Google secretly installed audio capture software that can listen in to users' conversations through a computer's microphone as long as Chrome is left running, according to a blog post by Pirate Party founder Rick Falkvinge.
Open source developers first noticed the software. According to Falkvinge, evidence that the audio capture code was being installed looked like an ordinary bug report.
When Google is started, it appears to "download something." Afterward, a status notification shortly appears with the words "Audio Capture Allowed: Yes" and "Microphone: Yes."
"Without consent, Google's code had downloaded a black box of code that, according to itself, had turned on the microphone and was actively listening to your room," said Falkvinge.
Other Chrome users tweeted about how they detected the software in their computers by simply typing "Chrome://voicesearch" in the address bar.
Chrome should ask before recording your conversations. Go to chrome://voicesearch/ to see if Google can hear you. pic.twitter.com/QqnqLQU33T
— Steven Borg (@stevenborg) June 22, 2015
Falkvinge explained that the software was supposed to respond to the "OK, Google" hotword detection, a new feature in Chrome that automatically activates the search function when certain words are captured. However, the feature also allows Google to eavesdrop on conversations spoken within the computer mic's earshot.
One user, who said that the issue is nothing more than "another techno-panic story," contradicted Falkvinge's assumption and argued that the audio capture software does not continuously transmit audio data to Google—it only starts to capture audio data when activated by the voice command. He said he was able to confirm this by observing the outgoing network traffic
"The binary is code that listens for and recognizes 'Google' LOCALLY. This is easy to verify simply by watching outgoing network traffic," the user commented on Falkvinge's blog. "There would have to be a steady stream if it were sending all audio to Google," he said, according to Inquisitr.
Falkvinge emphasized there was no way to verify this, as other activation conditions unknown to common users may exist. He also said that for the software to recognize the "OK, Google" hotword, it needs to run continuously.
Google responded to the issue by quietly incorporating a "switch" in Chromium, Google's open-source browser, that allows users to opt out. However, for most users who are unaware of the audio capturing tool installed in their computers, the choice to opt out may not mean anything.
And, by creating the "switch," Google indirectly admitted that it installed the audio capturing software in computers without users' consent.
"Now, it should be noted that this was Chromium, the open-source version of Chrome," said Falkvinge. "If somebody downloads the Google product Google Chrome, as in the prepackaged binary, you don't even get a theoretical choice. You're already downloading a black box from a vendor. In Google Chrome, this is all included from the start."
This means Google has potentially wiretapped unsuspecting Chrome users in their homes and offices whenever they open the browser.
Falkvinge recommended that a physical switch is needed to enable and disable a computer's microphone or camera to make sure Google does not intrude in Chrome users' privacy, according to the Guardian.