Nest put a microphone in its security hub without informing customers

It’s not every day you get a straight up “our bad” from a tech giant.

Google announced in early February that its Nest Guard device — the hub for managing a Nest Secure home security system— would get an over-the-air update to make it compatible with Google Assistant, essentially giving it the abilities of a smart speaker. 

Neat? Handy? Sure. But how this was even possible could be a cause for concern.

It turns out that Google built a microphone into the Nest Guard without disclosing this spec to users. According to a report from Business Insider, the lack of communication about the microphone was, apparently, an oversight. 

“The on-device microphone was never intended to be a secret and should have been listed in the tech specs,” a Google spokesperson told Business Insider. “That was an error on our part.”

What’s the harm in including an accidentally secret microphone? It turns out that the mic has come in handy, with this Google Assistant integration. And the spokesperson told Business Insider that it could also be used for future security capabilities, like detecting breaking glass through sound. 

But thanks to growing awareness about user privacy, and some troubling incidents involving smart speakers, the built-in microphones on home devices have prompted privacy concerns. 

Companies have had to assure users again and again that they are not actively listening to our conversations, with some conflicting reports undermining these assurances. Hackers have proven that smart speakers can be hijacked. And in December 2018, Amazon sent over 1,000 audio recordings of an Alexa user to the wrong person; this displayed both how much audio data the company collects, and how easily this data can fall into the wrong hands, thanks to that pesky thing: human error.

Including a microphone on a Nest device without informing users adds to these misgivings — even if it was an “error.” Customers should have had the informed choice to know whether they were bringing a microphone capable of listening in on the goings on in private spaces into their homes. 

Google says that the microphone is not on unless users enable it as such. But that wouldn’t necessarily stop malicious hackers from hijacking the system.

With the amount of data Google collects on us, what’s another microphone, right? Maybe. But tech companies’ biggest defense about data collection is that it’s all about user choice; customers, they say, have the power to control what data they give to these companies. The inclusion of the microphone was a practical way of making a device more versatile, and potentially more useful, as technology developed. But users should have known. It was an “error” indeed.