Google Snooping Tool Installs Itself On Computers Without Permission
Privacy campaigners and developers are hitting out at Google over the discovery of snooping software which is able to listen to conversations held near a computer. The Chromium browser is the open source version of Google Chrome and it was discovered by developers that the browser began to automatically install code that would give it access to a computer’s microphone without permission.
The code had been created to help the “OK, Google” voice detection which has been newly launched by Chrome and allows people to use the browser by speaking to it. However, users have claimed that the always-listening code has been automatically installed and activated on their computer without them giving their permission.
Rick Falkvinge, founder of the Pirate party said in a blog post “Without consent, Google’s code had downloaded a black box of code that- according to itself- had turned on the microphone and was actively listening to your room”. He went on to say that this meant that the computer would be configured to send your conversations to a private company without your knowledge and it was triggered by “an unknown and unverifiable set of conditions”.
The feature appears automatically as part of the Google Chrome browser, but the amount of commotion is being caused because it is it also automatically installed with Chromium. The code isn’t considered open source and Falkvinge has said that people don’t and can’t know what this “black box“ does because developers are unable to analyse or manipulate it in the same way that they can with other code.
Google responded to complaints about this issue by writing on its developer boards. The company said “While we do download the hot word module on start up, we do not activate it unless you opt in to hotwording“. Hotwording is the name given to the process by which the “OK, Google” command is listened out for and used.
Google have said that Linux distribution Debian can create the problem by automatically downloading the code with Chromium rather than Google Chrome, while a Google developer has told users that Chromium isn’t a Google product and it isn’t directly distributed by the company. Despite this, Falkvinge has claimed that users must opt out of the snooping code, rather than opt in, but there is nothing to indicate to them that they may wish to do so.
While many smartphones now have the functionality to be able to allow users to search using their voice, the reception to the functions being available through smart TVs and now browsers has come with less of a warm welcome. Users are wary of their conversations being listened in on, as it can be unclear exactly when devices are listening and what they are doing with the audio that they do pick up.
The technology of voice search functions is more complicated than you may think, as the browser or television often doesn’t process the search commands automatically itself. Instead, voice recordings are transmitted over the internet to company servers where they are then processed. Privacy campaigners are beginning to question whether this can mean that private conversations are also sent to companies to be processed too in error.
A Google spokeswoman had tried to calm the storm saying “We’re sure you’ll be relieved to learn we’re not listening to your conversations- nor to we want to“, adding that the software only gives users the ability to search by using the phrase “OK, Google” when on the Google homepage and only if they opt in.
Despite this, concerns mounted and Google was forced to remove the listening code from the Chromium browser. The code can now be separately downloaded from the Chrome Web Store and will only be installed when someone opts into the voice search service. Google wrote on its product pages “As of the newly landed r335874 Chromium builds, by default, will not download this module at all. Chromium is open source and it’s important to us, as it is to you, that it doesn’t ship with closed-source components, lazily or not”.