24 Oct 2020

Short answer: No, that is not a technically feasible thing to do and no company would take such a big risk of having this large privacy breach for a small return like 'targeted ads'. For the long answer, please read on.

There is a very common conception about our devices listening to us 24/7, reading our chat conversations, and using all these to target relevant ads to us. I can't even remember how many times I have heard the exact same complaint:

I was talking to a friend about this x-product on the phone and suddenly I have been exposed to x-product ads all over the internet! What are the odds?!

In this post, I'll list some arguments that might help people to question the existence of 'big brothers' who listen to us all day.

1. Humans have selective perception. It is surprisingly difficult to be aware of this phenomenon, yet we are under its effect almost all the time.

Have you ever noticed that as soon as you buy a new car you see the same model all over the road? When women get pregnant, suddenly they start seeing other pregnant women everywhere. When couples give birth to their first child, they stop noticing pregnant women and now start seeing babies around every corner.

This is called selective perception. We tend to see the things that reinforce what we believe, or the things we can relate to. The rest we usually disregard.

The 'trigger events' we experience change what we see. Every time we experience a trigger event, a new version of selective perception is created. We begin to notice things that were always there. We just did not ‘see’ them.

taken from Trigger Events and Selective Perception by Craig Elias

This is what happens when we talk to a friend about the x-product. We create a 'trigger' for that x-product so that our attention gets activated (and we get surprised) every time we see it on an ad. We were being shown those x-product ads before too, but we were just scrolling past them, like any other ad. You might disagree with this as "No, the ads are now only containing x-products!". I would not be so sure because the situation is that we are being exposed to around 5,000 ads on a daily basis. Therefore it is very unlikely for most of them to be the same product, where it's much more likely that our perception filters the other products' ads as noise.

2. For the companies, the risk is too high, and the benefit is already there. The current tools used for targeted ads are already quite powerful. If you don't explicitly opt-out, then your Google searches, YouTube history, Facebook profile, and all the other third-party cookies from shopping sites will be stored (anonymously) and used as a source for the ads being shown to you. This existing third-party cookie system is already quite powerful and gives a lot of information about what kind of ads to show you. Why would a company risk committing to such a serious data crime of listening to people, when they already can achieve their goal with the existing tools?

In fact, most of the misconceptions have their roots in third-party cookies as well. If you talk to your friend about x-product, it is quite likely that you also searched it on Google previously, or watched a YouTube video about it. Therefore an advertisement service doesn't have to be listening through your phone to determine that you are interested in x-product. They could just read these from the anonymous tracking tools.

3. From the technical side, it is nearly impossible to do this without being noticed. The amount of recording data a device will produce have a significant size. Even if the recording is of a poor quality (8 kbps), and only done in some part of the day (8h) the resulting data will still be not that small.

(8 KB/seconds) * (8 * 60 * 60 seconds) = 230 MB

This means 230 MBs of data should be cleaned from noise, converted to text, and semantically analyzed every day. None of these tasks are trivial and they all require complex software. This complex software could be either be in our phones or in the servers of the companies, both of which are not feasible.

A company cannot risk placing this kind of malicious tracking code to their own software, given that a simple reverse engineering work could uncover some or all of the operations. For example, TikTok recently had some serious issues about the claims of their app tracking the users and reading their clipboards.

The software also cannot reside in a company server because that would require the transmission of 230 MBs of data from every user to the server to be processed. This is equivalent to everyone uploading a 15-minute HD video every single day. It is impossible to hide this large of a transmission (simply, it will show up in the users' data bills).

I hope at least some of the arguments in this post will make sense to the people who believe they are being listened by the large tech companies. Any of these, however, do not apply to the devices which are specifically designed for listening voice commands all the time, like Google Home and Amazon Alexa. Their high data usage is considered acceptable, and they take the necessary legal consents before performing data processing. Therefore, you can try opting-out from them or choose not to use them completely, if privacy is an issue for you.