A group of information security specialists claims that human operators, in addition to third-party companies, have access to Google voice assistant recordings; this applies to both smartphones with Google Assistant enabled and Google Home smart speakers’ users.
The experts, in collaboration with the Belgian news agency VTR News gained access to some audio recordings from users in various locations (such as Belgium and the Netherlands); according to the experts, some of these voice samples were recorded even without the device user activating the assistant by saying aloud the phrase “Ok Google”.
Information security specialists say that companies with access to these recordings take records with the intention of perfecting speech recognition technology, and add that this activity is not only practiced in Europe; “companies around the world have access to these records,” they say.
The main issue is that this practice violates the provisions of the Google Terms and Services, as its content does not specify that any human operator has access to users’ voice recordings. Researchers say the company tries to hide users’ personal information by assigning them numeric keys replacing each user’s name.
When questioned in this regard, Google’s spokespersons stated that the company takes and transcribes about 0.2% of the total recordings taken by Google Assistant; “The sole purpose of this practice is to improve our audio recognition technology,” they added.
Moreover, for the information security specialists from the International Institute of Cyber Security (IICS) this report is just a sample of the multiple unfulfilled promises of companies like Google about the privacy of their users, “the personal information will never be completely safe in the hands of these organizations,” they say.
In previous cases the use of voice recognition technology has been the target of multiple criticisms; users of devices like Google Home or Amazon Echo are concerned about the scope of the software that powers these devices, because they believe that, in fact, users don’t really have control over what these machines can listen to, record or send to external companies.