After complaints over leaked Voice Assistant recordings, Google says: We hear you Google has laid out what is and isn't recorded when you use your voice to operate its Assistant app, and tweaked some of its preference settings labels to be more upfront about what happens to your audio data. It also said sorry – again. A blog post today from Google Assistant senior product manager Nino Tasca, headed Doing …
Well, nobody in the business was surprised that this was happening. But what will particularly annoy the privacy conscious is that no matter how will anonymized your recordings are, they are still connected to your account, and therefore at the mercy of the government.
As they say, the United States is a democracy, because they listen to the people. That's what the NSA is for.
Not to mention, if you mention your name, your spouse's name, childrens names, passwords, credit card number, appointments etc. and these recordings needed "better translation", even if the recording wasn't visibly linked to the account for the listener, they can get a lot of personal information...
I'm fed up with these settings games. If they were actually serious about privacy, companies would have one page that explicitly lists all of the tracking, analytic, and telemetry functions, describes their usage, and gives the user the ability to enable or disable them as they (the user) sees fit. Instead we have impenetrable layers of obfuscation. It's all "Settings > User Settings > General > Application Preferences > Communication Preferences > Data Management > Feedback > Automated Feedback > Feedback Settings > Enable ATPS (which is really Record Everything I Do And Send It Unencrypted To An Unsecured S3 Bucket)". Nevermind the fact that they split it up into eight different settings hidden all over the app, rename them every point release, automatically enable all of them, and fall back to the least restrictive one, but they also have the gall to claim that it "improves the user experience".
Sorry I know I'm preaching to the choir here.
Google is Evil.
Google is an American Conglomerate who's sole mission is to gather as much data on each and everyone as they can then sell it to the highest bidder.
An now this site is promoting upgrading your information warehouse to 'Google Cloud'
https://www.theregister.co.uk/2019/09/24/google_cloud_promo/
Even more lovely data to slurp.
Fail. Mega Fail.
And no, I don't have a GMail or any other form of Google account
This post has been deleted by its author
It's pretty much irrelevant if the audio snippet is anonymised from your account if the contents of the audio snippet is something like:
"OK Google, book a proctological exam with Dr. Fingers for Monday 11am, for John Smith, DoB 20/11/1854, sex male, address Buckingham Palace London SW1A 1AA, health insurance number 123456789, credit card number 1234 5678 9123 4567, expiry 10/3265, CVV 111"
'It's clear that we fell short of our high standards in making it easy for you to understand how your data is used, and we apologize.'
Pointing out the use of the data in a human readable form rather than burying it in a 'tick here' mass of T&C probably over 10'000 words?
Feck off Google, I do not accept your T&C.
The only way im reading 10000 words is in a book.. By an author I like and no I will not tell you who it is, how I bought it, how long I spend on each page, what I do with it when I get to the end. God forbid I read the thing again a few years later without paying for it again. Ummm sorry tangent but you get the point?
Oddly, neither Windows, iOS, Linux nor FreeBSD have "older than a few months" as a flag for an "rm" or "del" command. You'd think someone so high up in an IT tech company would be able to be a little more specific than "a few months". I suspect his definition of "a few" would more commonly be recognised by most normal people as "a shitload of months, possibly better enumerated as years to make the number smaller and more manageable"
Standard greasy legal speak. "Few" is one of those words that makes something ambiguous enough that the speaker can't be held accountable for it. If he were to say and actual number, then the company will actually have to do it. This way, they can just be lazy about it and delete old data whenever they feel like it rather than having actual retention procedures.
I have to deal with that crap at work a lot. Management will declare privacy policies, but then when I ask about specific time frames for retaining data or what data we should be deleting, I am met with silence or the company lawyer telling me not to document anything except specific wordings. Even specific time-frames like "6 months" get the same treatment. We have to mark it down as '6 months" and never anything like "180 days" or "8035200 seconds". Simply because if we do document something like that, then we are legally responsible for ensure that those numbers are actually followed.
"Recently we've heard concerns about our process in which language experts can listen to and transcribe audio data from the Google Assistant to help improve speech technology for different languages. It's clear that we fell short of our high standards in making it easy for you to understand how your data is used, and we apologize."
....Just goes to prove you never hear anything nice about yourself when you eavesdrop...
"remember my answer and never ask again?" in a privacy/remember my details/enable fast paying/similar options box.
Oh, wait, I never do.
Fuck off, Google. And while you're at it, make it easier to actually kill and remove from memory a program (app my elbow) when I've finished using it.
A while ago I blocked Google's access to my phone's microphone. I started to get error messages, "Google Play not working" or something similar. Yesterday I finally found out why. A new error message told me that unless I gave Google Play access to my microphone it would not work. I declined their kind offer. I was under the impression that Google Play was a shop, maybe I'm wrong, so why does it need a microphone?
Started out as a store, but now is the framework for -everything-. It started out as a package manager, but eventually a lot of code that should be separate daemons got pulled into it. It looks like Google's intention is that Google Play Services becomes the entire ABI/API for 3rd party packages ("apps") to run.
It could be a well-intentioned, if misguided, attempt at reigning in misbehaving apps. But since its one of the few Google Proprietary binaries in Android, I am a bit more cynical and believe that Google's motivation is to pull as much away from the OpenSource parts so that they can gain 100% control over Android.
I wouldn't be surprised if in the next few years, Android becomes nothing more than a Linux Kernel, a massive binary module for interfacing with hardware correctly, the Google Play binary blob to act as the entirety of the User Mode OS components, and a monolithic Shared Library. Although the more cynical part of me believes that they'll jettison the Linux Kernel entirely and roll their own so they no longer have to comply with any Open Source licenses.
"audio snippets are never associated with any user accounts"
The big problem that makes listening to recordings worse than all the other shenanigans involving personal data is that it's fundamentally impossible to anonymise it, since the recordings can contain personal data. If I buy a widget, it's entirely possible to strip out all the payment data, tracking, and so on, and just note the fact that x widgets have now been bought. If you record me having a confidential conversation with my doctor, which begins with me verifying my name, address and DoB, it doesn't matter how much effort you make to strip out metadata, the personal information is still right there in the recording.
No-one gives a shit whether things are associated with user accounts or not. It's having people listening in on private conversations at all that is the issue. No amount of faffing around with privacy settings and metadata can affect that.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
