(Updated for 2022)
There can be times when you’ve chatted with a friend about a certain item, and then later in the day, you get a targeted ad about it without even searching for it.
You might think, “I was just talking about this. How did my phone know?” The immediate conclusion you may come up with is that your phone is hearing your conversations. But is it really?
Today, we’ll uncover the truth and break down the myths surrounding this issue:
Does your phone listen to you and your real-life conversations?
To give you a clearer picture, let’s take a step back and talk about how online ads are targeted.
Normally, brands get permission from third-party sites like your social networking channels and websites you visit to view your activity on the internet. The data they get ranges anywhere from the cookies you accept to your demographic information (age and location), and more.
That way, they can more accurately target audiences with specific traits, interests, and preferences that they’re looking for, and have higher chances of capturing a lead or converting a sale. There’s been no secret about how ad networks and digital marketing companies use data to serve ads to the best audience, but what if we told you there was more to the picture?
How Advertisers Can “Hear” You
Advertisers don’t need to listen to your phone to get data about you because third-party sites like Facebook and Google already have them. With these sites, they can access the audience’s location, age, interests, and even the websites you’ve visited.
Big data, artificial intelligence, and algorithms all work together to target ads efficiently. The more data gathered about your audience, the more precise these campaigns will turn out to be.
Artificial intelligence fuels most (if not all) online marketing tools to automate processes and reduce errors. Each social media channel or ad network has specific algorithms that identify the best size, time, and type of ad to show to a user for maximum effect.
Below are a few ways advertisers get your data:
Online forms and surveys
Online forms and surveys serve as the advertiser’s “ears” because they can gather information like age, gender, and location. These forms may also ask more complex questions like “did you like this product/service?” or “Are you planning to purchase this item within 3 months? From here, advertisers can infer what products or services these people will most likely be looking for based on certain demographic data and show ads about that product.
Using cookies is another common tactic because they allow advertisers to track users online, which can be used to gather information on what people want and how they are using the internet.
The cookies are also used to store impersonal information about a user, such as their search history, scrolling patterns, and even where their mouse is hovering. You’ll see the option to accept the cookies, but they can appear anywhere from blog sites to social media. These cookies will need to be activated with the end-user’s consent though.
This information can then be used by advertisers to target their ads at individuals who have shown interest in similar products or services.
Data brokers are companies that specialize in collecting data on a person’s online activities—what they buy, what they read, where they go—and then sell it to other companies. Companies use this data mainly for marketing purposes. By listening to what people say and doing research into their lives, data brokers can help advertisers target their ads more effectively.
What Types of Data are Being Collected?
Personal Data is data that can be used to distinguish between people. This can include personally identifiable information like location, phone number, and email addresses, and non-personally identifiable information like device IDs and IP addresses.
Engagement Data is the data that shows a consumer’s interaction with a business from its social media pages, website, and even emails. These data can be used by companies to make decisions about how to market their products and services.
This type of data can be gathered from a variety of sources, including social media platforms like Facebook and Twitter. It can also be gathered from emails sent by a company to its customers.
Behavioral data is any data that is collected how a person interacts with the business, These can range from purchase histories, click through rates, scrolling speed, and even mouse movement tracking.
Attitudinal data is information about how people feel about a particular product, service, or brand, or a particular type of ad. Things like consumer satisfaction, purchase criteria, and product desirability are part of Attitudinal Data.
Wait, is All of this Legal?
The United States has been slow to catch up with the latest innovations in technology, but it is finally starting to regulate them. In the past, we have seen that the government has been hesitant to intervene in any new technology because it does not want to stifle innovation.
However, it is now apparent that some of these technologies need more oversight and regulation. There are a few different laws that apply to data collection and protection in the United States, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which protects a patient’s health information, and the Children’s Online Privacy Protection Rule (COPPA), which protects the privacy of children below 13 years old..
The European Union has some of the strictest data protection laws in the world. The General Data Protection Regulation (GDPR), protects personal data and requires that companies give people clear information on how they collect, store and use personal data. It also requires them to get consent from users before they do so.
The GDPR applies to all types of organizations that process personal data of individuals residing in the EU, regardless of their location or size. This means that even if your company is based outside the EU but processes personal data about anyone in the EU, it must comply with this regulation.
The Philippines has pretty strict data protection laws, so it’s no surprise that it also takes a strong stance against companies that violate these laws. The Philippine Data Privacy Act (PDPA), sets clear guidelines for how personal information is collected, stored and used by companies who collect this information from Filipinos.
What Major Advertisers and Tech Giants Have to Say
Over the past couple of years, this issue has gained enough traction to compel major tech companies to release statements to the public.
Google has stressed that they do not use ambient noises to serve targeted ads. However, around July 2021, in a closed-door hearing with Indian government officials, some sources say that Google’s employees were listening to their user’s conversations via Google Assistant. According to the report, Google records conversations even if users don’t mention the wake word (“Hey Google,” “OK Google”).
Google disputed this claim and clarified that it doesn’t record conversations without the “Hey Google” trigger. The company directed the audience to its Safety Center website for more details on how Google Assistant works. But, Google previously admitted that its employees listen to “Hey Google” triggered conversations to help improve its speech recognition technology.
Additionally, there have been recent changes to their Developer Policy that will be effective on July 20, 2022. A new Data Safety section will be added to the policy where developers need to provide accurate information related to personal user data. This applies to all apps, such as Google Play Console.
Rumors and allegations about Facebook eavesdropping through its user’s phone microphone to listen in on conversations for better ad targeting have persisted over recent years. Be that as it may, Facebook denies this allegation. The company’s 2016 statement clarifies that they show ads based on interests and information you place on your public profile, but not what you’re talking about.
Only Apple has somewhat admitted to this phenomenon, but only when you’re using Siri. They also claim that it’s used for optimization. However, there is no stopping their servers from recording conversations you have when the voice assistant is triggered.
Amazon Echo devices are always listening for the wake word, which is “Alexa.” The device starts recording the conversation after hearing the wake word, and stops when you say “Alexa, stop.”
This does not mean that Amazon is always listening to or recording your conversations. As soon as the Echo hears its wake word, it begins streaming audio to the cloud. However, this stream will only last until you continue talking after Alexa’s response, or if you manually disconnect from your device.
These recordings have sparked discussions and cases, with a recent lawsuit claiming that Amazon is using Alexa to target ads at customers. The lawsuit is looking for certification as a class action, and if approved could include several smart speaker customers as plaintiffs.
Cortana is an AI voice command feature that’s suppose to help out users in day-to-day tasks, but there are some contractors that manually review recordings featured in Cortana. The reason why these contractors listen to recordings is to improve the voice services they’re used with, but it has made people uncomfortable.
How Exactly Does Your Phone Listen?
So does your phone listen to you and hear you? Yes and no. There are two ways they make use of audio capturing functions of your mobile phone.
Smartphones do pick up audio in your environment, but it’s not the same as actively listening to your conversations unless you activate a voice assistant. Unless you start your sentences with “Hey, Siri,” “OK, Google,” or “Alexa,” there’s no need to worry that your phone could be spying on specific conversations.
If your conversations don’t have any wake words, the data is only processed within your phone. However, these “non-triggered” data can still be accessed by third-party applications on your phone, like Facebook. It’s up to them whether they’d like to use this data or not.
The Vice Experiment
Apps like Facebook and Instagram can have their own set of triggers, but it isn’t easy to define what they are exactly. VICE did an experiment about this and tested if saying a bunch of phrases like “I’m thinking about going back to uni” and “I need some cheap shirts for work” can be used as triggers.
As a result, overnight, the writer saw Facebook ads about “mid-semester courses at various universities and how certain brands were offering cheap clothing.” Based on their experiment, it seemed that their phone was listening, but there isn’t any more substantial evidence to support this.
The NordVPN Experiment
The NordVPN Experiment involved a few employees that decided to test if phones really listen in on users. Three employees spoke about different things, all of which were unrelated. The test took three days and the results were varied with two not getting specific ads, while one did.
This experiment is not scientific in any way, but it does show that this issue is more nuanced.
Advertisers & Third-Party Data
Advertisers aren’t spying on your specific conversations. Instead, to clue them in on your interests, advertisers are after the audio of TV commercials, movies, and other media you consume.
That, coupled with the information you voluntarily place on your social media accounts, the cookies you accept on websites you visit, and the permission to grant brands, all work together to provide companies with a holistic view of who you are.
Not to say your phone isn’t actively listening to you right now, because it does have that capacity. But at this stage, companies are saying that they don’t use it the wrong way.
How to Stop Brands from Spying on You
Now you know that your phone can pick up sounds, but it’s probably not as malicious as you think. It usually responds to keywords thrown around by yourself or people around you to trigger when it should listen. This could mean activating a voice assistant or granting microphone access. It does not, however, conspiratorially record or listen to all of your conversations and store them in some cloud.
That said, if the idea of your phone actively listening in bothers you, there are ways to ensure that no apps get access to your phone’s listening device:
To stop apps from using your microphone:
- Go to Settings > Privacy > Microphone
- Check which apps have microphone access and remove them as you wish.
To turn off Siri (for iOS 11 and 12):
- Got to Settings > Siri & Search
- Deselect Listen for “Hey Siri,” Press Home for Siri, and Allow Siri When Locked
- A prompt should appear asking if you want to turn off Siri; press Turn Off Siri.
If you’re using iOS 10:
- Got to Settings > General > Siri
- Select Turn Off Siri
To turn off dictation:
- Go to Settings > General > Keyboard
- Deselect Enable Dictation
To stop apps from using your microphone:
- Go to Settings > Privacy > Permissions Manager > Microphone
- Select any app under the ALLOWED column that you want to remove microphone access for.
To stop Google Assistant:
- Go to Settings > Apps & Notifications > Assistant
- Deselect Google Assistant
To stop OK Google on Android:
- Go to Settings > Google
- Scroll to Services and select Account Services
- Select Search, Assistant & Voice > Voice
- Scroll to the Hey Google section, select Voice Match
- Deselect Hey Google
To turn off the Google search app microphone access:
- Go to Settings > Apps & Notifications or Apps > See all apps or Google
- Select Permissions > Microphone > Deny
To stop Google from tracking your computer:
- Open Google Chrome browser
- Click your account avatar > Manage your Google Account
- Select Data & privacy
- Scroll to History settings > Web & App Activity
- Deselect Web & App Activity > Pause
- Go back to the Data & privacy page
- Select Location History
- Deselect Location History > Pause
To stop Microsoft online speech recognition (for Windows 10):
- Go to Settings > Privacy > Speech
- Deselect Online speech recognition
To turn off Mac microphone access:
- Go to Apple menu > System Preferences > Security & Privacy > Privacy
- Select Microphone
- Deselect the checkbox to turn off access for your preferred apps.
That said, these settings are not enough to completely mask your digital footprint. For instance, you should be careful of signing up on any website using your existing social media accounts (such as Facebook), since a typical tradeoff is access to view your public profile info.
It’s Not Just What They Hear
Even if you think you don’t have anything to hide, it’s still important to be mindful of your privacy and data.
While your mobile phones are not actively listening to your conversations, you do leave substantial trails of your identity online, which can explain why those ads are just so spot on. Technology will only get more intelligent, so it’s always a good idea to exercise caution. But in reality, there isn’t much to be afraid of.
Unless you’re dealing with highly sensitive, FBI-level information on a daily basis, the only people who get access to your data are advertisers who use automated tools to run their campaigns more efficiently. It’s just one of the ways for them to know their audience better–and as people have noticed, it works!