Apple Resolves ‘Hey Siri’ Lawsuit with $95 Million Settlement

Apple Inc. has agreed to a $95 million settlement in response to a lawsuit alleging that the technology giant unlawfully recorded conversations through its Siri virtual assistant. Plaintiffs claimed that audio was extracted from personal exchanges and shared with human reviewers, raising significant privacy concerns.

The lawsuit, which traces its origins to claims made in 2019, centers on the assertion that Apple devices inadvertently activated Siri during private discussions, leading to targeted advertisements based on these interactions. These allegations were fueled by a 2019 report from The Guardian, which featured insights from an anonymous whistleblower revealing that contractors could hear sensitive Siri recordings, including instances involving intimate encounters and medical discussions.

In its defense, Apple stated that only a small fraction of Siri recordings were transmitted for analysis aimed at enhancing the virtual assistant’s functionality. The company maintained that no recordings were tied to specific Apple ID accounts. However, the plaintiffs argued that Siri’s activation was not exclusively dependent on the intended wake phrase “Hey Siri,” suggesting that sounds as incidental as a zip or even arm movements could trigger the device.

As part of the proposed settlement, which awaits confirmation from U.S. District Judge Jeffrey White in Northern California, Apple will not admit to any wrongdoing. A court hearing scheduled for February 14 will provide an opportunity for both sides to advocate for the settlement’s approval. Consumers who purchased Siri-enabled devices between September 17, 2014 and December 31, 2024, may be eligible for up to $20 per unit owned, alongside Apple’s commitment to delete Siri-related audio collected prior to October 2019.

Plaintiffs have accused Apple of breaching multiple laws, including the federal Wiretap Act and the California Consumer Privacy Act, as well as contract violations and unfair competition. Notably, claims of unfair competition were dismissed in 2021.

This lawsuit underscores significant implications for data privacy and consumer trust in digital assistant technology. As organizations like Apple face scrutiny over data handling practices, understanding the technical aspects of potential security vulnerabilities becomes increasingly essential for business leaders. The tactics and techniques outlined within the MITRE ATT&CK framework may reflect adversary strategies related to initial access and persistent data collection, highlighting how digital systems can inadvertently become conduits for privacy breaches.