Apple's Siri-AI, or more shouting into the void about "private" agents
7 hours ago
- #Data Security
- #AI Privacy
- #Tech Ethics
- Apple is integrating Google Gemini models with Private Cloud Compute (PCC) to enhance Siri with AI, enabling access to private user data for personalized assistance.
- PCC uses trusted hardware to encrypt and process data, ensuring it isn't stored or accessed by Apple or Google after inference, aiming to protect privacy.
- AI agents need external communication (e.g., search engines, messaging) to perform tasks, which can leak private data through queries, regardless of PCC's internal protections.
- Tech companies could monetize private data accessed by agents via search queries, leveraging intimate user information for targeted advertising or other purposes.
- Agents are vulnerable to prompt injection attacks, where malicious inputs trick them into exposing confidential data, creating security risks akin to the 'lethal trifecta'.
- Governments could mandate agents to detect and report criminal activity, transforming them into surveillance tools, challenging privacy and legal protections like the Fourth Amendment.
- Cryptography (via PCC) secures data from providers during inference but doesn't protect against data leakage through agent actions, design choices, or external mandates.