At Scriptix we have been privacy focussed from the start, and since the recent Schrems-II ruling this is an important topic for many organizations. How do you safely integrate a cloud service like Scriptix Speech Recognition?
Do not store customer data
At Scriptix we maintain a privacy focussed approach since the company was founded. Our initial API-platform was designed in such a way that we did not store any customer data, we deleted everything right after processing. Moreover, as opposed to other vendors of speech recognition we did not use customer data to train our algorithms. To train our generic algorithms we rely on datasets we create ourselves or we agree on a development plan with a customer. In case of the latter, we agree with our customer to use their data to train a customized speech recognition model that yields better results for their specific use cases. After we are done training however, we delete all training material again.
Process data with an EU cloud provider
Because the Schrems-II ruling states that personal data can no longer be processed on cloud providers from US-owned entities (such as: AWS, Microsoft Azure and Google Cloud) we decided at Scriptix to move our entire infrastructure from Microsoft Azure to an EU-based cloud provider, more specifically OVH Cloud in France. As of now, Scriptix is the only speech recognition vendor that does not process customer (personal) data with US-owned cloud providers and rightfully so. A common misconception about Schrems-II is that personal data can in fact be processed with US-owned entities if the servers are located in Europe. This however is not the case. Even though data could quickly be removed from these servers after processing (as Scriptix did since its incorporation), there is room for that data being requested by a foreign agency from the company processing the data. In short this means a company is not compliant with these new regulations whenever it processes personal data on US-owned cloud providers.
Offer an on prem solution
Taking privacy a step further, we also decided to offer our services on premises, or hosted, for those organizations who simply can not use a cloud service. There are many scenarios where cloud is simply out of the question because an internet connection is not safe enough to transfer data. By offering Scriptix services on premises as well we eliminate this issue. Currently we can offer our real-time speech recognition models which can be deployed on a docker capable system. We can take it a step further and even offer our entire software stack as an on prem service. This requires a Kubernetes platform.
Interested to learn more about processing data with cloud services and privacy risks related to such services? Get in touch, send us an email and we’re happy to schedule a chat. To read up more on this topic you may find the following article about Transcription services interesting: click here for the full article.