Does Google’s Duplex violate two-party consent laws?

Does Google’s Duplex violate two-party consent laws?

Google’s Duplex, which calls businesses on your behalf and imitates a real human, ums and ahs included, has sparked a bit of controversy among privacy advocates. Doesn’t Google recording a person’s voice and sending it to a data center for analysis violate two-party consent law, which requires everyone in a conversation to agree to being recorded? The answer isn’t immediately clear, and Google’s silence isn’t helping.

Let’s take California’s law as the example, since that’s the state where Google is based and where it used the system. Penal Code section 632 forbids recording any “confidential communication” (defined more or less as any non-public conversation) without the consent of all parties. (The Reporters Committee for the Freedom of the Press has a good state-by-state guide to these laws.)

Google has provided very little in the way of details about how Duplex actually works, so attempting to answer this question involves a certain amount of informed speculation.

To begin with I’m going to consider all phone calls as “confidential” for the purposes of the law. What constitutes a reasonable expectation of privacy is far from settled, and some will have it that you there isn’t such an expectation when making an appointment with a salon. But what about a doctor’s office, or if you need to give personal details over the phone? Though some edge cases may qualify as public, it’s simpler and safer (for us and for Google) to treat all phone conversations as confidential.

As a second assumption, it seems clear that, like most Google services, Duplex’s work takes place in a data center somewhere, not locally on your device. So fundamentally there is a requirement in the system that the other party’s audio will be recorded and sent in some form to that data center for processing, at which point a response is formulated and spoken.

On its face it sounds bad for Google. There’s no way the system is getting consent from whomever picks up the phone. That would spoil the whole interaction — “This call is being conducted by a Google system using speech recognition and synthesis; your voice will be analyzed at Google data centers. Press 1 or say ‘I consent’ to consent.” I would have hung up after about two words. The whole idea is to mask the fact that it’s an AI system at all, so getting consent that way won’t work.

But there’s wiggle room as far as the consent requirement in how the audio is recorded, transmitted and stored. After all, there are systems out there that may have to temporarily store a recording of a person’s voice without their consent — think of a VoIP call that caches audio for a fraction of a second in case of packet loss. There’s even a specific cutout in the law for hearing aids, which if you think about it do in fact do “record” private conversations. Temporary copies produced as part of a legal, beneficial service aren’t the target of this law.

This is partly because the law is about preventing eavesdropping and wiretapping, not preventing any recorded representation of conversation whatsoever that isn’t explicitly authorized. Legislative intent is important.

“There’s a little legal uncertainty there, in the sense of what degree of permanence is required to constitute eavesdropping,” said Mason Kortz, of Harvard’s Berkman Klein Center for Internet & Society. “The big question is what is being sent to the data center and how is it being retained. If it’s retained in the condition that the original conversation is understandable, that’s a violation.”

For instance, Google could conceivably keep a recording of the call, perhaps for AI training purposes, perhaps for quality assurance, perhaps for users’ own records (in case of time slot dispute at the salon, for example). They do retain other data along these lines.

But it would be foolish. Google has an army of lawyers and consent would have been one of the first things they tackled in the deployment of Duplex. For the onstage demos it would be simple enough to collect proactive consent from the businesses they were going to contact. But for actual use by consumers the system needs to engineered with the law in mind.

What would a functioning but legal Duplex look like? The conversation would likely have to be deconstructed and permanently discarded immediately after intake, the way audio is cached in a device like a hearing aid or a service like digital voice transmission.

A closer example of this is Amazon, which might have found itself in violation of COPPA, a law protecting children’s data, whenever a kid asked an Echo to play a Raffi song or do long division. The FTC decided that as long as Amazon and companies in that position immediately turn the data into text and then delete it afterwards, no harm and, therefore, no violation. That’s not an exact analogue to Google’s system, but it is nonetheless instructive.

“It may be possible with careful design to extract the features you need without keeping the original, in a way where it’s mathematically impossible to recreate the recording,” Kortz said.

If that process is verifiable and there’s no possibility of eavesdropping — no chance any Google employee, law enforcement officer or hacker could get into the system and intercept or collect that data — then potentially Duplex could be deemed benign, transitory recording in the eye of the law.

That assumes a lot, though. Frustratingly, Google could clear this up with a sentence or two. It’s suspicious that the company didn’t address this obvious question with even a single phrase, like Sundar Pichai adding during the presentation that “yes, we are compliant with recording consent laws.” Instead of people wondering if, they’d be wondering how. And of course we’d all still be wondering why.

We’ve reached out to Google multiple times on various aspects of this story, but for a company with such talkative products, they sure clammed up fast.

Source: Mobile – Techcruch

BeerBox is a vending machine that opens your beer for you

BeerBox is a vending machine that opens your beer for you
When you hear about beer vending machine BeerBox, you might wonder: Why don’t we have machines like this already?
Founder Robert Gaafar explained that there are actually several reasons why beer vending machines haven’t made sense in the past. For one thing, there’s the obvious legal necessity of ensuring that people are 21 years or older. For another, many venues won’t sell you a closed container of alcohol, because it can be used as a projectile (so you either get draft beer in a cup, or an already opened can or bottle). Plus, a normal vending machine might shake up the can too much, resulting in a foamy mess.
So BeerBox is a vending machine that opens the can for you. The company is part of the accelerator at ZX Ventures, the innovation arm of Anheuser-Busch InBev, and Gaafar said that if all goes well, BeerBox could eventually spin out as a separate company.
He added that BeerBox is meant to address “a pain that we’ve all felt” at concerts or festivals or ball games — the long lines at the bar: “It’s like, do I really want a drink? I might miss the next quarter.”
“These venues would love to sell more beer at the end of the day but they’re limited with real estate,” Gaafar said. “They can’t build more bars in the arenas, nor do they necessarily want to hire more people to staff that.”
The machine was developed in partnership with Intelligent Product Solutions. Ralph Cassara, the company’s senior director of architecture and embedded software, explained that the can-opening functionality represents even more of a “unique technical challenge” than you might think.
One aspect was simply studying how your fingers open a can of beer and figuring out how to replicate that mechanically. But Cassara also noted that the cans can be loaded into BeerBox top-first or bottom-first, so the machine needs to detect the can’s orientation, and then locate the tab at the top of the can.
And where another beer vending startup called Civic is focused on using blockchain to solve the age verification issue, Gaafar said that’s addressable with human checks — just put the BeerBox (or, eventually, multiple BeerBoxes) in an area that’s only accessible to guests who’ve shown their ID.
The current BeerBox prototype can hold 150 25-ounce cans of beer (though Gaafar said that will end up going down to 110 cans as the machine is redesigned for airflow). Payments are cashless, but the company is also planning new models that support secure, offline payments. And while the prototype we saw only dispensed Bud Light, he said it eventually will include a touchscreen for ordering multiple types of beer.
In the meantime, you’ll be able to see the BeerBox at select concert and sports venues this summer.

Source: Gadgets – techcrunch

zGlue launches a configurable system-on-a-chip to help developers implement customized chipsets

zGlue launches a configurable system-on-a-chip to help developers implement customized chipsets
The complexity and cost of packing an array of sensors and power inside a small amount of space has opened the door to a wider and wider variety of use cases for internet-connected devices beyond just smart thermostats or cameras — and also exposed a hole for getting those ideas into an actual piece of hardware.
So there are some startups that are looking to address this hole by providing developers a path to creating the customized chipsets they need to power those devices. zGlue is one of those, led by former Samsung engineering director Ming Zhang.  The company’s chiplets are built around the kind of system-on-a-chip approach that you’ll see in most modern devices, where everything is in a single unit that reduces some of the complexity of moving processes around a larger piece of hardware — shrinking the space constraints and allowing all these actions to happen on a device, such as a smartphone. As more and more IoT devices come online, they may all have varying form factor demands, which means companies — like zGlue and others — are emerging to address those needs.
“From the developer point of view, think of us as a system that is not different from any thing else on the market, user-interface-wise,” Zhang said. “It is just smaller in size, faster in time to market, and flexible — customizable by individuals rather than just by Apple and Qualcomms. [We’re] democratizing chip innovation so it is no longer [a] privilege of Fortune 500 companies.”
The company’s first product is called the zOrigin, a “chip-stacking” product that aims to allow developers to embed the sensors and processes necessary for their devices. Stemming from an ARM 32-bit core processor (meaning it can handle more complex and precise calculations), the first launch costs $149 for the wearable and development board and can include pieces like a Bluetooth radio, accelerometers, and other necessary features.

zGlue’s chipsets have embedded memory, which is an increasingly common approach to try to reduce the number of trips going from the actual processing power to where the information is stored. Those trips cost power, speed, and can restrict the scope of use cases for internet-connected devices. Zhang said the chiplets are packaged closer together — literally reducing the space that information has to cross — in order to speed it up, though that of course carries consequences when it comes to heat constraints these processors can have.
“That’s the price to pay for the continuation of Moore’s law, as it has in the past 40 years,” Zhang said. “Heat dissipation in our system is not going to be any worse than a conventional system. In fact, with the silicon substrate in place, it’s easier to conduct heat compared to a conventional package or board substrate.”
As a kind of templated approach, zGlue is geared toward helping developers produce a custom setup that the can implement into devices that may require a wide set of sensors. The company says it looks to help developers go from a design to a prototype in a few weeks, and then reduce the turnaround time from a prototype to production in “weeks or months,” depending on the complexity and volume.
While this is one example of trying to get a prototype chip out into the wild, there are a few others as well. Si-Five, for example, offers developers a way to prototype custom silicon for their specific niches based on the hardware and IP the startup has. The goal there is to offer both a prototype flow and the ability to graduate into a production flow, allowing developers and companies to get products out the door that require custom silicon. Si-Five hardware is based on the RISC-V architecture, an open-source instruction set for silicon, and the company most recently raised $50.4 million.
Zhang, too, said RISC-V offers some potential, especially in its own scope. “RISC-V is a great tool to build small, fast, and low power IoT applications,” he said. “The nature of open source makes it more available to more people. We welcome and embrace RISC-V to join the family of ‘MCU’ chiplets supported by our technology.”
When it comes to inference — the machine learning processes that happen on the hardware to execute some kind of action, like image recognition, based on trained models — Zhang said the chipsets would support it, but he would not comment further. There is a blossoming ecosystem around custom silicon that looks to speed up inference on devices like cars or IoT devices, which is geared toward reducing the space and power constraints of those chips while also running those processes much more quickly. Companies like Mythic have raised significant venture funding in order to build that kind of hardware.

Source: Gadgets – techcrunch

Bell & Ross releases a new watch for travelers

Bell & Ross releases a new watch for travelers
In my endless quest to get geeks interested in watches I present to you the Bell & Ross BR V2-93 GMT 24H, a new GMT watch from one of my favorite manufacturers that is a great departure from the company’s traditional designs.
The watch is a 41mm round GMT, which means it has three hands to show the time in the 12-hour scale and another separate hand that shows the time in a 24-hour scale. You can use it to see time zones in two or even three places and it comes in a nice satin-brushed metal case with a rubber or metal strap.
B&R is unique because it’s one of the first companies to embrace online sales after selling primarily in watch stores for about a decade. This means the watches are slightly cheaper — this one is $3,500 — and jewelers can’t really jack up the prices in stores. Further, B&R has a great legacy of making legible, usable watches, and this one is no exception. It is also a fascinating addition to the line. B&R has an Instrument series, which consists of large, square watches with huge numerals, and a Vintage series that hearkens back to WWII-inspired, smaller watches. This one sits firmly in the middle, taking on the clear lines of the Instrument inside a more vintage case.
Ultimately watches like this one are nice tool watches — designed for legibility and usability above fashion. It’s a nice addition to the line and looks like something a proper geek could wear in lieu of Apple Watches and other nerd jewelry. Here’s hoping.

Source: Gadgets – techcrunch

Fortnite is finally coming to Android this summer

Fortnite is finally coming to Android this summer

Fornite is finally coming to Android…in a matter of months. After dominating the iOS gaming charts since March, the wildly popular sandbox survival game will be hitting the world’s top mobile operating system at some point this summer.

Creator Epic Games buried the news in the middle of a larger blog post titled, “The State of Mobile,” noting, vaguely, “We know many of you are excited for this release, and we promise that when we have more information to share, you’ll hear it from us first.”

That news comes amid a flurry of other Fornite related announcements this week. Earlier this morning, Epic unveiled a Battle Royale competition with a large in-game cash prize. This morning, the company also laid out plans to bring voice chat and improved gameplay and controls to the mobile side of things. Stats are coming to mobile, as well, along with a reduced install size.

Not that any of those issues have hampered the games success, of course. Earlier this year, the game was reportedly bringing in $126 million in monthly revenue — even before it arrived on iOS. With its imminent release on Android, that number’s likely to get a whole lot larger. 

Source: Mobile – Techcruch