Google Nest Mini
Review date: Nov. 9, 2022
"Hey Google!" will become your new favorite greeting. Hey Google, turn on the lights. Hey Google, play Bohemian Rhapsody. Hey Google, what are the symptoms of toe fungus? Hey Google, are you still listening to me? With three built-in microphones, it just could be. This little smart speaker (smart microphone?) is fun and useful...and maybe just a bit creepy?
What could happen if something goes wrong?
“OK, Google.” That’s pretty much exactly how we think Google does when it comes to privacy. They are OK, if you consider the fact that they are a ginormous data collecting advertising company that makes billions of dollars off your personal information. This is the world we live in now, though, and there are other Big Tech companies doing a worse job than Google at protecting and respecting your privacy (looking at you Meta/Facebook). It’s really unfortunate just how low the bar has gotten when it comes to privacy these days.
That said, you should be aware Google is a huge ad company that needs lots and lots of your data to sell ads. What sorts of data does Google collect on you? Well, there are those voice recordings when you go, “Hey Google, what are the symptoms of the latest coronavirus variant?” And while Google promises that your voice recordings won’t be used to send you personalized ads, they do say the transcripts of your voice interactions with your Google smart speaker may. Google also collects things like your location, information about things near your devices like wi-fi access points and bluetooth enabled devices, people you communicate with, purchase activity, voice and audio information, your favorite songs on Spotify, what things you search for, what things you ask Google, when you turn your lights on if you have smart lights, when you use it to run your robot vacuum, and so much more.
Of course, Google uses your personal information to sell those targeted, personalized ads you see all over the place like in your Gmail, in your favorite Solitaire app, on partner websites, and on YouTube. Yup, the ads are everywhere. Although, Google does say they won’t use things like your sexual orientation, race and health to show you ads…although we just have to trust them on that. I’m sure we’ve all seems ads based on sensitive things about us that felt pretty creepy. And Google says they won’t use content from your Google Drive, Email, or Photos to personalize ads. We sure hope not.
We do like that people who use Google’s AI voice assistant are now automatically opted out of Google's human review of voice recordings, because that was super creepy. We also like that Google does try to communicate with users how they collect and use data in their Safety Center. Google does collect a ton of data on you, especially if you don't take the time to adjust your privacy settings to lock down just how much info they can gather. You should absolutely take the time to adjust these privacy settings. Just beware, you will get notifications that some things might not work right if you change settings. That’s annoying, and probably worth it for a little more privacy.
As for Google’s track record at protecting and respecting your privacy, well, it’s a mixed bag. Google does pretty good at the security side of protecting all that heaps of data they collect on your. It is their money making business asset, after all. Unfortunately, Google also has a spotty track record at respecting privacy, as seen in the multitude of fines and lawsuits that have been thrown at them all around the world for violating privacy laws and protections. South Korea fined Google (and Meta) millions of dollars recently for privacy violations. So did France and Spain. And in the US, Google has faced a host of lawsuits and settlements from Texas, California, DC, Illinois, Arizona, the Federal Trade Commission, and more. All this makes it pretty hard to trust what a company says they do with that massive amount of personal information they collect on you.
What’s the worst that could happen? Well, If you don't take the time to lock down all your privacy settings, it's possible Google can get to know you really well, maybe too well. Maybe they recognize you from all the times you ordered plain cheese pizza. They know you are single because who orders plain cheese pizza? Just kidding, they know you're single because of all those pedicure appointments you've booked for one. Maybe it's OK Google knows you so well? Maybe it's creepy. (OK, we think it’s pretty creepy). What’s even creepier these days is the possibility that your Google searches and location information and more could potentially be used to harass, arrest, and even prosecute people in the United States seeking reproductive health care. That’s not just creepy, that’s downright harmful.
Tips to protect yourself
- Visit privacy controls to adjust the amount of data collected
- Delete your historical data from time to time. You can do this by saying, “Hey Google, delete this week’s activity.” or "Hey Google, that wasn't for you" to delete the last thing you said
- Turn off personalised advertisement
- Review Nest privacy tips: https://support.google.com/googlenest/answer/9247517
- When starting a sign-up, do not agree to tracking of your data.
- Do not sign up with third-party accounts. Better just log in with email and strong password.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
- Keep your app regularly updated
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization).
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
Can it snoop on me?
What can be used to sign up?
What data does the company collect?
Name, email, phone number, address
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
Google received plenty of fines from European, American, and Korean authorities in the last few years. The biggest was the $170M fine from New York Attorney General for mishandling the children consent. The other cases include the fine of $100M for violating the Biometric Information Privacy Act in Illinois, $71.8M fine for mishandling consent in South Korea, $57M fine for violating GDPR in France, as well as other fines from local Data Protection Authorities in Ireland, Italy, Spain.
In 2022 Google agreed to a nearly $392 million dollar legal settlement with 40 US states "for charges that it misled users into thinking they had turned off location tracking in their account settings even as the company continued collecting that information".
In August 2019, the company admitted that partners who work to analyze voice snippets from the Assistant leaked the voice snippets of some Dutch users. More than 1,000 private conversations were sent to a Belgian news outlet, some of the messages reportedly revealed sensitive information such as medical conditions and customer addresses.
In December 2018, a bug exposed exposed the data of 52.5 million Google+ users.
Nest Security Bulletin contains details of security vulnerabilities that previously affected Google Nest's devices.
Child Privacy Information
Can this product be used offline?
User-friendly privacy information?
Google provides a page with privacy information about Nest.
Links to privacy information
Does this product meet our Minimum Security Standards?
Uses encryption in transit and at rest.
Google has a Security Rewards program.
Google publishes academic papers about its AI research (https://ai.google/) and makes several tools available via open source. https://ai.google/tools/
Is this AI untrustworthy?
What kind of decisions does the AI make about you or for you?
Google uses natural language processing to understand you and to generate answers to your requests.
Is the company transparent about how the AI works?
Does the user have control over the AI features?
7 Google Assistant settings you should disable or adjustDigital Trends
Google Finally Lets You Turn off Targeted Ads Without Breaking Its AppsGizmodo
All the Ways Google Is Coming Under Fire Over Privacy: QuickTakeBloomberg
Google Agrees to $392 Million Privacy Settlement With 40 StatesThe New York Times
Google settles lawsuit with Illinois residents for $100M after photo app privacy concernsUSA Today
Google, Meta fined $71.8M for violating privacy law in South KoreaTechCrunch
France fines Google $57 million for European privacy rule breachReuters
Google Is Fined $170 Million for Violating Children’s Privacy on YouTubeThe New York Times
Google and YouTube Will Pay Record $170 Million for Alleged Violations of Children’s Privacy LawFederal Trade Commission
Data privacy alert: Spanish DPA fines Google €10 millionSC Media
Texas Sues Google for Collecting Biometric Data Without ConsentThe New York Times
Google Data Breaches: Full Timeline Through 2022Firewall Times
Alexa records you more often than you thinkVox
Lawsuit claims Google knew its ‘Incognito mode’ doesn't protect users’ privacyThe Washington Post
Google promises improved privacy and five-years of updates for Nest devicesEngadget
Google is sending a complicated privacy email to everyone — here’s what it meansThe Verge
How to Use Google Privacy SettingsConsumer Reports
Is your Google Home or Nest secure? How to find and delete your private dataCNET
Thousands of Mobile Apps Leak Data from Firebase DatabasesIonut Arghire
How to keep the smart speaker you got for the holidays and still keep some of your privacy, tooVox
Got a comment? Let us hear it.