Experts raise security concerns surrounding Amazon Alexa and NHS partnership

Experts raise security concerns surrounding Amazon Alexa and NHS partnership
By Rachael Kennedy
Share this articleComments
Share this articleClose Button
Copy/paste the article video embed link below:Copy to clipboardCopied

Amazon is teaming up with the UK's National Health Service, which will allow Alexa to provide verified medical advice. But privacy experts worry about the lack of security for those using the service.


Amazon is teaming up with the UK's National Health Service (NHS) for a new Alexa feature offering medical advice.

The voice-assisted service will use information from the NHS website to formulate answers to questions about common medical ailments, such as migraines, flu and chickenpox.

It is hoped that the option to ask Alexa for NHS-verified advice could help reduce pressure on doctors and other NHS services.

Health Minister Matt Hancock said he wanted to "empower every patient" in being more independent with their healthcare.

He added: "Technology like this is a great example of how people can access reliable, world-leading NHS advice from the comfort of their home, reducing the pressure on our hardworking GPs and pharmacists."

"Through the NHS Long Term Plan, we want to embrace the advances in technology to build a health and care system that is fit for the future."

NHSX, the UK's joint health and technology unit, said it welcomed the collaboration with Amazon Alexa in a tweeted statement.

"This approach means that the trusted, medically verified NHS website becomes the default source of information," it said.

'Everyone can hear the recordings'

However, security experts warned about the lack of privacy surrounding the partnership.

Jamal Ahmed, a privacy consultant in the UK, told Euronews that people could select a secure browsing mode when searching for health advice on the Internet but with Alexa, there were no security features in place.

"No security exists with Alexa, everybody can talk to it, everyone can hear the recordings," he said.

"Voice-recognition devices don't allow you to select a private browsing mode, there is no privacy or security feature that you can enable," he added.

Ahmed also noted that using the device without any control over cookies — small text files that reside on computers and contain information that is accessed by the servers of websites visited — may also be concerning since they could be sold to any buyer or target consumers with products or services.

For Boris Cipot, a senior security engineer at Synopsys, not knowing how the data could be used was troublesome.

"If an insurance provider gains access to the user-specific data, they could potentially categorize users into risk categories based on the advice they sought, which could also lead to increased insurance rates for those deemed high risk," he told Euronews in a statement.

Ahmed said that Amazon should implement a secure way of asking questions, such as a password to look at the browsing history and not keep recordings for a long period of time.

The Times cited Amazon as saying that its Alexa service did not share information with third parties, nor gather data to make product recommendations or build a profile on customers.

All data was encrypted and kept confidential, it said. A spokesman said that customers were “in control of their voice history” and could review and delete recordings, the British publication added.


Amazon told Euronews in a statement that the company took privacy seriously. 

"Customers are in control of their voice history. They can review and delete voice recordings in the Alexa App or by visiting Customers also have the option to delete via voice by saying 'delete what I just said' or 'delete what I said today'."

Share this articleComments

You might also like

The Brief: Iran breaches terms of nuclear deal, Mogherini visits Africa

'Slaughtered': UK farmers protest post-Brexit rules and trade deals

Vaughan Gething elected as first minister of Wales