Anyone who harbors suspicions of what the search engine giant might be up was given good reason to be even more alarmed recently. Google has been accused of eavesdropping on users of its Chromium browsers.
Some people noticed that the browser would download modules from Google as part of its automatic updating process. And that among the new features was one that turned on the computer’s microphone by default and automatically transmitted what it heard back to Google’s cloud for analysis.
Further cause for concern was that Chromium, their sibling to their Chrome browser platform, is an open-source project, but the speech recognition feature was part of a “black box” module. These are closed-off sections of proprietary code that are impossible for developers or researchers to examine, which totally subverts the idea of “open-source”.
The Voice Search feature is intended for users to look up stuff by sound alone; activated by simply saying, “OK, Google,” aloud. (It’s also available for the Chrome browser.) While the company maintains that the search function will not work until that magic phrase is uttered, critics rightfully pointed out that it would still have to be listening and analyzing everything it picked up just in order to know when to do so. Google also claims that the controls of the aural search function that indicate the microphone is on and “Audio capture allowed” merely indicate the presence of a working mike, not activating it. But many people are dubious of that claim.
Google also says it wasn’t seeking to hide the feature, but considered it a normal “part of the Google Chrome experience” and so not worth mentioning to users. They quickly incorporated an “opt-out” button as a fix, but unless they inform users of the feature and the ability to not enable it, how are people supposed to know this?
Besides, it’s not at all clear that users actually can turn it off. Not only is the code hidden away where none can read it, but like Chrome, Chromium is entirely cloud-based. This is why they’re so useful, especially on netbooks and small devices such as the Android smartphones, because most of their functionality depends not on traditional programs installed on the machine itself, but from the many “free” features available online from Google. Therefore the browser could be listening and reporting back all the time, and users might never know it.
Suspicions raised by the sneaky way Google has implemented Voice Search are certainly not the only ones concerning the company’s methods and motivations. At the same time, Disconnect, a privacy firm founded by former Google engineers, has sued their one-time masters, claiming that Google is involved in a systematic pattern of abusive behavior that has violated privacy rights on a “massive scale”.
In their complaint, the start-up says that Google’s business “consists almost entirely of gathering data about the preferences, locations, and behavior of ordinary people and monetizing that data through the sale of targeted advertisements on the Internet.” Disconnect, which has developed an app that tracks and blocks trackers, has been banned from the Google Play store for interfering with this. But there may be more to this than just sour grapes.
For serious questions have long existed about Google. Back in 2011, they got into trouble when it was discovered that their Street View cars zipping around the world were not only taking pictures (and annoying many thereby, especially in Europe) but secretly recording email and even passwords from any unsecured Wi-fi hotspot they passed.
One conspiracy site has been warning about the potential for secretly spying with webcams and mikes since 2006. There have been several cases where it has been proven to have happened – not just by pervy hackers either; one school district did it to its own high school students.
For years, Jamii, our Vice President who has an extensive background in security, has kept a post-it note over her laptop’s webcam and tape over the microphone. Given the world we live in, with hackers, spies, and now corporations seeking to pry into the most private and intimate aspects of our lives, such practices no longer seem paranoid or extreme, but utterly practical – and necessary.
UPDATE – Just as this article was being posted, Google announced that it was pulling the extension, while offering an elaborate justification, but no apology. It will have to be seen what happens with later iterations of their software, and not just with them. Now that they’ve developed and deployed voice-recognition software, can their rivals, Facebook and Microsoft, be far behind?
SWCP cannot recommend Chrome or Chromium because of these ongoing privacy concerns – at the present time, we recommend Firefox instead. But regardless of the browser or platform you use, the upshot remains the same: your privacy is your own responsibility. So be careful out there.