Google has finally responded to the report from the Belgian broadcaster VRT NWS which showed that they were making audio data from Google Assistant available to contractors and sub-contractors. Worse, the audio recordings weren’t always triggered by a Hey Google or OK Google phrase. As expected, the tech giant has gone a bit on the defensive, explaining their process and reminding people that they can always “manage and control” the data that is stored on the account. They also revealed that they will be going after whoever leaked the “confidential Dutch audio data” that was used in the report.
Google explained that they need to partner with various language experts in order to “understand the nuances and accents” of the various languages that Google supports in Google Assistant and their various smart devices. They have to review “a small set of queries” which includes transcribing them and this is a necessary part of building speech technology that users need and appreciate. They say that only 0.2% of all audio snippets are reviewed by these contractors and that they are not associated with any of the Google accounts.
They further explained that they are going after whoever perpetrated the leaked audio data that VRT NWS was able to acquire and that their Security and Privacy Response teams are already activated and investigating the matter. And of course, they will be reviewing their own safeguards and protocols to make sure this doesn’t happen again. They have assured users that throughout this whole review process, they are protecting their users’ privacy.
However, all of this doesn’t really explain how VRT NWS was able to trace who the users were and even find out their addresses just by listening to the audio recordings. And some of the users claim that they did not know their Google Home devices were listening in on them, meaning they did not use any of the phrases that would trigger Google Assistant. Google says that the instances of “false accept” are rare and these instances are because of background noise that it interpreted as a hotword.
Despite assurances that they are not recording us when we don’t know and then sending out these recordings to contractors, it’s still not convincing enough for us to fully trust that they respect our privacy and security. There have been too many reports, not just of Google but Amazon and Facebook as well, that we can’t help but feel paranoid that all of these tech companies are listening in on us even when we don’t want them to.