Ever since we've had technologies that were capable of long-distance communication, people have always been concerned about possible violations to their privacy. Whether it's a phone call or a text message, this has always been an issue. With new smart speakers like Google Home or Amazon's Alexa, this issue seems more relevant than ever. Are we being exploited by forms of surveillance? Let's take a look and find out...
We've always placed our trust in service providers, especially in the telecommunications sector. We expect total respect to our right to privacy, but it's also quite ordinarily to be paranoid that you're being spied on. It wasn't long ago that governmental bodies realized that without encryption, conversations and messages could easily be intercepted or altered.
Remember the Snowden case? I'm sure you do, but it was proof of how companies like Microsoft (to name just one example) worked closely with the NSA to allow the agency to circumvent the encryption of Skype and Outlook.
Yes, Google is always listening to you
The latest smart speakers, such as the Google Home, are equipped with a microphone that's always ready to listen. This has made many users wonder "Is Google always listening to us?". Yes, of course, the device is listening to you, but not in the way you might think...
It's true, devices with Google Assistant are actively listening, but by default they are just waiting for a keyword to be used: either "Ok, Google" or "Hey, Google". That's why Google asks you to repeatedly repeat these words when you first start using a device with Google Assistant.
This sentence acts as a key to unlock the device's listening capabilities. Once the input is received, the device records a few seconds of your voice, sends it to the cloud, analyzes it and then provides its response. This is what Google says in its FAQ page dedicated to Google Home. This page also states that Google's smart home devices automatically erase anything that is said if the keyword isn't detected.
So far so good, right? Yes, but at the end of last year, there was a bug on many Google Home models that allowed the device to remain actively listening at all times. Google promptly sent a software update to solve the problem and released the following statement:
We take user privacy and product quality concerns very seriously. Although we only received a few reports of this issue, we want people to have complete peace of mind while using Google Home Mini.
As for the audio clips that the device makes each time it detects a keyword, they're stored in the account that belongs to the owner of the Google Home and are accessible to the user at any time. If you use the app, you can listen to the recording again, along with any interaction carried out with Google Home.
If you're a little worried, you should be! There's nothing wrong with that, but Google does allow you to delete these recordings. You can also disable the recording of these stored clips, although Google discourages it because you won't get the full user experience that their devices offer. This would prevent the virtual assistant from learning from your interests and habitual behaviors.
It's unclear whether this data will end up somewhere, but who knows? According to Google, when you delete recordings from the app, they are permanently deleted from your account, but that doesn't mean they are "permanently deleted". It's easy to imagine that the company is storing this information elsewhere for some other purpose.
It's the same thing with Amazon
Things are similar when it comes to Alexa. Just like with Google Home, Amazon Echoes are always listening, but don't necessarily record everything you say.
They operate similarly to Google's assistant: products in the Echo family wait for the keyword "Alexa" and transmit the audio to the cloud that processes the recording. But in this case, you should know that Amazon also records a fraction of a second of audio before the keyword is stated.
In this case as well, the audio record by the Echo is stored online and in the associated Amazon account, and just like with Google Home, you can listen to it and delete interactions with Alexa by visiting the History section in the dedicated app.
Can I trust Amazon and Google?
I can't give you a definite answer to this question, but it's unlikely that Google and Amazon are taking part in some kind of espionage. Both are extremely powerful and competitive companies worth many billions of dollars, but both are still accountable to their individual users and shareholders. I don't think they need to spy on us 24 hours a day, 7 days a week. As easy as it is to think that our data is sold to the highest bidder, these companies are always facing potential backfire when they're caught dubiously selling data.
We should really be more concerned about surveillance from our governing bodies. Things are getting worse, and in some cases companies like Amazon or Google might be forced to hand over these recording to law enforcement agencies or other authorities. Just last year, Amazon refused to hand over data collected by Amazon as police investigated a murder in Arkansas.
Can your smart speaker be hacked?
The idea is very frightening, but as of yet there haven't been any cases of Google's smart speakers being hacked. The worst we've seen is an ad from Burger King where the voice from the commercial triggered actual models of the Google Home to be activated. This particular trick annoyed many users, who asked Google for an update that would distinguish a real voice from a simulated one.
Things haven't been so secure for Amazon. A little while ago, a company called MWR Infosecurity successfully compromised an Amazon Echo by exploiting a vulnerable device. By removing the rubber base at the bottom, the team was able to access the 18 debug pins, and via an external microSD, installed malware without leaving any evidence that there was any form of tampering. This allowed the company to obtain remote access to the smart speaker and to be able to access the microphones at any time.
Of course, all current models have been modified to eliminate this vulnerability, but who knows what else could be exploited in the future?
So the moral is... none of the major communication technologies has ever been able to escape the work of spies, so it's entirely possible (if not inevitable) that sooner or later even smart speakers could join this list.
Are you concerned about the confidentiality of your data? Let us know your opinion below in the comments.