Report alleges that microphones on devices are used for "Active Listening" to deliver targeted ads
A report suggests that a major advertising company has used the microphone of devices to spy on users to deliver targeted ads. A report published by 404 Media spills the beans about the controversy.
The article is behind a paywall, but here's what it talks about.
Are your smart devices listening to you?
Cox Media Group (CMG), which is a partner of Meta (Facebook), Microsoft, Amazon, and Google, claimed that it can deliver targeted adverts based on what users were talking near device microphones. The company does this via something called Active Listening. Apparently, CMG not only openly admitted that it could use its technology to listen to what users say near smart devices, it actually advertised its capabilities on a web page. Do you get it? They were bragging about wiretapping, on their website!
A set of pitch deck slides, obtained by 404 Media, highlights the features of Active Listening. You can access an archive of it here. CMG deleted the web page where it had bragged about Active Listening, the last time this controversy arose. That does seem like an admission of guilt, but that's not enough evidence.
Speaking of which, there was a similar allegation last year, but it had been promptly denied by Google and Amazon. According to Ars Technica, Google pointed out that Android has restrictions in place to prevent apps from capturing audio when they are not used. Android displays an icon when an app accesses the microphone (iOS does this too). Amazon had stated that Echo devices were only engaged when the user speaks the wake word. It had also clarified that users could review their voice history from the Alexa app's settings, and see what kind of data was processed. What else were they going to say?
Techdirt points out that this wasn't the first time Cox tried something like this, the cable giant wanted to embed microphones and cameras in cable boxes in 2009, to monitor people. An article by The Byte linked to an archived version of a blog post from CMG outlining the capabilities of Active Listening. Gizmodo says that Amazon told them it has not worked with CMG on the program, and has no such plans. Meta also denied the allegations. Google has ended its partnership program with CMG after the report by 404 Media was published. Make of that what you will.
The new pitch deck, which you can find here, highlights some alarming things like how AI can collect and analyze voice data from 470+ sources, and that includes behavioral data which can identify an audience that is "ready-to-buy" the products. One of the diagrams in the slides feature a smartphone, a TV and a smart speaker, probably an example of the devices that are being used to listen to users. The "Predictive Audience Technology" can then use the data to develop an audience list, and target them via ads. Honestly, it sounds far-fetched. Is this even possible? Which app does it use to listen to users?
I'm not saying that CMG is innocent, or that 404 Media is exaggerating about the controversy. But we need some proper evidence to form an accusation, so far everything seems to be purely circumstantial, based on the slides. Was this technology used or not is something that will remain a mystery.
This isn't a new theory, I have heard about some rather unusual experiences for nearly a decade, which closely resemble the allegations. People whom I know personally have claimed to have experienced devices that were listening to them, alleging that their phone displayed ads about things that they were talking about.
A friend of mine had once jokingly claimed that Facebook was showing ads for places related to locations where she wanted to go, and that it was like magic. Was the phone listening to her? I argued that it wasn't funny, and that she must have looked up those cities on Google (or Google Maps) via a browser, which could have then resulted in cross-site tracking by other websites. That data could, in combination with IP tracking, may have been associated with the social account that was being used. The social network could then use the data on other devices that the person owned, which could then result in ads for hotels, restaurants, stores in those places. It has to be targeted ads, that is the only logical explanation. But, that is still creepy.
Don't get me wrong, I have no love for social networks or big tech, I don't trust them, and I certainly won't defend their practices. But if you think, and analyze the evidence, there's not much to go about such allegations.
These marketing companies could be listening to your mobile device's microphone, I can't say they do, or do not. But, this is how social networks learn about you. You share your favorite food, sports team, books, movies, school, college or workplace, likes and dislikes, photos and videos of you, your family, your shopping habits, medical history, geolocation, etc. That is how they sell the ads to you, by profiling you. You are the product!
I know I'm probably going to sound like a conspiracy theorist, but guess what big tech's next weapon is? AI chatbots that you interact with by text, or speak to. You may think those chatbots are cool and helpful. But you are feeding them with your data, they learn your preferences, and everything about you, all in the pretext of simplifying your tasks. What are you talking about? The AI is assisting me and making my life easier, everything is processed on my device, anonymized and end-to-end encrypted. Are you sure about that? All it needs is a simple knock from a Government agency, and a backdoor will appear. They are not just training AI language models using your data, it is a tunnel that leads directly into your life. Windows Recall may just be the tip of the iceberg. AI tools are the biggest threat to our privacy, even worse than ads and trackers, because you are willfully using them.
Some years ago when Alexa devices first were available I thought the idea that people could be listening in was totally ludicrous. Now there are either some very very bizarre coincidences in my life or else my original view was totally ludicrous. (These days I hardly touch a keyboard and use speech recognition for transcribing all my communications but I do wish that it would recognize the word ludicrous rather than the name of a rapper, Ludacris).
Here is something that relates to the topic of this thread.
Ford trying to patent similar “active listening” in cars. This is going to be happening, or is already happening, the question there is really if Ford gets patents on it, not whether it will be done.
https://tech.slashdot.org/story/24/09/11/146214/ford-seeks-patent-for-tech-that-listens-to-driver-conversations-to-serve-ads
And a generic reminder about facebook/meta and other like them. Meta ‘global privacy director’ admitting to digging all the way back to ***2007*** in facebook and instagram (and no doubt also every other thing they ‘acquired’ or could scrape elsewhere. Remember the stories about “shadow” profiles).
https://tech.slashdot.org/story/24/09/11/1114230/facebook-admits-to-scraping-every-australian-adult-users-public-photos-and-posts-to-train-ai-with-no-opt-out-option
Do note that the EU is only **opt out**, so people have to do it actively, which to begin with requires them knowing about it happening and that, at least superficially, putting a stop to it is possible.
Just thought it was worth bringing up. 2007. 17 years! I am sure they’d like to go back further but their weren’t really exploding until sometime 2006.
There is no proof that CMG actually had any of these capabilities. I know advertisers want to be able to target ads, but this is a bit extreme. What is more likely here, that they are overselling their capabilities to make money – or that they actually possess all of this knowledge and have access to private conversations and non-public data without Apple’s, Amazon’s, Meta’s, Google’s, and “smart” TV maker’s knowledge?
Could a government compel these big tech companies to perform active-listening for “national security” reasons and keep it quiet from the public? Possibly. But an advertising company? No way!
Let us remember BadBIOS …
https://en.wikipedia.org/wiki/BadBIOS
“BadBIOS is alleged malware described by network security researcher Dragos Ruiu in October 2013 with the ability to communicate between instances of itself across air gaps using ultrasonic communication between a computer’s speakers and microphone.”
https://arstechnica.com/information-technology/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
“Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps
Like a super strain of bacteria, the rootkit plaguing Dragos Ruiu is omnipotent.”
https://www.infosecurity-magazine.com/news/badbios-the-god-of-malware/
“Jacob Appelbaum tweeted, “I think I know when and why @dragosr was owned. I also think I know who likely did it and many of the details. A hint: #NSA #CSE #GCHQ” “
Want to add that smart TVs also been doing this over the years… disconnect that stuff if u want privacy.
Here if you want to see something really creepy, and this is an old one from around 2017. I have a vid here where a person is walking around New York with a phone. It has no SIM, Wi-Fi off and on airplane mode and then afterward he went checking with some high-tech gear what data is being sent when he activated his phone normally. You know what comes next… the phone knew exactly where he was going. He also did it without airplane mode, and the data was less. So in airplane mode it tracks you even more. Now you know when you switch off your phone, and after 8 hours or so the battery drain is 4-6% = the phones are not off and the recording is very plausible. So even if you think you have a de-googled phone… forget it. It is the hardware, stupid :)
phrozen ghost, you are way late to the party with that one.
This has been going on for a very long time.
Lawyers worth using work on the assumption that their phones are being snooped on or being used to snoop (airplane mode or not). Does ‘pegasus’ and all that not ring a bell with you? And that is just some of the semi-public stuff.
It’s not just high profile targets like snowden that this happened on, corporate espionage and cybercrime is not a new thing.
Back to the topic though, not sure why ashwin is being so defensive on this. Of course there is little actual ‘evidence’ as everyone involved want to wash their hands of this and not have a paper trail. Perhaps he is getting paranoid about what they, being willing to be so dirty (it’s not new for them, just this latest claim is), will do if he wasn’t.
It is not new tech.
Even old examples did passive listening, like Siri, Alexa, Cortana, goggle glasses. Ostensibly “only to catch activation phrases”, but practically? The devices have become more capable, the automatic transcription services have become better, “more internet” and “more compute” has become available.
Not at all surprising if the story is completely true.
There has long ago been a lot of coverage of alexa basically streaming conversations to datacenters. Some of it with intent to improve service (with people listening and correcting the automatic transcription to improve it) but not doubt also adding to the profiles of those victims.
The only slightly odd bit is bragging about many so many sources, but then again why wouldn’t a saleman do exactly that to land a contract. A simple guess would be having access to backdooring of some commonly used app frameworks that can be used for stealthy listening – you know a socalled supplychain attack. And no doubt some underhanded cooperation for kickbacks from insiders/owners.
I also completely disagree with him that “AI” is the greatest threat to our privacy. They are just enablers, enabling easy massive sifting through stuff, making is simpler and more abstract (instead of technical and requiring skill) for those who are the threat. Their servants were already collecting as much as they could practically afford to store or collect. You need to follow the money (and the power), then you eventually get to the actual threats, instead of their tools.
Even so, do not neglect or underestimate the vast datapools of the databroker industry and their suppliers. That began long before this LLM craze. Sheeet, I doubt NSA would even need a federal budget if they were allowed to commercialize the almost unbelievable amount of data they collect.
I will agree on one thing, many people will unfortunately tell these “AI” machines many things and show them many business things, that they would not confide to anyone but close friends and collegues. Just most of it is already collected, by other means, specially when it comes to enduser personal devices.
Imagine cellphones being used to snoop on meetings in Big Businesses :-)
When making a phone call on a Blackberry phone where the Facebook app came pre-installed, a couple of violent thugs appeared and started harassing other passengers. Trying to keep a low profile and having quietly and succinctly explained the situation (just out of earshot) to my fellow caller, I hung up and started scrolling my Newsfeed on Facebook.
I had set all the privacy settings I was able to find as strictly as I could but in spite of that, almost immediately I saw an advert in the Newsfeed for self-defence lessons. I hadn’t looked them up, nor any related term, nor had I recently watched any martial arts films, nor had I previously seen any such adverts in my Newsfeed.
It was pretty damn clear that either my mic, or that of my fellow caller, was tapped and being put through machine learning algos to generate context-aware targeted advertising that could be served in real time.
This was over 12 years ago.
Sorry for the language but I don’t know a clearer more simple way to put it.
No shit Sherlock!
Beyond disgusting. CMG should be sued out of existence, and its founders imprisoned. Every company that uses it should be severely penalized until this spyware is removed on all devices.
I have not trusted the mic or the cam to truly be off for many years now on my desktops and laptops, so I disable them in Device Manager until I actually want to use them. I put a strip of electrical tape over the camera lens for good measure when there is no shutter for it.
That may not solve all the issues, or be absolutely certain they are truly off, but at least it gets you half-way there and makes it more difficult to use for nefarious purposes. Don’t get me started on AI or Recall–I have blocked them too.
Both Facebook and Google clearly do this, I’ve tested myself and with a group of 100 people, we call each others and talk about clothes, food, tools… and surprised they display the exact ads that we just talked about.
Try watching the autocorrect feature, in an Amazon kindle product, when typing help. There are many many such “auto suggestions”. I think the word “soul” was another.
Check it out.
Also on same device, i have been getting ads for things i “speak” about a lot that i have never even searched for. Tons and tons on the initial screen whatever it is called.
This is the reason why I don’t have Facebook App on my phone or any other third party Apps.I use the default iPhone apps only..and only the once I need like texting and Email..that’s it…the rest are deleted from my phone.
It’s ok, it’s just the CIA listening for pedophile and terrorist noises.
lol !
Well Facebook messenger does video and audio calling so I’m guessing unless you are a mime you would probably need the microphone.
My Wife and I joke all the time about how she see’s ads almost immediately after we have talked about a product or subject. More than a coincidence for sure.
Just in case I wouldn’t talk about important or too serious topics, just in case the ads begin to suggest bizarre alternatives that are not worth listening to or reading. You know. I hope.
Meta (Facebook, Instagram) is pure evil, it’s definitely not a social network.
Some people in the UK have been arrested for politically incorrect posts on Facebook, so eavesdropping your mic is like… lol, who cares.
This is where we’re at.
Click Accept to continue…
There is nothing social about social media.
Sure there is, it’s an Socially Transmitted Disease.
No surprise there. You have to be careful about what permissions you grant apps. Not sure why Facebook or instagram would even need the microphone really.