← Audio
F

HomePod mini

Fail
Apple · 🇺🇸 United States · WiFi
PolicyApp PermissionsNetwork TrafficFirmwareRegulatory
Technical details
Manufacturer: Apple

⚠️ The bottom line

"What happens on your iPhone stays on your iPhone" was Apple's billboard while it paid contractors to listen to your Siri recordings. The whistleblower described hearing drug deals, doctor-patient conversations, and people having sex — captured by accidental activations. The recordings came with your location and contacts. Apple never told anyone humans were listening. It took a whistleblower going to The Guardian. Cost: a $95 million settlement — roughly 9 cents per affected device. The sound of a zipper. That's all it took to activate Siri and start recording. For five years, Apple collected these accidental recordings and sent them to contractors without telling anyone. When the whistleblower blew the lid off, Apple killed the program within a week — the speed tells you they knew how bad it was. The settlement covered a full decade of devices. Up to $20 per device. For years of eavesdropping, Apple valued your privacy at the cost of a pizza.

Legal jurisdiction
🇺🇸 United States (headquarters)
CLOUD Act read more →
US govt can demand your data from this company even if stored overseas
FISA §702 / PRISM read more →
NSA collects stored emails, photos, messages without individual warrants
Geofence warrants read more →
Police can demand location data for everyone near a crime scene
Spying
2/4 MODERATE
Is someone spying on me?
Data Sharing
2/4 MODERATE
Who gets my data?
Security
1/4 LOW
Is it actually secure?
Honesty
2/4 MODERATE
Can I trust what they say?
ACCEPTABLE Moderate concerns. Standard privacy hygiene applies.
4Contradictions
2Critical
1High
1Medium
2Sources
Findings by concern
Spying 2/4 MODERATE 1 finding
⚡ highpolicy claims vs regulatory findings
Tim Cook went on stage and said "privacy is a fundamental human right." He said it at conferences, in op-eds, on billboards. Meanwhile, hundreds of contractors worked shifts listening to 1,000 Siri recordings each — catching couples in bed, patients discussing diagnoses, people conducting private business. And while Cook positioned Apple as the anti-Google, Apple's ad business quietly grew from $2 billion to over $7 billion. Privacy is a fundamental human right — and apparently a fantastic marketing strategy.

What they claim: Tim Cook says privacy is a fundamental human right, contrasting Apple with surveillance capitalism.

What we found: While making these statements, Apple ran a program where hundreds of contractors listened to 1,000 Siri recordings per shift including intimate conversations. Apple's own ad revenue grew from $2B in 2018 to over $7B by 2024 while building its advertising platform.

Security 1/4 LOW 1 finding
⚫ mediumpolicy claims vs app permissions
Apple says HomePod doesn't build a profile on you. To set one up, you hand it your Apple ID, iCloud, contacts, calendar, reminders, Apple Music history, HomeKit device list, and WiFi credentials. It knows who lives in your house, what music they like, when they sleep, what smart locks are on the doors, and what temperature the thermostat is set to. Apple says that's not a profile. It's the most detailed profile of your home life any single device has ever assembled.

What they claim: HomePod mini uses on-device intelligence and minimal data transfer.

What we found: HomePod requires linking Apple ID, iCloud, Apple Music, HomeKit devices, contacts, calendars, reminders, and WiFi. A compromised HomePod accesses a comprehensive profile of home life, relationships, schedule, and IoT inventory.

Honesty 2/4 MODERATE 2 findings
⚠️ criticalpolicy claims vs regulatory findings
"What happens on your iPhone stays on your iPhone" was Apple's billboard while it paid contractors to listen to your Siri recordings. The whistleblower described hearing drug deals, doctor-patient conversations, and people having sex — captured by accidental activations. The recordings came with your location and contacts. Apple never told anyone humans were listening. It took a whistleblower going to The Guardian. Cost: a $95 million settlement — roughly 9 cents per affected device.

What they claim: Apple markets HomePod mini as part of its privacy-first ecosystem.

What we found: In July 2019, a whistleblower told The Guardian that Apple's grading program had contractors listening to Siri recordings — hearing drug deals, medical discussions, couples having sex. Recordings included location and contacts. Apple settled Lopez v. Apple for $95 million in 2025.

⚠️ criticalpolicy claims vs app permissions
The sound of a zipper. That's all it took to activate Siri and start recording. For five years, Apple collected these accidental recordings and sent them to contractors without telling anyone. When the whistleblower blew the lid off, Apple killed the program within a week — the speed tells you they knew how bad it was. The settlement covered a full decade of devices. Up to $20 per device. For years of eavesdropping, Apple valued your privacy at the cost of a pizza.

What they claim: Apple says Siri only listens when it hears the wake word and recordings use anonymized identifiers.

What we found: The $95M settlement in Lopez v. Apple was specifically about accidental activations — sounds as innocuous as a zipper triggering Siri. The class covered every Siri device from September 2014 to December 2024 — a full decade. Apple halted the program within a week of the Guardian report.

What happened to real people
Documented incidents involving Apple products and user data.
PRISM participant since 2012. Apple dropped full iCloud E2EE plans (codenamed Plesio/KeyDrop) after FBI objections (Reuters 2020). Advanced Data Protection released 2022 as opt-in with deliberate friction. [source]
Apple handed over iCloud backups in 1,568 cases covering ~6,000 accounts. 90% compliance rate. Surveillance firm: 'If you did something bad, I bet I could find it on that backup.' [source]
Government requests for push notification metadata rose from 158 (H1 2023) to 277 (H1 2024). Push tokens can identify devices and link to accounts. [source]
What your data is worth to governments
Apple complied with 12,043 government data requests in H1 2024. That's +621% over 10 years. Apple has been a confirmed PRISM participant since 2012. Under this programme, the NSA collects stored communications. The company is legally prohibited from telling you. Jurisdiction: US (CLOUD Act, FISA Section 702).
Documented: PRISM participant since 2012. Apple dropped full iCloud E2EE plans (codenamed Plesio/KeyDrop) after FBI objections (Reuters 2020). Advanced Data Protection released 2022 as opt-in with deliberate friction.
Documented: Apple handed over iCloud backups in 1,568 cases covering ~6,000 accounts. 90% compliance rate. Surveillance firm: 'If you did something bad, I bet I could find it on that backup.'
What is PRISM? · What is the CLOUD Act? · Transparency report
Sources