Personalization without Compromising Privacy

By App Actions, Digital Assistants, Personalization, Privacy No Comments

If you’ve been following technology news recently, you might have heard that there’s a privacy war brewing.  It should also come as no surprise that the digital assistants you use on a daily basis know a terrifying amount of information about you.  At the same time, there’s no arguing that some of this is ultimately useful to you, as a consumer.  This personal information is used to enable phone calls to your loved ones, or to take you to the right address when you navigate “home”.

As consumers become more privacy-conscious, however, they’re starting to ask if perhaps they’re giving more than they’re getting.  Where do you draw the line?  You might be fine with letting Amazon get access to your calendar, but what about your Spotify password, or to your online banking account?

At Aiqudo, we care deeply about user privacy and providing utility.  Often, this means we need to work that much harder at things that may seem easy or trivial for other digital assistants because they have all this access to your data.  Let’s look at a few of the ways that Aiqudo is able to deliver personal and private Actions for your mobile device.

The first and simplest way that Aiqudo can guarantee privacy is by simply not collecting the data in the first place.  For example, we don’t require you to create an account, or to give us credentials to access any of the apps or services available on our platform – you use your trusted apps as you normally would, e.g., with biometric authentication.  The only information Aiqudo collects is what apps the user has installed on their device, and what the user says, i.e., user commands.  The former is used to personalize and filter our Action results to what is most relevant to that particular user and device.  In addition, Aiqudo uses a randomized identifier to track a user within our system.  This is not tied to any personal information like an email address or phone number.  This identifier is also unique to the Q Actions application, which means that user data from other applications cannot be correlated to Aiqudo user activity either.

What happens to the data that Aiqudo does collect?  Ultimately, only aggregated data is stored for the long term.  This data is valuable to understand what kinds of queries users ask, or when we may have incorrectly classified an intent.  We do not use this data to track queries made by an individual user, or create a user profile. Aiqudo is GDPR compliant.

Aiqudo’s Private Data Manager 

Private Data Manager

However in some cases, we need to know a little bit more about you.  If you’re trying to send your TPS report to Bill, we’d like to be able to identify the right contact to send that critical document to.  So while you may notice that we do ask for access to things like your calendar, or your contact list in the Q Actions app, it’s important to know that we never send this information to our servers.  Instead, what we do is annotate user queries with hints to indicate that a certain word or phrase matches a local contact or meeting name.  This improves the accuracy of our intent matching without requiring direct access to personal or private information.

This approach is simple, but very powerful.  We’ve also added the ability to send hints about previous Actions that a user has run, and their input or output.  For example, if you searched for Chinese restaurants nearby, we might store the resultant list of restaurants on your device.  Then, if you follow up by telling Q Actions “take me to the second one”, we know which restaurant you’re talking about and can start turn-by-turn directions to that address.

That’s not all we can do.  A business has a lot more information. Sometimes we get review ratings or a phone number in addition to an address.  We can search this information locally when you refer to previous actions that you’ve taken, or when starting a new interaction with Q Actions.  This means we can take that restaurant and send its address to a friend.  Or we can generate options when you say something like, “get me in touch with someone in the Engineering department”.

Another really powerful thing that we can do with our Private Data Manager is understand some of the relevant data in your apps (with your permission, of course), e.g., your Spotify playlists. So if you say “play Calming Acoustic”, which happens to refer to one of your favorite playlists, we kick off this action in Spotify (not Pandora) without you having to explicitly say so; this information stays safe on your device, and within your trusted apps.

Personalized Actions

Personalized Actions

We’ve talked about how this works with simple, everyday examples, but the functionality we’ve built means we have the unique ability to work with privacy-conscious or sensitive applications in verticals like finance, or healthcare.  Partners also have the ability to import structured data into the Action Kit (SDK) on the client.  This data is searched whenever a user makes a request, and the user query is annotated with hints, just like contacts or other built in data types.  Partners have full control over what is stored, or when it is updated.

I hope this gives you a better understanding of how we treat private data.  As a company, we firmly believe that users should be able to control the flow of their data, and not feel like it’s being taken hostage because of a handful of useful or maybe even critical features that they have on their phone.  Most users don’t fully understand what data is being collected, or how it can be used in the wrong hands.  It’s our job to educate and put in place sensible safeguards that restrict the flow of private data while still being able to deliver the same level of utility.  We’ve shown that with the right kind of thinking and a little (or a lot) of elbow grease, this is possible, and consumers should demand nothing less.