Enhancing Transparency and Control in Voice-Controlled Digital Assistants: Identifying Privacy Risks, Understanding User Expectations, and Developing Mitigation Strategies
Identifying Privacy Risks, Understanding User Expectations, and Developing Mitigation Strategies for Voice Assistants
by Luca Hernández Acosta
Date of Examination:2025-05-15
Date of issue:2025-06-27
Advisor:Prof. Dr. Delphine Reinhardt
Referee:Prof. Dr. Christian Becker
Referee:Dr. Franca Delmastro
Referee:Prof. Dr. Dieter Hogrefe
Referee:Prof. Dr. Benjamin Leiding
Referee:Prof. Dr. Florin Manea
Persistent Address:
http://dx.doi.org/10.53846/goediss-11360
Files in this item
Name:Dissertation_SUB_Pub_DOI.pdf
Size:7.96Mb
Format:PDF
The following license files are associated with this item:
Abstract
English
Voice assistants have become an integral part of modern smart environments, extending beyond smartphones to cars, smart speakers, and robots, enabling hands-free control of various devices. Their widespread adoption has led to increasing privacy concerns, as many users incorrectly assume that voice data is processed and stored locally, whereas it is primarily handled by cloud servers. This discrepancy between user expectations and system functionality introduces significant risks related to data privacy and control. This dissertation addresses these concerns by introducing novel solutions that enhance privacy, transparency, and user control in voice assistant systems. A comprehensive literature review reveals that existing privacy controls often fail to provide adequate protection, particularly in multi-user environments where only primary users typically have full access to settings and stored data. A user survey further identifies key privacy needs, misconceptions, and desired features. The findings highlight three primary areas requiring improvement: authentication, transparency, and granular control over interactions and stored data. Users express a clear need for systems that provide equal access and control for all users, along with mechanisms to easily identify and manage sensitive data. To address these needs, this dissertation presents two solutions. The first implements local user profiles and on-device speaker recognition on a Raspberry Pi, demonstrating the feasibility of enhanced authentication on resource-limited hardware similar to smart speakers. This approach mitigates the risk of wake word replay attacks, where unauthorized users exploit recorded wake words to access sensitive information. By employing continuous authentication based on full voice commands rather than relying solely on wake word detection, the system ensures access is granted only to verified users. Additionally, local profiles grant each user secure access to their interactions, allowing them to review stored data and make independent privacy decisions. This proof-of-concept, integrating Alexa Voice Service (AVS), validates the technical feasibility of enhanced authentication and local storage, even on constrained devices like the Raspberry Pi. The system achieves 99% accuracy in distinguishing legitimate from illegitimate users, with high precision (93%), recall (95%), and F1-score (94%). Further, the system was tested under challenging conditions such as accents, background noise, and muffled speech. In addition to an existing dataset, a controlled evaluation was conducted using voice recordings from participants, featuring realistic German voice commands. These recordings assessed the system’s performance and usability under practical conditions, confirming its effectiveness in handling authentic speech patterns. While the first solution focuses on authentication and data security, the second prototype enhances transparency and user control, also running on a Raspberry Pi. This prototype provides a user interface similar to existing smart speaker companion apps, such as those from Amazon Alexa and Google Assistant, while introducing advanced functionalities for improved data management. Users can filter interactions by sensitivity, enabling quick identification and removal of potentially sensitive data. By prioritizing local processing and storage, the prototype minimizes reliance on cloud services, directly addressing key privacy concerns identified in the user survey. The system architecture enables sorting, searching, and managing voice recordings. Sensitivity classification was evaluated using established datasets, achieving high accuracy across multiple categories, including emotion (F1: 97.1%), gender (F1: 96.7%), intent (F1: 84.6%), and audio classification (F1: 74.9%). To assess usability and the effectiveness of these control mechanisms in enhancing user autonomy over voice data management, we conducted a user study. Compared to the Alexa companion app, which many participants rarely used to review their voice history, our prototype significantly improved user control and trust. The System Usability Scale (SUS) score increased from 35.28 to 80.28, while the Trust in Automation Scale (TiAS) score rose from 2.56 to 3.71, demonstrating the effectiveness of these enhanced privacy controls. Our findings reveal significant shortcomings in the transparency and privacy controls of current voice assistants. This dissertation lays the foundation for further advancements in privacy-preserving technologies for voice assistants, fostering systems that empower users to maintain control over their data while enhancing trust and usability.
Keywords: Privacy; Speaker Recognition; Voice Authentication; Voice Assistants; Smart Speakers; Multi-User Environments; Granular Data Control; Data Transparency; Sensitivity Classification; Raspberry Pi Implementation; Privacy Requirements; User Misconceptions
