who “watched over his shoulder” to “make sure he did is work on time”.

The concept was a bit of a disconnect, however, the author claimed he suffered from over distraction (social media) and could not maintain focus on “his job work” (hit the fridge too often).

There’s a whole pile of apples to do through but I do not think the author realized what was really taking place.

There are at minimum 2 issues:

a) his sense of what is productivity and why he thinks he problems with focus

b) the complete and total failure to protect his work environment, his technical base, his intellectual property and his employers rights and security.

He thinks only 11 (eleven) strangers watched him do his work. A whole lot more than 11 were watching and no doubt continue to watch.

Sitting on the naughty step for supping too much jolt, will be the least of his problems.

===

Search Terms

  • Eleven strangers watched me write

ResearcherZero February 19, 2022 1:28 AM

@JonKnowsNothing

A recent MSM article, the author was gushing on how he had improved his productivity by logging into a platform that matched him up with complete strangers who “watched over his shoulder” to “make sure he did is work on time”.

Seems like an awful waste of effort when there is already a multi partner bulk collection system already designed to “watched over his shoulder”. Though the information on who wants to look over his shoulder could be useful.

Clive Robinson February 23, 2022 3:31 PM

@ pup vas,

No indication police used spyware unlawfully

In England we have a histoical hero called Nelson, and there is a very tall plinth with his statue on top called Nelson’s Column, and it stands in the middle of the appropriately named Trafalgar Square (which is not square but that’s besides the point).

One of the things he is famous for is aledgably going into battle against a much superior in numbers fleet by a deceit.

The story has it when the lookout in the crows nest called out that ships had be sighted he put a telescope to his blind eye and said “I see no ships” so sailed into battle and victory.

From this we have the expression “Turning a blind eye” meaning you go through the process of looking but deliberatly do not see what is “as plain as the nose on your face”.

Something tells me that the Israeli Government investigation “saw no ships” even though they were upto and deyond their neck in them…

I say this confidant in what I say, why? Because a properly carried out investigation always finds something. Why? Because due to the failings of human nature there is always something to find. If you doubt this look up “Three Felonies a Day”,

https://kottke.org/13/06/you-commit-three-felonies-a-day

The three sides of an investigation have “Human Failings” thus “Digging for dirt” is a favoured way of getting an eye to look the other way with such enquiries.

The three parties being,

1, Those who instigate an enquiry.
2, Those who investigate.
3, Those under investigation.

Dig deep enough and there is always mud that can be flung that will stick.

Even Saint’s have a dark and terrible side,look up Mother Teresa of Calcutta.

She took in millions from some of the worlds most unsavoury people, but her clinics received little or none of it. In fact she was proud thst pain killers had been witheld from people dying agonising deaths as their pain maid them more Christian…

https://www.vice.com/en/article/gvzebx/mother-teresa-was-kind-of-a-heartless-bitch

I could go one seemlingly endlessly pulling dirt up on “The Great and the Good” but that would miss the point… Enquires can be inappropriatelt used to do two fundemental things,

1, White Wash those involved
2, Kick the subject into the long grass

Those who setup the enquires almost always have an agenda, and they put it in place in two ways,

1, By setting the terms/scope of the enquiry.
2, By selecting the person or personnel that carry out the enquiry.

One significant tell-tale of a rigged enquire is the short duration it takes to come up with a “no person to blaim” result.

But sometimes that is a desirable thing to do, because sometimes for various reasons

“We have to do evil to do good.”

That is no matter what it may do to our souls or longterm mental health, we have no real choice.

A recent example is Spain –but there are many orhers–, which still has to come to terms with the countless deaths due to Covid that might under other circumstances have not resulted in death.

Put simply the Dr’s did not have the resources, so they had to perform a process called “Triage” where you sort people to give priority by a set of criteria…

Thus you have to make a choice on who to condem to death and who you give a chance of surviving, few can do this, and most who have to do it are forever changed if not maimed to there very core of their beliefs. Healthcare proffessionals are not those who you should ever have to make, make those choices, they did not become what they are to do that. The result often described politically as “burn out” means some leave the profession for good and with them goes all the expertise that they have built up, leaving all of us that little bit worse for it.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.