How Secure Is Google’s ‘Ok Google’ Listening Feature?


Wordplay with 'Ok Google' screenshot that says 'Not Okay Google'.

The ‘Ok Google’ feature is a voice activation phrase for Google’s voice-based services. Once a user says the phrase, the device activates the voice search or any other services that use voice control and send whatever voice data that is recorded. How secure is that? Does Google listen to any audio that is said before the ‘Ok Google’ part?

How ‘Ok Google’ works?

In order for Google to detect when the user utters the phrase ‘Ok Google’ there needs to be a constant or a periodic state of recording and processing done to validate it. This is done by an ‘always on’ software or hardware technology.

Some mobile processors have an active tiny core allocated to an ‘always on’ state that uses a little of the battery. For the models that lack this hardware support, the passive listening is done when the device is awake (i.e. when you unlock it or use it).

So yeah! Whatever you speak with your device next to you is recorded all the time. But as Google claims, the data is not sent to their servers every time you speak. One way to verify this is to check your data when the device is passively listening. That would make sense of course, as it wouldn’t be efficient, not to mention that it is illegal for the company to do so.

But once the user utters ‘Ok Google’ or something that’s similar to it, whatever is recorded after that is sent to the Google servers for further processing. This is how the ‘Ok Google’ feature works. But here comes the privacy and safety concerns.

‘Ok Google’ is not so okay with user privacy

Problem 1 – Anything close to the phrase ‘Ok Google’ can initiate an active recording

A major flaw in this feature is that, the voice recognition itself is not perfect all the time. No matter how much they are trained, there are millions of people with different accents and unique timbre. If someone around you or even you utter a phrase something similar to ‘Ok Google’ — like one time my friend intentionally activated his Google voice search by saying ‘Ok Gokul’ — it would start recording and sending whatever things you speak after that.

Problem 2 – All the ‘Ok Google’ recordings might be retained by Google (apart from your history)

Even your ‘Ok Google’ searches are recorded in your account history. If this is a shocker, you can even listen to it here. When you play a few of those recordings, you might notice that some of the recordings have spoken words even before you have said the activation phrase. This is not acceptable for anyone!

Ok Google may be a useful and an accessible feature, but it’s not recommended if you care about your privacy.

This post was first published on February 4, 2014.


Karthikeyan KC

Aeronautical engineer, dev, science fiction author, gamer, and an explorer. I am the creator of Geekswipe. I love writing about physics and astronomy. I am now creating Swyde.

Leave a Reply

Your email address will not be published. Required fields are marked *

3 Responses

  1. Avatar Rick Mahoney

    This is the problem with closed source features. Google has the choice and resources to deploy an offline voice-processing app. But they are wary of risking their proprietary algorithm by letting it out in the open. If Google cannot trust the users, why should users trust them?

    • Any software company in the market for profit will want to protect their IP man. Google ain’t a charity house!

  2. What other phrases sound like ‘Okay Google’?