Google’s Duplex, which calls businesses on your behalf and imitates a real human, ums and ahs included, has sparked a bit of controversy among privacy advocates. Doesn’t Google recording a person’s voice and sending it to a data center for analysis violate two-party consent law, which requires everyone in a conversation to agree to being recorded? The answer isn’t immediately clear, and Google’s silence isn’t helping.
Let’s take California’s law as the example, since that’s the state where Google is based and where it used the system. Penal Code section 632 forbids recording any “confidential communication” (defined more or less as any non-public conversation) without the consent of all parties. (The Reporters Committee for the Freedom of the Press has a good state-by-state guide to these laws.)
Google has provided very little in the way of details about how Duplex actually works, so attempting to answer this question involves a certain amount of informed speculation.
To begin with I’m going to consider all phone calls as “confidential” for the purposes of the law. What constitutes a reasonable expectation of privacy is far from settled, and some will have it that there isn’t such an expectation when making an appointment with a salon. But what about a doctor’s office, or if you need to give personal details over the phone? Though some edge cases may qualify as public, it’s simpler and safer (for us and for Google) to treat all phone conversations as confidential.
As a second assumption, it seems clear that, like most Google services, Duplex’s work takes place in a data center somewhere, not locally on your device. So fundamentally there is a requirement in the system that the other party’s audio will be recorded and sent in some form to that data center for processing, at which point a response is formulated and spoken.
On its face it sounds bad for Google. There’s no way the system is getting consent from whomever picks up the phone. That would spoil the whole interaction — “This call is being conducted by a Google system using speech recognition and synthesis; your voice will be analyzed at Google data centers. Press 1 or say ‘I consent’ to consent.” I would have hung up after about two words. The whole idea is to mask the fact that it’s an AI system at all, so getting consent that way won’t work.
But there’s wiggle room as far as the consent requirement in how the audio is recorded, transmitted and stored. After all, there are systems out there that may have to temporarily store a recording of a person’s voice without their consent — think of a VoIP call that caches audio for a fraction of a second in case of packet loss. There’s even a specific cutout in the law for hearing aids, which if you think about it do in fact do “record” private conversations. Temporary copies produced as part of a legal, beneficial service aren’t the target of this law.
This is partly because the law is about preventing eavesdropping and wiretapping, not preventing any recorded representation of conversation whatsoever that isn’t explicitly authorized. Legislative intent is important.
“There’s a little legal uncertainty there, in the sense of what degree of permanence is required to constitute eavesdropping,” said Mason Kortz, of Harvard’s Berkman Klein Center for Internet & Society. “The big question is what is being sent to the data center and how is it being retained. If it’s retained in the condition that the original conversation is understandable, that’s a violation.”
For instance, Google could conceivably keep a recording of the call, perhaps for AI training purposes, perhaps for quality assurance, perhaps for users’ own records (in case of time slot dispute at the salon, for example). They do retain other data along these lines.
But it would be foolish. Google has an army of lawyers, and consent would have been one of the first things they tackled in the deployment of Duplex. For the onstage demos it would be simple enough to collect proactive consent from the businesses they were going to contact. But for actual use by consumers the system needs to engineered with the law in mind.
What would a functioning but legal Duplex look like? The conversation would likely have to be deconstructed and permanently discarded immediately after intake, the way audio is cached in a device like a hearing aid or a service like digital voice transmission.
A closer example of this is Amazon, which might have found itself in violation of COPPA, a law protecting children’s data, whenever a kid asked an Echo to play a Raffi song or do long division. The FTC decided that as long as Amazon and companies in that position immediately turn the data into text and then delete it afterwards, no harm and, therefore, no violation. That’s not an exact analogue to Google’s system, but it is nonetheless instructive.
“It may be possible with careful design to extract the features you need without keeping the original, in a way where it’s mathematically impossible to recreate the recording,” Kortz said.
If that process is verifiable and there’s no possibility of eavesdropping — no chance any Google employee, law enforcement officer or hacker could get into the system and intercept or collect that data — then potentially Duplex could be deemed benign, transitory recording in the eye of the law.
That assumes a lot, though. Frustratingly, Google could clear this up with a sentence or two. It’s suspicious that the company didn’t address this obvious question with even a single phrase, like Sundar Pichai adding during the presentation that “yes, we are compliant with recording consent laws.” Instead of people wondering if, they’d be wondering how. And of course we’d all still be wondering why.
We’ve reached out to Google multiple times on various aspects of this story, but for a company with such talkative products, they sure clammed up fast.