Horan calls IBM's security outlook "extremely conservative", noting that the company is concerned about Siri queries being stored on Apple's servers. As Wired notes, Apple does indeed store such information in order to perform transcription and offer results, as well as keeping it for some time in order to help improve overall performance.
It turns out that Horan is right to worry. In fact, Apple’s iPhone Software License Agreement spells this out: “When you use Siri or Dictation, the things you say will be recorded and sent to Apple in order to convert what you say into text,” Apple says. Siri collects a bunch of other information — names of people from your address book and other unspecified user data, all to help Siri do a better job.Apple is far from the only company to store users' personal information on its servers, but its popularity unsurprisingly places the company in the spotlight and is a particular focus for those such as corporate security personnel seeking to maintain privacy and control over such data.
How long does Apple store all of this stuff, and who gets a look at it? Well, the company doesn’t actually say. Again, from the user agreement: “By using Siri or Dictation, you agree and consent to Apple’s and its subsidiaries’ and agents’ transmission, collection, maintenance, processing, and use of this information, including your voice input and User Data, to provide and improve Siri, Dictation, and other Apple products and services.”
Because some of the data that Siri collects can be very personal, the American Civil Liberties Union put out a warning about Siri just a couple of months ago.