Ride the Lightning

Police Want to Ask Alexa “Who Dunnit?”

January 9, 2017

If water cooler conversations are any indicator, everyone has heard the story of the police seeking evidence form the Amazon Echo's personal assistant Alexa in a murder case in Bentonville, Arkansas.

As The Washington Post reported, in November of 2015, James Bates called 911 to report that he had spotted the lifeless body of Victor Collins in his hot tub. Bates indicated that he and some buddies had been drinking and watching football the night before and that Bates agreed to let two of them crash at his house before he went to bed.

The police began suspecting foul play when they found broken knobs and bottles, as well as blood spots around the tub, indicating a struggle. A few days later, the Arkansas chief medical examiner ruled Collins' death a homicide — and police obtained a search warrant for Bates' home. The cause of death was strangulation with drowning as a secondary cause.

Inside the home, detectives discovered a number of "smart home" devices, including a Nest thermostat, a Honeywell alarm system, a wireless weather monitoring system and an Amazon Echo. Police seized the Echo and served a warrant to Amazon, noting in the affidavit there was "reason to believe that Amazon.com is in possession of records related to a homicide investigation being conducted by the Bentonville Police Department."

While police have long seized computers, cellphones and other electronics to investigate crimes, this case has raised new questions about privacy issues regarding devices like the Amazon Echo or the Google Home, voice-activated personal command centers that are constantly "listening." Is there a difference in the reasonable expectation of privacy one should have when dealing with a device that is "always on" in one's own home?

The Echo is equipped with seven microphones and responds to a "wake word," most commonly "Alexa." When it detects the wake word, it begins streaming audio to the cloud, including a fraction of a second of audio before the wake word, according to the Amazon website.

According to court documents, police took the Echo and extracted information from it, though what they would have been able to get isn't clear.

The Echo keeps less than 60 seconds of recorded sound in its storage buffer. As new sound is recorded, the old is erased. So there's no audio record made of what went on in a room where an Echo sits.

Only when the Echo hears its wake-up word does it begin sending a stream of audio to the cloud to be converted into text that the Amazon Alexa app can understand and act upon. The requests are saved, though Amazon allows users to go in and erase their voice recordings. It's possible to turn Echo's microphones off, so it is not listening.

The police pursuit of the Echo's data seems a bit of a wild goose chase to me – only if someone had wakened Alexa would the device have recorded any audio. And the odds of Alexa recording anything relevant to a murder seem slim.

The police warrants indicate the mistaken belief that Alexa is possibly recording at all times. While the device is listening for the "wake word", it is not recording or transmitting anything to the cloud.

Amazon refused to comply with the warrants. "Amazon will not release customer information without a valid and binding legal demand properly served on us," a company spokeswoman said in an email to The Post. "Amazon objects to overbroad or otherwise inappropriate demands as a matter of course."

The case and its implications are reminiscent of one earlier in 2016, in which the FBI demanded Apple's help in cracking an iPhone belonging to terrorists who opened fire at a work party last December and killed 14 people in San Bernardino, Calif. Apple refused to comply, and the FBI ended up paying professional hackers to crack the phone.

Bates is out of jail on bail with his trial set to begin this year.

The police did find some interesting evidence from the Bentonville utilities department. According to police records, a city utility billing and collections manager told detectives that, on the night of Collins's death, 140 gallons of water were used at Bates's home between 1 and 3 a.m.

"In comparison, while all four [men] were together earlier that evening, they never used more than 10 gallons of water in an hour," police reports said. "The amount of water used between 0100-0300 hours was consistent with spraying down the back patio area, which may have resulted in the wet concrete patterns observed on the morning of November 22nd."

The utility department's source? Each home in Bentonville was on a smart meter, police were told, to measure and record the exact consumption of electricity and water every hour. Now that was something I didn't know about initially – and it was another "aha!" moment. If Alexa is not "called to the stand", certainly the smart water meter will be.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
http://www.linkedin.com/in/sharondnelson