Privacy watchdogs are sounding the alarm on Google’s lack of transparency.
The news that Google Nest Secure includes a microphone, a detail not contained in any of its product spec sheets, stirred up recollections of past privacy transgressions by the digital advertising giant.
When Google announced in early February that the company had added a feature to its Google Nest Secure system that allows it to work with Google Assistant to become a smart speaker, some consumers were surprised to learn the home security and alarm system has an embedded microphone.
Google Nest microphone
Google was caught out for failing to disclose the integrated microphone, admitting that detail should have been included in product information.
A Google spokesperson clarified that the microphone has never been on in the past, and the only way its functionality can be activated is “when users specifically enable the option.”
Google clarified that all of its Nest security products, including its Nest Protect smoke and carbon dioxide detector, were built with in-product microphones for future features.
Information about the Google Nest Protect microphone was included in the product documentation. Google Nest thermostats do not contain a microphone.
When news of the Google Nest Secure microphone began circulating, privacy advocates called for more diligent oversight of the company.
Intercepting private communications
One group, the Electronic Privacy Information Center (EPIC) called for the US Federal Trade Commission (FTC) to compel Google to sell its Nest division.
EPIC released a statement saying, “It is a federal crime to intercept private communications or to plant a listening device in a private residence.”
The embarrassing Google Nest Secure microphone disclosure conjures up Google’s other past privacy violations including its most prominent, the company’s 2010 admission that for three years its Google Street View cars had been collecting and storing payloads from WiFi networks.
Separately, in January France’s CNIL data privacy agency fined Google $57 million for failure to comply with the European Union’s General Data Protection Regulation (GDPR), CNIL cited Google for not informing search engine users how their personal data is mined and for not gaining consumer consent for personalised ads served to them.