[xr4ti]

> Now Playing, has a daily battery usage of less than 1% on average, respects user privacy by running entirely on-device and can passively recognize a wide range of music.

Maybe I am missing something, but this seems to be much less respectful of my privacy than an app that only listens to the ambient sound around me when I explicitly give my consent (by opening/activating the app).

[Ajedi32]

What's your actual privacy concern?

If the whole process happens entirely on-device, then this reveals absolutely no information of any kind to anyone, correct?

[pavel_lishin]

> If the whole process happens entirely on-device

Sure, if. Which I can verify, but I don't want to have to. I don't want to have to verify that a corporation isn't fucking me at every turn.

And it's possible that vulnerability will be discovered that lets people stream the audio somewhere, or listen to key words and send just those portions. I don't know enough about Android to know whether it's more plausible for that to happen, or if that sort of vulnerability would likely grant an attacker access to my mic even without this feature.

I don't think it's unreasonable for me to expect my device to not always be listening to me.

[Ajedi32]

> Sure, if. Which I can verify, but I don't want to have to.

Wouldn't that be a risk even if this feature didn't exist? How do you know your phone isn't currently listening for music/speech and sending that data to the cloud without your knowledge?

> And it's possible that vulnerability will be discovered

Again though, that's already true regardless of whether this feature exists or not. Is there any reason to believe this feature is more likely to have a vulnerability than any other feature on your device? Why would you trust this code less than, for example, the code for your WiFi driver?

[stronglikedan]

> Sure, if. Which I can verify, but I don't want to have to.

The great thing is that you don't have to! There's plenty of other people that are happy to do so and report their findings. The app would be outed as fast as other software that has attempted to send personal data without disclosure (Windows telemetry, Samsung TVs, etc.). I doubt Echo could ever get away with sending everything to Amazon's servers. And if you don't trust that others would do that, then you just don't have to use it, or use alternatives like Shazam.

[cromwellian]

Then don’t turn it on, it prompts you and asks permission to be enabled during setup.

[chadlavi]

In 2018, that is unreasonable. Not philosophically, but pragmatically speaking.

[kosmet]

Anything sensed can be transmitted but not necessarily in its current form. It can be used to train some ml algorithm about you and the parameters can be transferred. Privacy should start at the sensing level.

[Ajedi32]

So you're saying you'd prefer that your phone not have a microphone? Because that's where this information is ultimately coming from. (At the "sensing level".)

[kosmet]

Maybe we need physical switches for the microphone and the camera.

[keytarsolo]

This option has to be explicitly turned on. It's off by default (at least it was on my German Pixel 2).

[pavel_lishin]

It was enabled on my phone - which I discovered at the dentist's office. Now, it's possible that I idly clicked "ok" while setting up my Pixel 2 - it's not out of the realm of possibility - but I'm not very likely to turn that on at all.

Germany has much more stringent privacy regulations than the US does - maybe that's the difference.

[itp]

I've just recently set up a Pixel 2 XL straight from factory a few times over the last couple weeks, all in the US. Every time I had to opt in to the background music detection feature, even in the US.

[pavel_lishin]

I must have toggled it on, then.

[jacksmith21006]

Can verify that in the US it was off by default and I had to turn it on. It is a feature I like and use pretty often.

[CapacitorSet]

Of course their baseline for privacy is not "leaks as little user data as possible", but "does everything on the cloud". Hence it seems to respect user privacy from their point of view.

Not that they have a reasonable point of view, of course.

[yathern]

While I agree with you that "cloud-private" is a new baseline that may not be a great thing - that's a strange point to make, given the text explicitly calls out that it's not doing anything on the cloud. It's all on-device.

[azinman2]

Less than 1% sounds high to me. If everything on the phone used 0.3-7%, it adds up pretty quickly.