Company admitted that contractors can access recordings made by Assistant, after some of its recordings were leaked

This article is more than 1 year old

This article is more than 1 year old

Google acknowledged its contractors are able to listen to recordings of what people say to the company’s artificial-intelligence system, Google Assistant.

The company admitted on Thursday that humans can access recordings made by the Assistant, after some of its Dutch language recordings were leaked. Google is investigating the breach.

The recordings were obtained by the Belgian public broadcaster VRT, which reviewed more than 1,000 audio clips and found 153 had been captured accidentally.

Google Assistant begins automatically recording audio when prompted by a user, usually by saying a wake-up word or phrase like, “OK, Google”.

Google says contractors listen to recordings to better understand language patterns and accents, and notes that recordings may be used by the company in its user terms. This feature can be turned off, but doing so means Assistant loses much of its personalized touch.

Smart talking: are our devices threatening our privacy? Read more

A spokesman for the company told Wired only 0.2% of all recordings are accessed by humans for transcription, and that the audio files are stripped of identifying user information.

However, the report from VRT found recordings of users that had identifiable information, including one person’s address and other personal information, like a family discussing their grandchildren by name, another user discussing their love life, and one user talking about how quickly a child was growing.

In 2017, Google confirmed a bug in its Home Mini speaker allowed the smart device to record users even when it was not activated by the wake up word. A Bloomberg report earlier this year also revealed Amazon’s Alexa voice technology uses contractors to review recordings, which Amazon later confirmed.

The recordings reported on by VRT may not be in compliance with the EU’s General Data Protection Regulation, rules that went into effect in May 2018 that limit the data companies based in the EU or doing business in the EU can hold on consumers.

Google did not immediately respond to request for comment.