Google has been working on this since November last year going by the wayback archive of the support page for this feature.
I'm not seeing any indication that Gemini can read your messages, though. You can compose messages and start calls, but I can't get it to read me any of my messages. In fact, I can't even get it to send messages to group chats, only to individual contacts.
The feature makes a lot of sense, of course. WhatsApp is to many countries across the globe what texting and calling is to Americans. If your smart assistant can't even interact with WhatsApp, it's basically useless for many people.
What Gemini can’t do with WhatsApp
Read or summarize your messages
Add or read images, gifs, or memes in your messages
Add or play audio or videos in your messages
Read or respond to WhatsApp notifications
If you connected Google Assistant to WhatsApp, it seems like data may flow that direction, but then you've already hooked WhatsApp into Google before so I don't think anyone will be surprised there.
Does anyone know how I can make Gemini read messages? I can't even find the assistant settings necessary for that stuff to function.
Exactly and only what any other random app on the phone could do
with WhatsApp, assuming that you have enabled that in exactly the
way you would have to enable any other random app to do it.
Google needs to not be abusing its position as the source of the OS to give its software special privilege to reach inside of third-party apps.
The line is blurry. Google is positioning Gemini not just as an app, but as a OS level feature. The OS can by definition reach into any third-app app to do anything it wants. I'll give some more examples of OS-level features in case it's not clear: copy/paste is an OS-level feature and it is designed to extract arbitrary text or content from third party apps (copy) and insert them into third party apps (paste); screenshotting is an OS-level feature and it is designed to capture the visible views of any third party app with the only exception being DRM content.
Apple Intelligence has similar marketing. In last year's WWDC, there was the whole "Siri, when is my mom's flight landing?" segment (see https://developer.apple.com/videos/play/wwdc2024/101/ at 1h22m) that didn't generate any controversy. So for some reason people think Siri should rightfully be an OS-level feature but Gemini should not. Got it. I guess Apple's PR is just that much better than Google's.
“Microsoft argued that the merging of Windows and IE was the result of innovation and competition, that the two were now the same product and inextricably linked, and that consumers were receiving the benefits of IE for free.”
“Apple has further argued that it requires iOS apps to use its storefront to "ensure that iOS apps meet Apple's high standards for privacy, security, content, and quality" and avoid exposing iOS users to risks from alternative storefronts.”
In both cases justice departments (the ones who draw those lines) disagreed with those claims.
So if Google is to learn from others’ past mistakes, it ought to be able to leverage Gemini as long as the user can easily and fully swap out Gemini for an alternative. That was the problem regulators had with IE and the App Store.
The fact that Google would find it to be convenient for the line to be blurry doesn't mean that anybody looking at it in good faith sees the line as blurry.
At first I thought the fact the advertising-and-tracking company needed access to their competitor's encrypted messenger was related to the tracking that is their core business model.
But it's unfair to assume bad faith like that.
Perhaps they merely need access to the encrypted messages in order to provide a better user experience, by serving more relevant and better personalised adverts?
I'm not going to argue there's any bar too low for Google to not clear, but also, it really is possible that it's just for the stupid AI feature they say it is. Just because it's something Google could feasibly do doesn't mean they will. I'm very confident they have never used Google Public DNS for advertising or tracking.
It's one thing to treat funneling data "to the cloud" with suspicion out of principle, but personally I think it's counterproductive to go a step further and just assume everything is always being maximally abused. The fact that it could be is an issue, but that doesn't mean it is.
Google is an advertising company. Apple is a consumer hardware company. Who would you trust more with your data? It’s that simple (irrespective of the ground truth, simply referring to the optics of it).
What percentage of revenue do ads and hardware contribute to the bottom line in Apple and Google? That answer will tell you more about leadership incentives than just hand-waving away the discussion based on the fact that big tech companies tend to dip their toes in a lot of pools.
All of you have joined an argument that is completely fictional. I am amazed that someone can still fall for “Apple is a hardware company” bait.
Both Google and Apple control enormous number of devices, the data on them (or data collected by them), their software, and their users. They make money by selling you tiny bit of access to that, directly or indirectly. End of story. Should I remind you how much being special to privacy restrictions costs Facebook?
I definitely had to tweak the settings a lot for the battery to not get warm on my Pixel. But after a week I managed and battery life is better than with comparable phones since the background bloat isn't there on Graphene.
So far there was a solution for everything, I don't do online banking on the phone though.
I wonder if LineageOS might solve this problem already though, /e/os probably would as well
> I definitely had to tweak the settings a lot for the battery to not get warm on my Pixel. But after a week I managed and battery life is better than with comparable phones since the background bloat isn't there on Graphene.
I am sure a detailed writeup will be very appreciated if you bother and manage.
Yes, I have an older phone running LineageOS for that matter.
But those are typically community efforts, so software support is not certain. It sucks when so many things just expect you to have a working cell phone.
Punkt has a phonen using a fork of grapheneos out of switzerland with some cloud services like VPN attached to make it a completely degoogled 'secure phone', called ApostrophyOS
What company will jump in the competition meat grinder between Google and Apple. Maybe if it’s state-sponsored. I don’t know how much HarmonyOS/Huawei are state-sponsored so I can’t claim there are.
How do you deal with things such as mobile banking? So many services just presume you use either an Android or IOS.
At some point I thought I really needed Android Auto, but I can probably just get a MStick only for that. There are other things that keep me jailed to Android though.
Making OS level features depend on an external cloud service is a rather dubious proposition in general. It feels a bit anti-competitive to me, if nothing else.
> Google is positioning Gemini not just as an app, but as a OS level feature.
That doesn't make it any better or more acceptable. If anything, it makes it much, much worse. I absolutely don't want any LLM to have OS level access to my data, period.
Well, really the line was crossed when Google Play Services got special privileges (and third party app developers were encouraged to call on Google Play Services as the only practical way to do various things, some of which maybe should have been part of the OS). And the "assistant" crap, and whatever else.
... and GraphenOS isn't exactly a fork, but it's plugging away, fighting the good fight, doing things like making Google Play Services both optional and a lot less privileged on the phone than it thinks it is.
Devils advocate: Google Play Services was the right solution to all the clamoring about Android fragmentation and OEMs abandoning devices by not providing upgrades.
I agree that Google Play Services was the right solution to fragmentation. I also agree that having forks like GrapheneOS was the right solution for a subset of people who like to de-Google themselves.
Definitely helped with that and also absolutely frustrating that it is so abusable to keep folks out of the Android garden.
Undeniable that Android updates are so much better than in the past, and it's far easier to keep your Android app using modern APIs than your iOS app, because most of those APIs are libraries with full backwards compatibility going back many years.
Unfortunately the situation on Android is that other apps cannot do anything with WhatsApp, and there's fuck all you can do about it as a user.
I shouldn't need Google special-casing Gemini to allow LLMs to interact with my messages. I should be able to wire up Tasker to WhatsApp on one end, and to OpenAI or Anthropic models of my choice via API calls on the other end. Alas, Android is basically like iPhone now, just with more faux choice of vendors and less quality control.
Users always have a way to compromise their own security, and short of taking away their freedom completely (e.g. putting them in a mental hospital) that's not possible to fix.
Sacrificing human freedom in the name of security is a long, dark, and well-trodden path that I don't think we ought to venture down any further.
> Google needs to not be abusing its position as the source of the OS to give its software special privilege to reach inside of third-party apps.
There are some extremely useful features that you can implement with AI, but currently only at the OS level, not with normal app permissions-- namely live translation of audio streams that belong to another app (calls, video playback, etc.).
But I suppose you're still right; it would still be better if Android had an API for sharing app audio streams like this.
Even given all of the historical abuses of Google on Android you still believe an app permission is acting in good faith when Google has hooks elsewhere into the OS?
Google has already been successfully sued this year in CA for siphoning off data from phones that are idle and the remainder of states is in process [0].
That lawsuit was for using metered cell data not for "siphoning off data." You can look at the Android source code and verify that the Gemini app cannot bypass the permission system. This is unlike iOS, where Apple apps get special access.
"Google's own documentation"... uh oh, first time?!
The first archived version of this page containing the "can't do" list was published Nov 2024. The email is about a change "making it easier" to be rolled out July 2025 so I would not bet someone else's money on this page being up to date. We'll find out I guess.
> The Gemini mobile app may support some of these actions with help from Google Assistant or the Utilities app, even with WhatsApp disabled in Gemini. Learn more about Google Assistant features in your Gemini mobile app and actions supported by the Utilities app.
People have been clowning on Apple for being behind on the AI stuff and -- while I'd never defend how they promised a bunch of features in 2024, showed them in ads, and sold iPhones based on vaporware, but still haven't shipped most of the features -- I will say, I imagine a lot of the hold-up is because they realized how dangerous it is to start trusting AI with the sensitive data on your phone. It's probably not too hard to make it work most of the time, but even if there's a 0.0001% chance the AI will send a sensitive image meant for your wife to your boss, you should probably reconsider shipping.
I don't believe Google has the tact to care as long as they look like a market competitor in something.
> -- I will say, I imagine a lot of the hold-up is because they realized how dangerous it is to start trusting AI with the sensitive data on your phone.
It was probably Apple being incompetent with their AI approach rather than being careful
Precisely. Its incredible that people think Apple is playing 4D chess with AI, when in reality the simplest answer is the most plausible - Apple has no clue wth to do with AI. Their own assistant - Siri - has been in shambles for close to a decade.
Structurally Apple is in a disadvantage, in the AI race. And no amount of waiting, or polish is going to help them - unless they partner with OpenAI, Anthropic or Google.
Not to defend Apple - A lot of attempts of integrating AI are shot in the dark that lilely make no sense.
However, Apple did have a use case that would be an obvious improvement. The very thing LLMs excel at is at processing and generating natural language. Improving Siri with LLM capabilities was the obvious move, especially at a time where LLM providers are willing to burn cash to reach a wider use base. It speaks volumes of a company that is just rent seeking their position in the smartphone market at this point.
That doesn’t provide any nontrivial insights—yes, Siri is built on keyword detection, but it’s also much older. But why are they having such a hard time creating an LLM-based Siri 2.0? Still no clue.
Perhaps cost reason? Unlike Google, Apple mostly rent their servers from the big cloud providers. Rolling this out to all Apple devices must be very expensive.
> but even if there's a 0.0001% chance the AI will send a sensitive image meant for your wife to your boss, you should probably reconsider shipping.
That's too low of a probability for Apple to care. The probability that YOU would do it yourself by some random series of accidents is probably orders of magnitude higher than that.
Do you really think you're going to send 1,000,000 nudes to your wife without accidentally sending one to the wrong person!?
> Do you really think you're going to send 1,000,000 nudes to your wife without accidentally sending one to the wrong person!?
That seems like the wrong way to spin this hypothetical probability.
A quick search says there are 1.38B iPhone users worldwide. According to[0], 87.8% of 18+ year olds have sexted, so let's estimate that to mean 1.21B users. Even if we assume users only ever send one nude, that means 1,210 gaffes if you assume one in a million.
It's the other way around. The probability is so low that it is incredibly unlikely to happen to any given individual. You would have to be paranoid to worry about it. On the other hand the probability is so high that, when considering the size of Apple's user base, such incidents would happen regularly.
If true, that's pathetic on Apple's part. The unreliability of LLMs was maybe the biggest topic in the entire tech industry around that time. To be ignorant of that basic fact would be an incredibly bad look.
I have no insider knowledge but to me on the outside it looks like the same old panicky hype-chasing we've all seen in other contexts. Some executives kept reading and hearing about AI AI AI!, and were terrified of being left behind. The many voices of reason within the company pointing out the correct risks and tradeoffs to consider were ignored while the over-confident voices blustered their way onto the roadmap.
The whole situation with Gemini Apps Activity setting is so frustrating. Even if I pay for Gemini Pro, the only way to make sure there will be no human looking at your chats is to set Apps Activity to off, which means you don't have any history for Gemini chats, even for the messages from a minute ago.
Wouldn't a blank homepage be exactly what you expect if you had no tracking enabled? The algorithm that generates the homepage is probably totally stunted with only empty logs to draw on.
You could make a list of demographic fitted choices based on info on the user.
One wonders if you couldn't whip up something that would whip up a list of choices by operating locally only on the users history returning just a list of things to show on the page and forgetting it when the user closed the tab.
Most users won't understand how that works. As far as they're concerned "youtube watches what I do", and any explanations about how the algorithm runs locally but google can still see what you watch if they look at IP logs will be far beyond a typical users desire to understand.
Honestly having occasionally glimpsed the logged out YouTube page which appears to do this... I'm glad that I don't have to deal with that either.
As for what they should do, I think populating the homepage from the subscriptions list (either literally as an ordered list or by some algorithmic "watch time vs average watch time for this creator", I don't care) would be preferable.
It's not a punishment; it's entirely transactional. You make yourself less valuable to advertisers so you also make yourself less valuable to Google. Therefore Google provides you with fewer features such as a blank homepage.
The era of Google providing costly features to users with no benefit to itself is coming to an end.
Thanks for the suggestion!
I actually see that
Business Standard Google Workspace (for 1 user) that includes Gemini Access costs less than Gemini Pro subscription for an individual. I will give it a go.
But note that Gemini via Workspace doesn’t have all the features of Gemini Pro, and it is notoriously behind regular Gemini in terms of feature adoption. So far, there’s no access to Gemini CLI (paid separately) and no way to selectively delete chats, for instance.
These big tech companies are so frustrating. Why does every single aspect of our digital lives need to be monitored? It’s like whack a mole trying to get the most basic of privacy.
Pretty great for a chat app used by a few billion people, a few $billion is enough to keep things running for many decades. e.g. banks do exactly this, with much more critical and complicated infra.
Even for software practice has shown few are actually willing to pay hundreds to thousands for a lifetime license. And you still need to purchase service packs, etc
As we have all learned, ad and subscription models aren't mutually exclusive. You can still get ads while paying for a subscription.
In fact, I don't believe the ad model would have gone away if everyone started paying for a subscription. The bottom tier would still be filled with ads.
Ideally, the market would solve this. The companies that are pushing annoying would lose customers to the companies that don't. But since we don't live in a ideal world, I honestly think regulations would be the only way. Something like "If a customer pays for subscription in any way, you can't show ads" - and then let the companies put a realistic price to their subscription tiers, which makes it worthwhile for them.
They are cheaper until they aren’t. The neat thing about a plan that removes all ads is that you can just add the ads again later and introduce yet another, even more expensive plan that removes the ads again. Such fun! Much profit!
Right, I left out the donation model because less than 1% of users ever actually donate anything. It's hardly worth even considering for vast majority of businesses.
It's totally possible to have the ad model without all the spying. It's just that marketers don't want that to be an option. They're all in on spying on us.
people didn't vote for shit, if they could vote they'd vote for no ads and no cost. companies like google destroyed this option on purpose. there is no reason why the vast majority of apps and services online can't be both free and ad free. if i look for tetris on the app store it's literally impossible to find a version that's both ad free and free of purchases despite the fact that i know there's at minimum 100 options that fit this criteria. google/apple just buries them and deliberately doesnt allow filtering to find them
>there is no reason why the vast majority of apps and services online can't be both free and ad free
You can give away software, but running a service costs money. P2p messaging can be free (and signal exists), but nothing like free and adless YouTube or Facebook is going to happen regardless whether google or meta do anything to prevent it.
The Saudis would love to have a platform as popular as YouTube for their image washing purposes, no matter if it costs them a cool $billion or two per year to keep it ad-free. They don't do it because they'd rather not antagonize Google, a company wielding global power, otherwise they'd love to.
there are tons of free mastadon servers that cost nothing to end users and perfectly capture the functionality of twitter/facebook/whatever. yes there is root cost at its core, but its distributed across people who volunteer to pay for it on smaller scales becasue they enjoy running those services.
agreed its trickier when its gets to stuff like youtube, but piracy being free and widely spread is an example of how its possible, just not well developed right now
there's also options where it's pay-as-you-go with stuff like bitcoin (e.g. i pay $0.01 to watch a video) where it's effectively free but on large scale does cover the costs of infra
As much as I despise ads, this is a pretty delusional take. Mastodon was only possible because of the hard work of open source contributors with day jobs that feed them. Running and accessing these instances requires all sorts of costly infrastructure that doesn’t materialise out of the blue. And finally, there may be a handful of geeks that enjoy paying for hosting, but that only works as long as it’s a niche community. Introduce 2 billion users, and it becomes just plain impossible.
And as you cite piracy as an alternative: that’s not "free" as in software, that’s "free" as in freeloading. Someone else is paying for it, just not you. That might work to fulfil your own needs, but it’s not a viable solution for business models.
I have no idea how in the world you think that could ever work in a general sense.
Things require labor. Labor costs money. Ergo, people giving you stuff require money, somehow. A tetris clone requires so little labour, that a well-off person with too much time (ergo labor) on their hands can give you that for free, but that's not scalable for 99% of important stuff.
Because capitalism, they also require more money, YoY, than last year, meaning they can't just make a steady stream of profit. They need more profit every year.
You can pay for Google services. But even if you pay for Google One or YouTube premium, I'm sure that Google will still track your behavior and mine your data. Why would a company not "double-dip"?
My favorite example of this is the thoroughly craven New York Times which puts content behind a paywall and loads it with awful ads aimed at people who’ve proven they are made of money.
Contrast that certain TV dayparts saturated with subprime ads promoting Medicare scams and other offerings for people who can’t spend their own money on things except for an occasional ad for a car dealer because if people weren’t driving you’d have much less reason to call a personal injury lawyer.
Ad free tiers for Netflix and whatnot have the problem that people who won’t pay for ad free aren’t really worth advertising to.
> My favorite example of this is the thoroughly craven New York Times which puts content behind a paywall and loads it with awful ads aimed at people who’ve proven they are made of money.
It's almost as if you don't remember the good old days when the NY Times sold you a physical newspaper...that was (and still is) stuffed with ads.
I do. And I remember exposes of the media business circa the 1970s that point out the synergistic relationship between subscriptions and ads, such as Ben Bagdikian pointing out that subscription revenue subsidized ads in daily papers or the fact that magazines like Vogue received much more revenue from advertising than subscriptions but wouldn't be viable if they were free because paying for a subscription qualified you as a consumer.
Lately the folks at my gas station have hit me up for a conversation whenever I was looking at newspapers, usually it is about how shocking it is how little paper you get in local papers for $2.50 or more. There are the funnies and the DBA listings and front-page articles about some chain store that isn't in our town going out of business. They don't bother to send reporters to public meetings like they did 25 years ago, and if there is a local election you might have to wait 36 hours after the results are posted by the board of elections. (Used to be a reason why I bought a paper)
Contrast that to the N.Y. Times which costs $6 or so but is a beast in terms of size (small print too!) although I'd say a lot of the content is vacuous.
The personalization economy is pernicious because you have no idea what other people are being exposed to.
On the computer attached to my stereo YouTube offers recommendations for music videos from the likes of the Super Furry Animals [1], Kanye West [2], Brothers Johnson and such. Nice stuff, with solid support that I like it, never challenging, unlike the recommendations from my Plex server.
On another computer YouTube shows me videos about stereo equipment, sometimes video game music [3], and also of the genre "Why X sucks" where X could be private equity, "the economy", a movie studio, a video game studio, a fast food restaurant, a clothing brand, etc. I wonder why public sentiment about the economy is so bad despite inflation and unemployment numbers that aren't so bad and think, "How many people are watching these videos?"
Other people get nothing but blackpill incel hell.
Ben Bagdikian wrote a book The Information Machines in 1970 about how personalized news would be possible by 1980 that was quite prophetic and was influential to me when I found it almost 20 years ago. Only recently did I find The Effete Conspiracy, his next book, where he reveals how angry and bitter he was that the work that the media industry sponsored him to do for the RAND corporation was roundly rejected by media owners uninterested in investing in the future and introduced the true but unpopular model that newspapers have a left-wing bias because reporters are left-wing and a right-wing bias because the owners are right-wing.
[1] I get accused of being a furry but I'm not, really
You can pay not Google for services too. Most people don't, though. If ALL people that used free stuff (like gmail) suddenly started paying an appropriate amount to competitors, the problems may solve themselves. But people don't do that, because they're cheap or care more about their money than their data/privacy.
Now, all this is of course an inevitable consequence of capitalism, but that's not a conversation anyone herre seems ready for.
We are paying for phones but we are still the product. Google Facebook etc were explicitly created to monetize privacy. What I search for is monetized. Who I know is monetized. Private companies will monetize what we perceive as public goods to our detriment.
It's become so terrible that I've given up on trying to secure Android anymore because it's become essentially impossible. This is the primary reason why my current smartphone is my last smartphone.
Because that way they can build profiles of you and use them to manipulate you into buying junk you don't need. That, in turn, makes the line go up and the share holders happy.
So that when you see all that stuff you can't afford on the neighbor/coworker or your friend's place, you can be envious, so their spending was worth it.
Same with all those car and watch ads in magazines. It's not like regular people are constantly looking to buy a new car. But the brand must be etched into brains. Your neighbor must be reasonably convinced that people around him are on the same page regarding the prestige of a certain brand, else it's not worth spending on. So even if you can't afford whatever car model, the fact that you're aware that it's prestigious is already worth it.
This is somewhat weaker in personalized online ads because your neighbor can't know what ads you saw. Billboards and super bowl ads a much better for establishing common knowledge, but perhaps that's why influencer-based marketing is gaining ground. All followers know that all followers saw the embedded ad. Maybe they should introduce ads where it says "Your friend Joe Schmo watched the following ad:"
This might hold water in 1980 when neighbors talked to each other and coworkers often worked in the same building and didn't wear Bluetooth earbuds, but I don't know so much about now.
I largely get ads for things I already have bought. Otherwise, it's really general demographic stuff that doesn't strike a chord.
I assume it's because I don't really browse for buyables unless I have the intent of buying something immediately. On a personal level, I fail entirely to understand the value proposition in web advertising.
Get with the times, grandpa. Thanks to the wonders of buy-now-pay-later services, we don't have to worry about that anymore, just stop thinking and consume!
I wonder how much of this is actual advertising working (proven by independent A/B testing) and how much of it is big tech bullshitting their shareholders and customers. Even Veritasium had a video ~10 years ago, describing Facebook's way of reducing view counts to coerce advertisers to pay higher.
Don't act like your opinion is the only one that matters. You may not, but other people do care about their privacy.
"Here's the thing: Google promises that under normal circumstances, Gemini cannot read or summarize your WhatsApp messages. But, and this is a big but, with the "help" of the Google Assistant or the Utilities app, it may view your messages (including images), read and respond to your WhatsApp notifications, and more."
Doesn't matter what your opinion is on privacy, google doesn't give you the option to opt out.
- "regardless of whether your Gemini Apps Activity is on or off."
The article claims Gemini can read your messages but Google denies that. From Google's own documentation:
> What Gemini can’t do with WhatsApp
> Read or summarize your messages
> Add or read images, gifs, or memes in your messages
> Add or play audio or videos in your messages
> Read or respond to WhatsApp notifications
Of course, it's possible neowin says Google is lying, but they'll need to come up with something better than "maybe something may happen in the future" if they're going to make these claims.
It seems like OP (bix6) is the one who needs to be lectured that their opinion isn't the only one that matters, not me. My point is that different people have different opinions. Just because someone thinks an app violates their privacy doesn't mean they get to unilaterally decide the app shouldn't exist.
If someone is concerned with their privacy by this feature, then they can just not use it. If someone is concerned that someone else might use this feature on private communications they had with the user, then that person misunderstands privacy and needs to realize that once they communicate their remarks to some other party, their ability to control their privacy to their own standards goes out the window generally, and not just with AI apps.
One problem with this sort of thing is that—sure, we can call privacy violation an opinion and admit that some people have dumb opinions like “I don’t need any privacy.” But unfortunately only one person needs to let the privacy violation bot into the conversation to violate everybody’s privacy, so it isn’t as if your opinion will really be respected.
Of course, the easy solution is that nobody has conversations that might need privacy anymore; people can just always be in public persona mode. Hopefully we don’t end up with a society made up of inauthentic lonely people as a result.
I think if I understand the article correctly it sounds like Google might also be reading the messages so it can respond for you. Regardless I think the other thing people might not be happy about is Gemini can still interact with apps regardless of if you have app activity turned on or off, as quoted from the linked email in the article:
What's changing
Gemini will soon be able to help you use Phone, Messages, WhatsApp, and Utilities on your phone, whether your Gemini Apps Activity is on or off
Google's own documentation explicitly states it cannot read your messages or notifications. You can ask it to compose a message for you or start a call, though.
Gemini being able to read WhatsApp messages (when explicitly asked) and take actions can be convenient. If it does so without prompting or feeds the data back into their model in any way for training - that's a big no.
It's apparently obvious to you that "hey Gemini, can you message Mike that I love him?" means the text is first sent to Google and then back to your phone and then by your phone to Mike. This isn't the case for everyone, perhaps also because it's not necessarily that way: https://www.macworld.com/article/678307/how-to-use-siri-offl... I couldn't find whether tasks related to "reading your messages" (like text to speech while you're driving or so) is a thing Siri does, but it obviously talks to you and if you tell it to send a message then that works offline so evidently there is some access there without needing to first upload it to the assistant's vendor
Does Whatsapp expose these messages via an API? If yes, then it seems like this is not only on Google.
If no: Are they reading data from raw UI widgets? Are they intercepting input controls? Are they intercepting network traffic? That seems unlikely, given its probably end to end encrypted and the decryption happens within the scope of the Whatsapp process.
>When granted, an app with accessibility permission can:
Read screen content (including text and buttons in other apps)
Detect user interactions (like taps, swipes, or gestures)
Navigate between apps and the system UI
Monitor app launches and foreground/background changes
Access and control other apps indirectly
Perform gestures or clicks on behalf of the use
> If no: Are they reading data from raw UI widgets? Are they intercepting input controls?
Why not... they control the OS, it'd be trivial to add hooks to the "draw widget" command to intercept that it's about to draw a text widget for WhatsApp, and then ask it to log the text.
WhatsApp data is encrypted, however, the keys are on the device itself and accessible on Android. There are many third-party apps that support transferring WhatsApp data from one phone to another, and some even claim so between Android and iOS devices. As I understand, the chats are in some usual database format. So anyone having access to the device can read the data even without WhatsApp being there itself (as far as the data is there).
> With Gemini Apps Activity turned off, their Gemini chats are not being reviewed or used to improve our AI models.
Indeed bizarre as the statement doesn't say much about data collection or retention.
More generally, I'm conflicted here -- I'm big on personal privacy but the power & convenience that AI will bring will probably be too great to overcome. I'm hoping that powerful, locally-run AI models will become a mainstream alternative.
Personally, I prefer AI to stay in its own corner. Let ChatGPT, Gemini, and the rest be something I open when I need them, like a website or an app. I'm not really into the whole "everything should have AI built into it" idea.
It kind of reminds me of how the internet used to be. Back then, you had to go to a specific room to use the family computer. The internet was something you visited. Now, tech is everywhere, from our pockets to our bathrooms. I’m not sure I want AI following that same path.
Agreed the privacy that keeping AI "in a corner" appeals to me too.
The fundamental catch here is that 80%+ of the future benefit will likely come from the very thing that erodes privacy: deep integration and context. Imagine if a Gemini had your entire life in its context (haha scary I know!), prompting would be so much more powerful.
That's the core, uncomfortable trade-off we're all facing now.
It's not an uncomfortable tradeoff to me. These systems being deeply integrated is simply too high of a price to pay. I cannot imagine a future benefit so great that it would be worth that.
> Imagine if a Gemini had your entire life in its context (haha scary I know!)
Windows Recall [1] is this for your PC activities (not yet fed to AI, but I see no reason to think it will stay this way). Meta is working on glasses to record the IRL part. But your phone is probably enough for most of it. Joining Zoom meetings with AI note takers is getting popular [2]. Not long until in-person meetings will have AI listening in from the phone mics, of course just to increase productivity and to summarize and remind you later. Convenience!
If I can have the AI agent attend the meeting for me in the first place, and then provide me the notes that's the winning play. Take the morning stand-up: all the developers' agents know what they are working on and what any blockers are. They can all exchange information in a virtual AI meeting and then send the notes around. Meanwhile all the developers are getting something productive done.
It's going the opposite direction. AI won't be inside each different thing, instead everything else will be nested under the AI. Like Gemini here. AI will have user-equivalent access to interact with any app. It will be the default and people will not mind it because it's convenient and if you have nothing to hide.
Women were sharing their menstruation information with apps, until they surprisingly ended up in a corrupt regime with a corrupt judiciary that weaponizes this information to take away the rights over their own body...
My approach has been to lock AI assistants (for me, that's just Apple intelligence as far as I can help it) out of integrations with the vast majority of apps, and especially chat and email apps.
At some point, some reverse engineer will publish a writeup either confirming or denying how local these models are, how much data (and maybe even what data) is being sent up to the mothership, and how these integrations appear to be implemented.
It's not perfect, and it only offers a point-in-time view of the situation, but it's the best we can do in an intensely closed-source world. I'd be happier if these companies published the code (regardless of the license) and allowed users to test for build parity.
Maybe at some point, Apple is/was trying to do everything locally but it appears they have recently decided to move away from that idea and use OpenAI.
I can understand why: you’re only using locally-run AI models every so often (maybe a few times a day), but when you use it, you still want it to be fast.
So it will need to be a pretty heavy AI chip in your phone to be able to deliver that, which spends most of the time idling.
Since compute costs are insane for AI, it only makes sense to optimize this and do the inference in the cloud.
Maybe at some point local AI will be possible, but they’ll always be able to run much more powerful models in the cloud, because it makes much more sense from an economics point of view.
Google also has AI models optimized to run on phones, they're just in a lot better of a position to actually build purpose-built LLMs for phones.
It's not clear to me why certain classes of things still end up farmed out to the cloud (such as this, or is it?). Maybe their LLM hasn't been built in a very pluggable fashion.
> they have recently decided to move away from that idea and use OpenAI.
... although, to be fair, they're negotiating with OpenAI to run the models in "secure enclaves", which should, assuming everything works right which is a huge assumption, keep Apple or anybody else from reaching inside and seeing what the model is "thinking about".
Assistant stuff. Like you bark "order a pepperoni pizza from Joe's Pizza" and it happens. You take a pic of your fridge and say "order stuff to stock it up to my usual levels". Or book a flight, or buy concert tickets or clothes, or get media recommendations, replan a trip while driving if you change your mind and add a stop somewhere. Ask to summarize group chat message floods. Put on some music. Control smart home gadgets.
It's hard to predict exactly though. I remember thinking in 2001 that nobody except the busiest businessmen would need a cell phone. A landline at home is perfectly enough and in special cases there are phone booths. And in 2011 I thought the same about smartphones. Why would I need email while walking in the street? Can't it wait until I'm home at the desktop? If I need computer stuff on the go, I can take a laptop. Similarly, I'm not quite sure how exactly it will go but probably in 10 years you'll need to have an AI agent to function in society. The legacy infrastructure decays if nobody uses it even if you'd prefer not to jump on the bandwagon. Today you often MUST have an app downloaded to do things, e.g. some museums require it, sometimes government services are much more tedious otherwise. Some restaurants only have a QR code and no physical menu. Often news items (from school, or local municipality) are only shared in social media. Etc. etc. I can easily imagine that there will be things you can't manually do in 2035, only by asking your AI agent to do it for you. And it will scan all your data to make sure that what you're doing is impeccable in intent and safety and permissibility (like an inverse captcha: you must be Gemini or another approved bot to do the action. As a human you have to jump a million hoops that maybe takes days of providing various details etc. And Gemini will be easy to spook and will be opinionated about whether you should really get to do that action or not.). And it will communicate behind your back with the AI of the other party to decide everything. Or who knows what. But it will be necessary to use.
>Assistant stuff. Like you bark "order a pepperoni pizza from Joe's Pizza" and it happens. You take a pic of your fridge and say "order stuff to stock it up to my usual levels". Or book a flight, or buy concert tickets or clothes, or get media recommendations, replan a trip while driving if you change your mind and add a stop somewhere. Ask to summarize group chat message floods. Put on some music. Control smart home gadgets.
Frankly, this sounds like a potential nightmare to me. Almost certainly, the big techCos that today use algorithmic "customer support" to randomly flag, ban and screw with users for completely opaque reasons and little recourse will try running all of the nice things you describe. It's very plausible that sooner or later it will become harder and harder to do any of those things by more conventional, atomic means, making you rely ever more on integrated connections between product/service providers and these ordering systems (it's "convenient", you see?) only to suddenly find yourself flagged, blocked, or banned for any number of idiotic, blandly brainless reasons and shut out of the most basic elements of your daily life.
That people would readily agree to sign up for such dependence on these opaque things is a mystery to me, and I hope a huge pushback against it happens at some point.
If you think I exaggerate, bear in mind how often such things already happen on a lesser scale in a world where having social media, a smartphone and accounts with services like Google's becomes necessary in some contexts. Also note how often someone or another finds themselves fucked when these existing dependencies suddenly get shut down because some bullshit algorithm supposedly said so.
It's also bad enough that payment systems and banking can be cut off to people who (having broken no law at all) hold some politically controversial, publicly activist discourse, or that banking and certain basic services can be withheld in some bizarre way because you live a life in which your residency or other life choices are outside the average. To have the same risks apply for ever more minor reasons across a huge swathe of just living your life is a monstrously insidious way of marginalizing and homogenizing social divergence.
Apparently, my personal account being a gsuite account is to my benefit this time as "your administrator has not enabled access to Gemini for your account".
Don't even know what the product is about, but it went into my shitlist for redirecting me always to a badly machine-translated page, not understanding en-us as a language code in the URL, and not having a language selector.
There are ways to disable Gemini on Android but since we are talking about WhatsApp, let me tell you that there is no way yo disable Meta AI in WhatsApp and of course you were never asked to enable it.
The whole situation is still clear as mud to me. What if I don't have the Gemini app installed, how do I get to its configuration screen? Is the component which exfiltrates the data part of the Gemini app, or is it a separate Android component which also has to be removed? What if I didn't receive that email?
Since I always answered "Not now" when my phone wanted to replace Google Assistant with Gemini, I still have Google Assistant on my phone. When I try to bring up Gemini settings, it will ask me if I want to replace Google Assistant with Gemini, and not give me access to any Gemini-related settings.
Thanks, but that only leads to a screen asking whether I want to enable Gemini. I decline, and it goes back to the previous screen, without opening any settings form.
This really annoys the shit out of me. First people work hard to enable E2E encryption on WhatsApp, then Google goes "lol we'll just upload your chats to Gemini cloud".
More surprising is that people think this is the first time - be default your WhatsApp backups are unencrypted by default so they have had the access for long time for large part of the userbase. Also primary reason why WhatsApp hasn’t been a problem for law enforcements.
I hope the EU sues the shit/existence out of them for exfiltrating private conversations and violating the secrecy of correspondence without explicit consent
Tech corporations and their managers are basically data rapists
May be they are reading the notification using notifications reading service (Feature in Android) and use intents to send messages.
But from intent you can either share (user action) a message to a particular contact or automatically open whatsapp on a particular contact and prefill the message in text box.
May be whatapp may have exposed an intent to directly send message or they are just prefilling the text box
There is a WhatsApp folder on your phone, which contains the database of messages. You can just backup the entire folder by any standard backup method, including copy pasting.
I guess they've changed this in the last 2 years or so because last time I checked they kept your key hostage and only allowed transferring all data, including the key, to a new phone.
I confess I got a pretty good laugh out of seeing this on the same day I saw billboards bragging that "not even WhatsApp can read your messages." Oops.
I wonder what meta will do, they recently introduced meta ai inside WhatsApp (even though I didn’t enable it, or asked for it), it’s just floating there.
With Gemini having access, those who are happy to give AI access to their apps would surely prefer Gemini as it will be phone wide instead of meta ai which only runs inside WhatsApp.
This is concerning but I am telling my Whatsapp user friends about the access to their immense data that Meta has and they should be concerned. But even the friends in tech, who lead massive product development, feel there is nothing concerning.
Honestly I was surprised not to see an announcement for some kind of agentic API in Android during GIO. Think some kind of combination of content providers and a rest interface, defined by the developers of each app.
Having the system level agent needing to interface with the UI in such a messy way doesn't feel like the best way for it to accomplish its tasks.
In the year 2025 I can’t think of any reason a person would use Signal instead of WhatsApp. All your friends and family should move to Signal if that is your excuse.
Mostly for QoL and polish, which WhatsApp has the upper hand in. Perhaps most notably, WhatsApp treats desktop as a first-tier platform instead of as an afterthought, which makes its desktop app considerably nicer.
There seems to be this blatant forcing AI products on people. WhatsApp themselves have an AI feature that you can't turn off or remove. Their only advice is to simply not use it. Is it just a massive push before regulations or are they speed running annoying everyone so much that regulation is the only option?
Sorry, but this title sounds overly click-baity to me. Google definitely can’t read or write my WhatsApp messages. Because I’m not using an Android/Google phone with WhatsApp on it. Although I am using both Gemini and WhatsApp, the whole article doesn’t apply to me, and surely I’m not unique in this.
Now ? I guess some people really need a reality check. Google controls the OS which runs of your phone and has access to all your data. Just like Apple or Microsoft.
Documentation is unclear, but it appears Gemini is always connected to Utilities, and Utilities is always connected to Whatsapp, and the data flow between these apps is not documented.
You have to unencrypt data to process it and as soon as you do that, the right Kernel APIs are enough to see whatever you want -- here the accessibility APIs are probably enough to read any text you would be able to read.
another person in the thread suggests it's working over a screen capture stream. But that's what i'm wondering : are they working over a video of the screen or by integrating directly with the internals of the OS.
yes WhatsApp messages are stored in an encrypted sqlite database.
I'm not an android dev so I'm not positive about this but I expect whatsapp is shipping their app with "App Actions" interface giving the assisstant certain actions it can perform, so this is not wholesale database access. See [0]
App Actions extend your in-app functionality to Assistant, enabling users to access your app's features by voice. When a user invokes an App Action, Assistant matches the query to a BII declared in your shortcuts.xml resource, launching your app at the requested screen or displaying an Android widget.
You declare BIIs in your app using Android capability elements. When you upload your app using the Google Play console, Google registers the capabilities declared in your app and makes them available for users to access from Assistant.
Not every state(, country, province, region, whatever) has laws that restrict or prohibit this kind of activity. A complaint to a public prosecutor may not be a good option for many people, especially in the US which historically has had very permissive laws about how corporations can handle user data (with some exceptions like the CCPA, though TBD if that legislation would do much here).
As the article states, "After turning it off, Google will still retain your data for up to 72 hours to "maintain safety and security of Gemini Apps" and allow Gemini to respond contextually.""
Which means, AFAICT, it doesn't matter if you turn it off or not, Google still collects information and stores it for 72 hours as part of the core functionality of the operating system.
WhatsApp backup on your Google account contains all your message history, and is unencrypted. If you use google cloud backup for your phone, Google can read your WhatsApp messages, and has been able to do so for more than 5 years now.
There's a lot of business happening on WhatsApp. I don't think Google cares that much about the messages I sent to my family (although it helps with profiling and ad targetting) but I bet the real money is understanding what people are buying and how they do commerce in WhatsApp.
I don't see what the problem is. If the User doesn't want Gemini to read his or her messages, the User doesn't have to partake in the sending of the messages. Simple! A User agrees to be bound by the ToS (Terms of Service) in having they do take to receive the user agreement as bound in law by Google. The User doesn't need to understand or have the right to contest the agreement or the use of any data created by a User, as the User can simply not use the product or service as governed by the same Google ToS. Simple!
Things like these make me glad to have a Xiaomi phone with their minimal implementation of Google instead of a full on Android phone. I get to avoid this stuff being pushed on me, and I don't use any of the Xiaomi "AI" stuff (which wouldn't support foreign apps anyway).
Granted, my data is definitely being sent to Xiaomi analytics, fixed by NextDNS. Re: governmental influence, I'd prefer Chinese to US (then again, that is my ethnicity bias). Recent events make the two governments look more similar than ever.
Google has been working on this since November last year going by the wayback archive of the support page for this feature.
I'm not seeing any indication that Gemini can read your messages, though. You can compose messages and start calls, but I can't get it to read me any of my messages. In fact, I can't even get it to send messages to group chats, only to individual contacts.
The feature makes a lot of sense, of course. WhatsApp is to many countries across the globe what texting and calling is to Americans. If your smart assistant can't even interact with WhatsApp, it's basically useless for many people.
Edit: ah, that explains why I can't make Gemini read my messages to me, Google's own documentation (https://support.google.com/gemini/answer/15574928) says it can't:
If you connected Google Assistant to WhatsApp, it seems like data may flow that direction, but then you've already hooked WhatsApp into Google before so I don't think anyone will be surprised there.Does anyone know how I can make Gemini read messages? I can't even find the assistant settings necessary for that stuff to function.
What Gemini should be able to do with WhatsApp:
Google needs to not be abusing its position as the source of the OS to give its software special privilege to reach inside of third-party apps.The line is blurry. Google is positioning Gemini not just as an app, but as a OS level feature. The OS can by definition reach into any third-app app to do anything it wants. I'll give some more examples of OS-level features in case it's not clear: copy/paste is an OS-level feature and it is designed to extract arbitrary text or content from third party apps (copy) and insert them into third party apps (paste); screenshotting is an OS-level feature and it is designed to capture the visible views of any third party app with the only exception being DRM content.
Apple Intelligence has similar marketing. In last year's WWDC, there was the whole "Siri, when is my mom's flight landing?" segment (see https://developer.apple.com/videos/play/wwdc2024/101/ at 1h22m) that didn't generate any controversy. So for some reason people think Siri should rightfully be an OS-level feature but Gemini should not. Got it. I guess Apple's PR is just that much better than Google's.
> The line is blurry. Google is positioning Gemini not just as an app, but as a OS level feature
The line is blurry, but Microsoft was positioning Internet Explorer as an OS level feature, too.
https://en.wikipedia.org/wiki/United_States_v._Microsoft_Cor...:
“Microsoft argued that the merging of Windows and IE was the result of innovation and competition, that the two were now the same product and inextricably linked, and that consumers were receiving the benefits of IE for free.”
Apple somewhat similarly argued that the iOS App Store is an OS level feature. https://en.wikipedia.org/wiki/Epic_Games_v._Apple#Background:
“Apple has further argued that it requires iOS apps to use its storefront to "ensure that iOS apps meet Apple's high standards for privacy, security, content, and quality" and avoid exposing iOS users to risks from alternative storefronts.”
In both cases justice departments (the ones who draw those lines) disagreed with those claims.
So if Google is to learn from others’ past mistakes, it ought to be able to leverage Gemini as long as the user can easily and fully swap out Gemini for an alternative. That was the problem regulators had with IE and the App Store.
The fact that Google would find it to be convenient for the line to be blurry doesn't mean that anybody looking at it in good faith sees the line as blurry.
The fact that someone disagrees with you doesn't mean they're operating in bad faith.
At first I thought the fact the advertising-and-tracking company needed access to their competitor's encrypted messenger was related to the tracking that is their core business model.
But it's unfair to assume bad faith like that.
Perhaps they merely need access to the encrypted messages in order to provide a better user experience, by serving more relevant and better personalised adverts?
I'm not going to argue there's any bar too low for Google to not clear, but also, it really is possible that it's just for the stupid AI feature they say it is. Just because it's something Google could feasibly do doesn't mean they will. I'm very confident they have never used Google Public DNS for advertising or tracking.
It's one thing to treat funneling data "to the cloud" with suspicion out of principle, but personally I think it's counterproductive to go a step further and just assume everything is always being maximally abused. The fact that it could be is an issue, but that doesn't mean it is.
It does when it that person is taking a charitable view of anything Google has done since about 2011.
Google is an advertising company. Apple is a consumer hardware company. Who would you trust more with your data? It’s that simple (irrespective of the ground truth, simply referring to the optics of it).
Apple is an advertising company.
https://ads.apple.com/
Generates billions for Apple and is growing rapidly, since they implemented increasingly aggressive "privacy features" to block their competitors.
Apple has an advertising business. That’s materially different from having advertising as your core revenue stream.
Likewise, Google has a consumer electronics business, but they’re not a consumer electronics company.
Google sells hardware and Apple sells ads, in great quantity in both cases. Not sure "it's that simple" at all.
What percentage of revenue do ads and hardware contribute to the bottom line in Apple and Google? That answer will tell you more about leadership incentives than just hand-waving away the discussion based on the fact that big tech companies tend to dip their toes in a lot of pools.
All of you have joined an argument that is completely fictional. I am amazed that someone can still fall for “Apple is a hardware company” bait.
Both Google and Apple control enormous number of devices, the data on them (or data collected by them), their software, and their users. They make money by selling you tiny bit of access to that, directly or indirectly. End of story. Should I remind you how much being special to privacy restrictions costs Facebook?
It's expanding, which is all that matters: https://www.macrumors.com/2024/11/19/apple-now-directly-sell...
But some people in good faith can see the line as blurry. Others perhaps not. It's subjective and opinion-based.
HN people just like to live in their own bubble thinking no other opinion is valid other than their own.
> Google is positioning Gemini not just as an app, but as a OS level feature
Eeewww.
We need a mobile OS competitor.
I am seriously considering a move to Fairphone with /e/os.
GrapheneOS would be a possibility, but I don't trust Google to make decent hardware, so not super excited to get a Pixel phone.
I definitely had to tweak the settings a lot for the battery to not get warm on my Pixel. But after a week I managed and battery life is better than with comparable phones since the background bloat isn't there on Graphene.
So far there was a solution for everything, I don't do online banking on the phone though.
I wonder if LineageOS might solve this problem already though, /e/os probably would as well
> I definitely had to tweak the settings a lot for the battery to not get warm on my Pixel. But after a week I managed and battery life is better than with comparable phones since the background bloat isn't there on Graphene.
I am sure a detailed writeup will be very appreciated if you bother and manage.
> We need a mobile OS competitor.
Mobian, PureOS, postmarketOS exist.
Yes, I have an older phone running LineageOS for that matter.
But those are typically community efforts, so software support is not certain. It sucks when so many things just expect you to have a working cell phone.
Punkt has a phonen using a fork of grapheneos out of switzerland with some cloud services like VPN attached to make it a completely degoogled 'secure phone', called ApostrophyOS
https://mc02.punkt.ch/en/mc02-5g-secure-phone/
https://www.apostrophy.ch/
Can't vouche for it, I just use a flip phone.
What company will jump in the competition meat grinder between Google and Apple. Maybe if it’s state-sponsored. I don’t know how much HarmonyOS/Huawei are state-sponsored so I can’t claim there are.
> What company will jump in the competition meat grinder between Google and Apple
Purism did. My Librem 5 works remarkably well given how small the company is.
How do you deal with things such as mobile banking? So many services just presume you use either an Android or IOS.
At some point I thought I really needed Android Auto, but I can probably just get a MStick only for that. There are other things that keep me jailed to Android though.
Making OS level features depend on an external cloud service is a rather dubious proposition in general. It feels a bit anti-competitive to me, if nothing else.
> Google is positioning Gemini not just as an app, but as a OS level feature.
That doesn't make it any better or more acceptable. If anything, it makes it much, much worse. I absolutely don't want any LLM to have OS level access to my data, period.
The line is not blurry at all. The line is what I define the line to be on the devices that I've paid for.
This is the line of thinking that got Microsoft into trouble back in the day, and they were forced to split the web browser and the operating system.
However, operating system technology has come a long way since - the trick is to control not only the computer but the government.
Dear god! Are you sure? If I ever sensed a forkable event for Android...
Well, really the line was crossed when Google Play Services got special privileges (and third party app developers were encouraged to call on Google Play Services as the only practical way to do various things, some of which maybe should have been part of the OS). And the "assistant" crap, and whatever else.
... and GraphenOS isn't exactly a fork, but it's plugging away, fighting the good fight, doing things like making Google Play Services both optional and a lot less privileged on the phone than it thinks it is.
Devils advocate: Google Play Services was the right solution to all the clamoring about Android fragmentation and OEMs abandoning devices by not providing upgrades.
I agree that Google Play Services was the right solution to fragmentation. I also agree that having forks like GrapheneOS was the right solution for a subset of people who like to de-Google themselves.
Definitely helped with that and also absolutely frustrating that it is so abusable to keep folks out of the Android garden.
Undeniable that Android updates are so much better than in the past, and it's far easier to keep your Android app using modern APIs than your iOS app, because most of those APIs are libraries with full backwards compatibility going back many years.
Yes, but GrapheneOS has lost access to Pixel specific drivers/etc, with the repo changes Google made?
https://news.ycombinator.com/item?id=44256604
Its blurry because it was made blurry. It shouldn't be, and any laziness-inducing helper app or product ain't no excuse.
These are basic core (and so far immovable) privacy principles, lets not lose sight of this when we delve into whataboutism.
Unfortunately the situation on Android is that other apps cannot do anything with WhatsApp, and there's fuck all you can do about it as a user.
I shouldn't need Google special-casing Gemini to allow LLMs to interact with my messages. I should be able to wire up Tasker to WhatsApp on one end, and to OpenAI or Anthropic models of my choice via API calls on the other end. Alas, Android is basically like iPhone now, just with more faux choice of vendors and less quality control.
If you give users a way to compromise their own security, scammers will find a way to make users compromise themselves.
Users always have a way to compromise their own security, and short of taking away their freedom completely (e.g. putting them in a mental hospital) that's not possible to fix.
Sacrificing human freedom in the name of security is a long, dark, and well-trodden path that I don't think we ought to venture down any further.
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety"
> Google needs to not be abusing its position as the source of the OS to give its software special privilege to reach inside of third-party apps.
There are some extremely useful features that you can implement with AI, but currently only at the OS level, not with normal app permissions-- namely live translation of audio streams that belong to another app (calls, video playback, etc.).
But I suppose you're still right; it would still be better if Android had an API for sharing app audio streams like this.
Siri does this, but the processing happens on-device so it stays private. Seems like a nice compromise.
Google has Gemma? So they could also blow Apple out of the water by competing directly there.
I'd be more interested to know what would happen to Google if it turned out they were reading all of our WhatsApp messages.
If that's a slap on the wrist, then we can be sure that Google is doing it.
> Google needs to not be abusing its position as the source of the OS to give its software special privilege to reach inside of third-party apps
Gemini uses the same APIs and permissions as any other Android app.
This is trivial to verify. Just look at the permissions requested by the Google app like I did.
Even given all of the historical abuses of Google on Android you still believe an app permission is acting in good faith when Google has hooks elsewhere into the OS?
Google has already been successfully sued this year in CA for siphoning off data from phones that are idle and the remainder of states is in process [0].
[0] https://www.androidauthority.com/google-314-million-verdict-...
That lawsuit was for using metered cell data not for "siphoning off data." You can look at the Android source code and verify that the Gemini app cannot bypass the permission system. This is unlike iOS, where Apple apps get special access.
> What Gemini can’t do with WhatsApp > Read or summarize your messages
Current HN title: Google can now read your WhatsApp messages
Even aside from the false equivalence of Google and Gemini, the current HN title is pure clickbait.
"Google's own documentation"... uh oh, first time?!
The first archived version of this page containing the "can't do" list was published Nov 2024. The email is about a change "making it easier" to be rolled out July 2025 so I would not bet someone else's money on this page being up to date. We'll find out I guess.
https://web.archive.org/web/20241107174006/https://support.g...
My normal "Google's own documentation" experience is the other way round - to be told something is possible when it certainly isn't.
> The Gemini mobile app may support some of these actions with help from Google Assistant or the Utilities app, even with WhatsApp disabled in Gemini. Learn more about Google Assistant features in your Gemini mobile app and actions supported by the Utilities app.
It can't read your messages just as tech giants can't pirate every book in the world to train their models.
Crooked billionaires shouldn't enjoy the benefit of the doubt.
People have been clowning on Apple for being behind on the AI stuff and -- while I'd never defend how they promised a bunch of features in 2024, showed them in ads, and sold iPhones based on vaporware, but still haven't shipped most of the features -- I will say, I imagine a lot of the hold-up is because they realized how dangerous it is to start trusting AI with the sensitive data on your phone. It's probably not too hard to make it work most of the time, but even if there's a 0.0001% chance the AI will send a sensitive image meant for your wife to your boss, you should probably reconsider shipping.
I don't believe Google has the tact to care as long as they look like a market competitor in something.
> -- I will say, I imagine a lot of the hold-up is because they realized how dangerous it is to start trusting AI with the sensitive data on your phone.
It was probably Apple being incompetent with their AI approach rather than being careful
Precisely. Its incredible that people think Apple is playing 4D chess with AI, when in reality the simplest answer is the most plausible - Apple has no clue wth to do with AI. Their own assistant - Siri - has been in shambles for close to a decade.
Structurally Apple is in a disadvantage, in the AI race. And no amount of waiting, or polish is going to help them - unless they partner with OpenAI, Anthropic or Google.
Not to defend Apple - A lot of attempts of integrating AI are shot in the dark that lilely make no sense.
However, Apple did have a use case that would be an obvious improvement. The very thing LLMs excel at is at processing and generating natural language. Improving Siri with LLM capabilities was the obvious move, especially at a time where LLM providers are willing to burn cash to reach a wider use base. It speaks volumes of a company that is just rent seeking their position in the smartphone market at this point.
Behind on AI? Apple was the first to intercept personal communications and create inappropriate synopses of breakup texts for its users.
I for one am glad they did this for the humor alone.
> even if there's a 0.0001% chance the AI will send a sensitive image meant for your wife to your boss, you should probably reconsider shipping.
Not the best example since Siri has been misunderstanding us for many, many years.
You really meant to send that I love you to Louis coworker, right? Not to "Love"? Too late
> You really meant to send that I love you to Louis coworker, right? Not to "Love"? Too late
Why make up stuff like this? Siri confirms everything that sends data.
That's not quite true, especially if you're using something like CarPlay. I have personally had this interaction:
Me: Hey Siri, text Jen [my wife] I love you.
Siri: OK, texting Johnny Chan [my ex-boss] I love you.
Me: What NO!
Johnny: Uh...
That happened. It's not something I read about or made up. It went pretty much exactly like that.
This is a setting under Settings > Siri & Search > Automatically send messages.
It's disabled by default, but it's possible you turned it on by accident or got a bad default setting I suppose.
No. It's well documented and reported that Apple's hold-up is because of technical incompetency.
I know right?
They have always been behind. Why would this time be any different?
I’ve not read this; do you have any links?
Very well known.
https://www.reuters.com/technology/artificial-intelligence/a...
https://youtu.be/elfCDnMx3Ug?si=lP9OpeU9rpO2RIla
Appreciated, thank you
https://www.cultofmac.com/news/former-apple-engineer-explain...
That doesn’t provide any nontrivial insights—yes, Siri is built on keyword detection, but it’s also much older. But why are they having such a hard time creating an LLM-based Siri 2.0? Still no clue.
Perhaps cost reason? Unlike Google, Apple mostly rent their servers from the big cloud providers. Rolling this out to all Apple devices must be very expensive.
I can't help but wonder what "Thoughts on AI" would say if Steve were still here.
Steve Jobs predicted LLMs in 1985. He was 40 years ahead of everyone else.
(Search: Steve Jobs predicted the future of AI)
Why wonder? We can use AI to generate what he might have said! /s
> but even if there's a 0.0001% chance the AI will send a sensitive image meant for your wife to your boss, you should probably reconsider shipping.
That's too low of a probability for Apple to care. The probability that YOU would do it yourself by some random series of accidents is probably orders of magnitude higher than that.
Do you really think you're going to send 1,000,000 nudes to your wife without accidentally sending one to the wrong person!?
> Do you really think you're going to send 1,000,000 nudes to your wife without accidentally sending one to the wrong person!?
That seems like the wrong way to spin this hypothetical probability.
A quick search says there are 1.38B iPhone users worldwide. According to[0], 87.8% of 18+ year olds have sexted, so let's estimate that to mean 1.21B users. Even if we assume users only ever send one nude, that means 1,210 gaffes if you assume one in a million.
[0] https://www.womens-health.com/sexting-statistics
[dead]
It's the other way around. The probability is so low that it is incredibly unlikely to happen to any given individual. You would have to be paranoid to worry about it. On the other hand the probability is so high that, when considering the size of Apple's user base, such incidents would happen regularly.
They mean that the baseline probability of someone manually doing that to themselves without AI is higher than that.
There's a "sensational news story" multiplier.
If true, that's pathetic on Apple's part. The unreliability of LLMs was maybe the biggest topic in the entire tech industry around that time. To be ignorant of that basic fact would be an incredibly bad look.
I have no insider knowledge but to me on the outside it looks like the same old panicky hype-chasing we've all seen in other contexts. Some executives kept reading and hearing about AI AI AI!, and were terrified of being left behind. The many voices of reason within the company pointing out the correct risks and tradeoffs to consider were ignored while the over-confident voices blustered their way onto the roadmap.
The whole situation with Gemini Apps Activity setting is so frustrating. Even if I pay for Gemini Pro, the only way to make sure there will be no human looking at your chats is to set Apps Activity to off, which means you don't have any history for Gemini chats, even for the messages from a minute ago.
Reminiscent of their heavy handed approach to disabling watch history on YouTube, even when paying for YouTube Premium.
(Google punishes viewers who make themselves less valuable to advertisers by giving them an entirely blank homepage.)
That was a blessing in disguise though. Its way easier for me to not binge youtube now
That's a gift, the opposite of a punishment.
Wouldn't a blank homepage be exactly what you expect if you had no tracking enabled? The algorithm that generates the homepage is probably totally stunted with only empty logs to draw on.
You could make a list of demographic fitted choices based on info on the user.
One wonders if you couldn't whip up something that would whip up a list of choices by operating locally only on the users history returning just a list of things to show on the page and forgetting it when the user closed the tab.
> operating locally only on the users history
Most users won't understand how that works. As far as they're concerned "youtube watches what I do", and any explanations about how the algorithm runs locally but google can still see what you watch if they look at IP logs will be far beyond a typical users desire to understand.
Honestly having occasionally glimpsed the logged out YouTube page which appears to do this... I'm glad that I don't have to deal with that either.
As for what they should do, I think populating the homepage from the subscriptions list (either literally as an ordered list or by some algorithmic "watch time vs average watch time for this creator", I don't care) would be preferable.
It's not a punishment; it's entirely transactional. You make yourself less valuable to advertisers so you also make yourself less valuable to Google. Therefore Google provides you with fewer features such as a blank homepage.
The era of Google providing costly features to users with no benefit to itself is coming to an end.
Except you missed that part where they said > Premium
If you pay for it, you can expect to not be the product.
I think that ship sailed a few years ago. It's better for big tech if you pay and be the product so they went ahead and did that.
Another option although it requires using another account is using Gemini for Google Workspace.
Thanks for the suggestion! I actually see that Business Standard Google Workspace (for 1 user) that includes Gemini Access costs less than Gemini Pro subscription for an individual. I will give it a go.
But note that Gemini via Workspace doesn’t have all the features of Gemini Pro, and it is notoriously behind regular Gemini in terms of feature adoption. So far, there’s no access to Gemini CLI (paid separately) and no way to selectively delete chats, for instance.
It’s absurdly dumb, agreed
These big tech companies are so frustrating. Why does every single aspect of our digital lives need to be monitored? It’s like whack a mole trying to get the most basic of privacy.
Because people collectively vote for the ad model over the subscription model.
Are those the only options?
How about paying once, owning a specific version and that's it?
Not great for a chat app, which needs ongoing active servers and someone to fix stuff that breaks, even if you feature-freeze it.
Pretty great for a chat app used by a few billion people, a few $billion is enough to keep things running for many decades. e.g. banks do exactly this, with much more critical and complicated infra.
How do banks do this?
That works for software, but not as well for services like YouTube
Even for software practice has shown few are actually willing to pay hundreds to thousands for a lifetime license. And you still need to purchase service packs, etc
As we have all learned, ad and subscription models aren't mutually exclusive. You can still get ads while paying for a subscription.
In fact, I don't believe the ad model would have gone away if everyone started paying for a subscription. The bottom tier would still be filled with ads.
Ideally, the market would solve this. The companies that are pushing annoying would lose customers to the companies that don't. But since we don't live in a ideal world, I honestly think regulations would be the only way. Something like "If a customer pays for subscription in any way, you can't show ads" - and then let the companies put a realistic price to their subscription tiers, which makes it worthwhile for them.
Ad subsidized subscriptions are cheaper.
I don't see what people find so grating about having a ad-load/cost spectrum. Maybe it's just confusion about the billing model.
They are cheaper until they aren’t. The neat thing about a plan that removes all ads is that you can just add the ads again later and introduce yet another, even more expensive plan that removes the ads again. Such fun! Much profit!
I pay for 2 streaming services. They include annoying ads and the only way to avoid ads is, yeah to just pay more. No sense at all.
That makes perfect sense actually, you pay them half of the ad revenue to get rid of half the ads.
Perfect sense. Later, we pay to get ride of 90% of the ads to still have ads everywhere. Then 99% and on.
> Because people collectively vote for the ad model over the subscription model
You make it sound as if those were the only two options available..
Right, I left out the donation model because less than 1% of users ever actually donate anything. It's hardly worth even considering for vast majority of businesses.
It's totally possible to have the ad model without all the spying. It's just that marketers don't want that to be an option. They're all in on spying on us.
Yes, it's possible for marketers to act contrary to their own interests. Is that really your point?
As smart TVs, cable TV and streaming services show, even things that people generally pay for will get the ad model given enough time.
Were we even given a choice? In most cases, no.
people didn't vote for shit, if they could vote they'd vote for no ads and no cost. companies like google destroyed this option on purpose. there is no reason why the vast majority of apps and services online can't be both free and ad free. if i look for tetris on the app store it's literally impossible to find a version that's both ad free and free of purchases despite the fact that i know there's at minimum 100 options that fit this criteria. google/apple just buries them and deliberately doesnt allow filtering to find them
>there is no reason why the vast majority of apps and services online can't be both free and ad free
You can give away software, but running a service costs money. P2p messaging can be free (and signal exists), but nothing like free and adless YouTube or Facebook is going to happen regardless whether google or meta do anything to prevent it.
The Saudis would love to have a platform as popular as YouTube for their image washing purposes, no matter if it costs them a cool $billion or two per year to keep it ad-free. They don't do it because they'd rather not antagonize Google, a company wielding global power, otherwise they'd love to.
there are tons of free mastadon servers that cost nothing to end users and perfectly capture the functionality of twitter/facebook/whatever. yes there is root cost at its core, but its distributed across people who volunteer to pay for it on smaller scales becasue they enjoy running those services.
agreed its trickier when its gets to stuff like youtube, but piracy being free and widely spread is an example of how its possible, just not well developed right now
there's also options where it's pay-as-you-go with stuff like bitcoin (e.g. i pay $0.01 to watch a video) where it's effectively free but on large scale does cover the costs of infra
As much as I despise ads, this is a pretty delusional take. Mastodon was only possible because of the hard work of open source contributors with day jobs that feed them. Running and accessing these instances requires all sorts of costly infrastructure that doesn’t materialise out of the blue. And finally, there may be a handful of geeks that enjoy paying for hosting, but that only works as long as it’s a niche community. Introduce 2 billion users, and it becomes just plain impossible.
And as you cite piracy as an alternative: that’s not "free" as in software, that’s "free" as in freeloading. Someone else is paying for it, just not you. That might work to fulfil your own needs, but it’s not a viable solution for business models.
I have no idea how in the world you think that could ever work in a general sense.
Things require labor. Labor costs money. Ergo, people giving you stuff require money, somehow. A tetris clone requires so little labour, that a well-off person with too much time (ergo labor) on their hands can give you that for free, but that's not scalable for 99% of important stuff.
Because capitalism, they also require more money, YoY, than last year, meaning they can't just make a steady stream of profit. They need more profit every year.
Monetization. If people aren’t willing to pay for the products, these companies have figured out how to make the customers’ data the product.
You can pay for Google services. But even if you pay for Google One or YouTube premium, I'm sure that Google will still track your behavior and mine your data. Why would a company not "double-dip"?
Even better, by paying you prove that you have disposable income. You are a more attractive cow for advertisers to milk.
My favorite example of this is the thoroughly craven New York Times which puts content behind a paywall and loads it with awful ads aimed at people who’ve proven they are made of money.
Contrast that certain TV dayparts saturated with subprime ads promoting Medicare scams and other offerings for people who can’t spend their own money on things except for an occasional ad for a car dealer because if people weren’t driving you’d have much less reason to call a personal injury lawyer.
Ad free tiers for Netflix and whatnot have the problem that people who won’t pay for ad free aren’t really worth advertising to.
> My favorite example of this is the thoroughly craven New York Times which puts content behind a paywall and loads it with awful ads aimed at people who’ve proven they are made of money.
It's almost as if you don't remember the good old days when the NY Times sold you a physical newspaper...that was (and still is) stuffed with ads.
I do. And I remember exposes of the media business circa the 1970s that point out the synergistic relationship between subscriptions and ads, such as Ben Bagdikian pointing out that subscription revenue subsidized ads in daily papers or the fact that magazines like Vogue received much more revenue from advertising than subscriptions but wouldn't be viable if they were free because paying for a subscription qualified you as a consumer.
Lately the folks at my gas station have hit me up for a conversation whenever I was looking at newspapers, usually it is about how shocking it is how little paper you get in local papers for $2.50 or more. There are the funnies and the DBA listings and front-page articles about some chain store that isn't in our town going out of business. They don't bother to send reporters to public meetings like they did 25 years ago, and if there is a local election you might have to wait 36 hours after the results are posted by the board of elections. (Used to be a reason why I bought a paper)
Contrast that to the N.Y. Times which costs $6 or so but is a beast in terms of size (small print too!) although I'd say a lot of the content is vacuous.
There are two main reasons people hate modern ads. One is the annoyance/distraction, the other is all the myriad privacy issues.
Printed newspaper ads were only the former (and an easily skippable version compared to tv), while this topic is mainly about the latter.
The personalization economy is pernicious because you have no idea what other people are being exposed to.
On the computer attached to my stereo YouTube offers recommendations for music videos from the likes of the Super Furry Animals [1], Kanye West [2], Brothers Johnson and such. Nice stuff, with solid support that I like it, never challenging, unlike the recommendations from my Plex server.
On another computer YouTube shows me videos about stereo equipment, sometimes video game music [3], and also of the genre "Why X sucks" where X could be private equity, "the economy", a movie studio, a video game studio, a fast food restaurant, a clothing brand, etc. I wonder why public sentiment about the economy is so bad despite inflation and unemployment numbers that aren't so bad and think, "How many people are watching these videos?"
Other people get nothing but blackpill incel hell.
Ben Bagdikian wrote a book The Information Machines in 1970 about how personalized news would be possible by 1980 that was quite prophetic and was influential to me when I found it almost 20 years ago. Only recently did I find The Effete Conspiracy, his next book, where he reveals how angry and bitter he was that the work that the media industry sponsored him to do for the RAND corporation was roundly rejected by media owners uninterested in investing in the future and introduced the true but unpopular model that newspapers have a left-wing bias because reporters are left-wing and a right-wing bias because the owners are right-wing.
[1] I get accused of being a furry but I'm not, really
[2] pre-Nazi
[3] https://www.youtube.com/watch?v=Mk0A5uFoG3c
You can choose not to use Google at all. Pay other companies like FastMail. Kagi for search, etc.
You can pay not Google for services too. Most people don't, though. If ALL people that used free stuff (like gmail) suddenly started paying an appropriate amount to competitors, the problems may solve themselves. But people don't do that, because they're cheap or care more about their money than their data/privacy.
Now, all this is of course an inevitable consequence of capitalism, but that's not a conversation anyone herre seems ready for.
This is a dumb take. They will make money every way they can.
We are paying for phones but we are still the product. Google Facebook etc were explicitly created to monetize privacy. What I search for is monetized. Who I know is monetized. Private companies will monetize what we perceive as public goods to our detriment.
Most paid streaming services now started showing ads because they are looking for more revenue and profit.
> If people aren’t willing to pay for the products, these companies have figured out how to make the customers’ data the product.
This happens even when people pay for the products. See for instance the enshittification of streaming "ad free" services.
It's become so terrible that I've given up on trying to secure Android anymore because it's become essentially impossible. This is the primary reason why my current smartphone is my last smartphone.
WhatsApp is surveillanceware from a surveillance company.
Anyone running into this problem willingly opted in to having surveillance software on their device. Meta’s track record is not secret.
money
Because that way they can build profiles of you and use them to manipulate you into buying junk you don't need. That, in turn, makes the line go up and the share holders happy.
That's tech capitalism in a nutshell.
Why do I keep getting ads for stuff I can't afford then?
So that when you see all that stuff you can't afford on the neighbor/coworker or your friend's place, you can be envious, so their spending was worth it.
Same with all those car and watch ads in magazines. It's not like regular people are constantly looking to buy a new car. But the brand must be etched into brains. Your neighbor must be reasonably convinced that people around him are on the same page regarding the prestige of a certain brand, else it's not worth spending on. So even if you can't afford whatever car model, the fact that you're aware that it's prestigious is already worth it.
This is somewhat weaker in personalized online ads because your neighbor can't know what ads you saw. Billboards and super bowl ads a much better for establishing common knowledge, but perhaps that's why influencer-based marketing is gaining ground. All followers know that all followers saw the embedded ad. Maybe they should introduce ads where it says "Your friend Joe Schmo watched the following ad:"
This might hold water in 1980 when neighbors talked to each other and coworkers often worked in the same building and didn't wear Bluetooth earbuds, but I don't know so much about now.
I largely get ads for things I already have bought. Otherwise, it's really general demographic stuff that doesn't strike a chord.
I assume it's because I don't really browse for buyables unless I have the intent of buying something immediately. On a personal level, I fail entirely to understand the value proposition in web advertising.
Work more so you can buy more
How else are you going to keep up with the Joneses? They are just looking out for your social wellbeing
> Why do I keep getting ads for stuff I can't afford then?
You must be new here, have you not yet unlocked the wonders of credit card debt?
Get with the times, grandpa. Thanks to the wonders of buy-now-pay-later services, we don't have to worry about that anymore, just stop thinking and consume!
I wonder how much of this is actual advertising working (proven by independent A/B testing) and how much of it is big tech bullshitting their shareholders and customers. Even Veritasium had a video ~10 years ago, describing Facebook's way of reducing view counts to coerce advertisers to pay higher.
Buying junk is so yesterday. Today the game is to feed you conspiracies and farm political support.
What exactly is being monitored? It looks like this enabled Gemini to send a message via Whatsapp if you ask it to.
Maybe the problem is what you consider a privacy violation, other users consider a feature.
RTFA.
Don't act like your opinion is the only one that matters. You may not, but other people do care about their privacy.
"Here's the thing: Google promises that under normal circumstances, Gemini cannot read or summarize your WhatsApp messages. But, and this is a big but, with the "help" of the Google Assistant or the Utilities app, it may view your messages (including images), read and respond to your WhatsApp notifications, and more."
Doesn't matter what your opinion is on privacy, google doesn't give you the option to opt out. - "regardless of whether your Gemini Apps Activity is on or off."
The article claims Gemini can read your messages but Google denies that. From Google's own documentation:
> What Gemini can’t do with WhatsApp
> Read or summarize your messages
> Add or read images, gifs, or memes in your messages
> Add or play audio or videos in your messages
> Read or respond to WhatsApp notifications
Of course, it's possible neowin says Google is lying, but they'll need to come up with something better than "maybe something may happen in the future" if they're going to make these claims.
It seems like OP (bix6) is the one who needs to be lectured that their opinion isn't the only one that matters, not me. My point is that different people have different opinions. Just because someone thinks an app violates their privacy doesn't mean they get to unilaterally decide the app shouldn't exist.
If someone is concerned with their privacy by this feature, then they can just not use it. If someone is concerned that someone else might use this feature on private communications they had with the user, then that person misunderstands privacy and needs to realize that once they communicate their remarks to some other party, their ability to control their privacy to their own standards goes out the window generally, and not just with AI apps.
One problem with this sort of thing is that—sure, we can call privacy violation an opinion and admit that some people have dumb opinions like “I don’t need any privacy.” But unfortunately only one person needs to let the privacy violation bot into the conversation to violate everybody’s privacy, so it isn’t as if your opinion will really be respected.
Of course, the easy solution is that nobody has conversations that might need privacy anymore; people can just always be in public persona mode. Hopefully we don’t end up with a society made up of inauthentic lonely people as a result.
I think if I understand the article correctly it sounds like Google might also be reading the messages so it can respond for you. Regardless I think the other thing people might not be happy about is Gemini can still interact with apps regardless of if you have app activity turned on or off, as quoted from the linked email in the article: What's changing Gemini will soon be able to help you use Phone, Messages, WhatsApp, and Utilities on your phone, whether your Gemini Apps Activity is on or off
Google's own documentation explicitly states it cannot read your messages or notifications. You can ask it to compose a message for you or start a call, though.
[dead]
[flagged]
simple solution: don't have a digital life
As someone without a digital life, Simple ≠ Easy.
I find it pretty easy. I don't have WhatsApp, Instagram, Facebook, LinkIn, or anything else really besides a few forum memberships like the one here.
Your ISP and device manufacturers are still tracking you though?
my telecom pinging my device (Sonim flip phone) location is quite different than my personality and political views being widely scrapeable.
My phone's manufacturer doesn't track me. Sent from my Librem 5. Also I use Tor.
Gemini being able to read WhatsApp messages (when explicitly asked) and take actions can be convenient. If it does so without prompting or feeds the data back into their model in any way for training - that's a big no.
It's apparently obvious to you that "hey Gemini, can you message Mike that I love him?" means the text is first sent to Google and then back to your phone and then by your phone to Mike. This isn't the case for everyone, perhaps also because it's not necessarily that way: https://www.macworld.com/article/678307/how-to-use-siri-offl... I couldn't find whether tasks related to "reading your messages" (like text to speech while you're driving or so) is a thing Siri does, but it obviously talks to you and if you tell it to send a message then that works offline so evidently there is some access there without needing to first upload it to the assistant's vendor
How does it work technically?
Does Whatsapp expose these messages via an API? If yes, then it seems like this is not only on Google.
If no: Are they reading data from raw UI widgets? Are they intercepting input controls? Are they intercepting network traffic? That seems unlikely, given its probably end to end encrypted and the decryption happens within the scope of the Whatsapp process.
Maybe it uses Accessibility...
>When granted, an app with accessibility permission can:
> If no: Are they reading data from raw UI widgets? Are they intercepting input controls?
Why not... they control the OS, it'd be trivial to add hooks to the "draw widget" command to intercept that it's about to draw a text widget for WhatsApp, and then ask it to log the text.
My understanding (may be wrong):
WhatsApp data is encrypted, however, the keys are on the device itself and accessible on Android. There are many third-party apps that support transferring WhatsApp data from one phone to another, and some even claim so between Android and iOS devices. As I understand, the chats are in some usual database format. So anyone having access to the device can read the data even without WhatsApp being there itself (as far as the data is there).
>Does Whatsapp expose these messages via an API?
Whatsapp has dark patterns that "guide" you to "archive" your chats on google drive.
> With Gemini Apps Activity turned off, their Gemini chats are not being reviewed or used to improve our AI models.
Indeed bizarre as the statement doesn't say much about data collection or retention.
More generally, I'm conflicted here -- I'm big on personal privacy but the power & convenience that AI will bring will probably be too great to overcome. I'm hoping that powerful, locally-run AI models will become a mainstream alternative.
Personally, I prefer AI to stay in its own corner. Let ChatGPT, Gemini, and the rest be something I open when I need them, like a website or an app. I'm not really into the whole "everything should have AI built into it" idea.
It kind of reminds me of how the internet used to be. Back then, you had to go to a specific room to use the family computer. The internet was something you visited. Now, tech is everywhere, from our pockets to our bathrooms. I’m not sure I want AI following that same path.
Agreed the privacy that keeping AI "in a corner" appeals to me too.
The fundamental catch here is that 80%+ of the future benefit will likely come from the very thing that erodes privacy: deep integration and context. Imagine if a Gemini had your entire life in its context (haha scary I know!), prompting would be so much more powerful.
That's the core, uncomfortable trade-off we're all facing now.
It's not an uncomfortable tradeoff to me. These systems being deeply integrated is simply too high of a price to pay. I cannot imagine a future benefit so great that it would be worth that.
> Imagine if a Gemini had your entire life in its context (haha scary I know!)
Windows Recall [1] is this for your PC activities (not yet fed to AI, but I see no reason to think it will stay this way). Meta is working on glasses to record the IRL part. But your phone is probably enough for most of it. Joining Zoom meetings with AI note takers is getting popular [2]. Not long until in-person meetings will have AI listening in from the phone mics, of course just to increase productivity and to summarize and remind you later. Convenience!
[1] https://support.microsoft.com/en-us/windows/retrace-your-ste... [2] https://news.ycombinator.com/item?id=44446916
If I can have the AI agent attend the meeting for me in the first place, and then provide me the notes that's the winning play. Take the morning stand-up: all the developers' agents know what they are working on and what any blockers are. They can all exchange information in a virtual AI meeting and then send the notes around. Meanwhile all the developers are getting something productive done.
Reminds me of this https://youtu.be/VcHc54Z_b3w
It's going the opposite direction. AI won't be inside each different thing, instead everything else will be nested under the AI. Like Gemini here. AI will have user-equivalent access to interact with any app. It will be the default and people will not mind it because it's convenient and if you have nothing to hide.
Women were sharing their menstruation information with apps, until they surprisingly ended up in a corrupt regime with a corrupt judiciary that weaponizes this information to take away the rights over their own body...
What if you do have something to hide?
My approach has been to lock AI assistants (for me, that's just Apple intelligence as far as I can help it) out of integrations with the vast majority of apps, and especially chat and email apps.
At some point, some reverse engineer will publish a writeup either confirming or denying how local these models are, how much data (and maybe even what data) is being sent up to the mothership, and how these integrations appear to be implemented.
It's not perfect, and it only offers a point-in-time view of the situation, but it's the best we can do in an intensely closed-source world. I'd be happier if these companies published the code (regardless of the license) and allowed users to test for build parity.
Maybe at some point, Apple is/was trying to do everything locally but it appears they have recently decided to move away from that idea and use OpenAI.
I can understand why: you’re only using locally-run AI models every so often (maybe a few times a day), but when you use it, you still want it to be fast.
So it will need to be a pretty heavy AI chip in your phone to be able to deliver that, which spends most of the time idling.
Since compute costs are insane for AI, it only makes sense to optimize this and do the inference in the cloud.
Maybe at some point local AI will be possible, but they’ll always be able to run much more powerful models in the cloud, because it makes much more sense from an economics point of view.
Google also has AI models optimized to run on phones, they're just in a lot better of a position to actually build purpose-built LLMs for phones.
It's not clear to me why certain classes of things still end up farmed out to the cloud (such as this, or is it?). Maybe their LLM hasn't been built in a very pluggable fashion.
> they have recently decided to move away from that idea and use OpenAI.
... although, to be fair, they're negotiating with OpenAI to run the models in "secure enclaves", which should, assuming everything works right which is a huge assumption, keep Apple or anybody else from reaching inside and seeing what the model is "thinking about".
> the power & convenience that AI will bring will probably be too great to overcome
What is that power? Honest question...
Assistant stuff. Like you bark "order a pepperoni pizza from Joe's Pizza" and it happens. You take a pic of your fridge and say "order stuff to stock it up to my usual levels". Or book a flight, or buy concert tickets or clothes, or get media recommendations, replan a trip while driving if you change your mind and add a stop somewhere. Ask to summarize group chat message floods. Put on some music. Control smart home gadgets.
It's hard to predict exactly though. I remember thinking in 2001 that nobody except the busiest businessmen would need a cell phone. A landline at home is perfectly enough and in special cases there are phone booths. And in 2011 I thought the same about smartphones. Why would I need email while walking in the street? Can't it wait until I'm home at the desktop? If I need computer stuff on the go, I can take a laptop. Similarly, I'm not quite sure how exactly it will go but probably in 10 years you'll need to have an AI agent to function in society. The legacy infrastructure decays if nobody uses it even if you'd prefer not to jump on the bandwagon. Today you often MUST have an app downloaded to do things, e.g. some museums require it, sometimes government services are much more tedious otherwise. Some restaurants only have a QR code and no physical menu. Often news items (from school, or local municipality) are only shared in social media. Etc. etc. I can easily imagine that there will be things you can't manually do in 2035, only by asking your AI agent to do it for you. And it will scan all your data to make sure that what you're doing is impeccable in intent and safety and permissibility (like an inverse captcha: you must be Gemini or another approved bot to do the action. As a human you have to jump a million hoops that maybe takes days of providing various details etc. And Gemini will be easy to spook and will be opinionated about whether you should really get to do that action or not.). And it will communicate behind your back with the AI of the other party to decide everything. Or who knows what. But it will be necessary to use.
>Assistant stuff. Like you bark "order a pepperoni pizza from Joe's Pizza" and it happens. You take a pic of your fridge and say "order stuff to stock it up to my usual levels". Or book a flight, or buy concert tickets or clothes, or get media recommendations, replan a trip while driving if you change your mind and add a stop somewhere. Ask to summarize group chat message floods. Put on some music. Control smart home gadgets.
Frankly, this sounds like a potential nightmare to me. Almost certainly, the big techCos that today use algorithmic "customer support" to randomly flag, ban and screw with users for completely opaque reasons and little recourse will try running all of the nice things you describe. It's very plausible that sooner or later it will become harder and harder to do any of those things by more conventional, atomic means, making you rely ever more on integrated connections between product/service providers and these ordering systems (it's "convenient", you see?) only to suddenly find yourself flagged, blocked, or banned for any number of idiotic, blandly brainless reasons and shut out of the most basic elements of your daily life.
That people would readily agree to sign up for such dependence on these opaque things is a mystery to me, and I hope a huge pushback against it happens at some point.
If you think I exaggerate, bear in mind how often such things already happen on a lesser scale in a world where having social media, a smartphone and accounts with services like Google's becomes necessary in some contexts. Also note how often someone or another finds themselves fucked when these existing dependencies suddenly get shut down because some bullshit algorithm supposedly said so.
It's also bad enough that payment systems and banking can be cut off to people who (having broken no law at all) hold some politically controversial, publicly activist discourse, or that banking and certain basic services can be withheld in some bizarre way because you live a life in which your residency or other life choices are outside the average. To have the same risks apply for ever more minor reasons across a huge swathe of just living your life is a monstrously insidious way of marginalizing and homogenizing social divergence.
Apparently, my personal account being a gsuite account is to my benefit this time as "your administrator has not enabled access to Gemini for your account".
Learn how to disable Gemini AI on Android https://tuta.com/blog/how-to-disable-gemini-on-android
Don't even know what the product is about, but it went into my shitlist for redirecting me always to a badly machine-translated page, not understanding en-us as a language code in the URL, and not having a language selector.
There are ways to disable Gemini on Android but since we are talking about WhatsApp, let me tell you that there is no way yo disable Meta AI in WhatsApp and of course you were never asked to enable it.
The whole situation is still clear as mud to me. What if I don't have the Gemini app installed, how do I get to its configuration screen? Is the component which exfiltrates the data part of the Gemini app, or is it a separate Android component which also has to be removed? What if I didn't receive that email?
> What if I don't have the Gemini app installed, how do I get to its configuration screen?
You can search "Gemini" in your settings app.
Since I always answered "Not now" when my phone wanted to replace Google Assistant with Gemini, I still have Google Assistant on my phone. When I try to bring up Gemini settings, it will ask me if I want to replace Google Assistant with Gemini, and not give me access to any Gemini-related settings.
> You can search "Gemini" in your settings app.
Thanks, but that only leads to a screen asking whether I want to enable Gemini. I decline, and it goes back to the previous screen, without opening any settings form.
This really annoys the shit out of me. First people work hard to enable E2E encryption on WhatsApp, then Google goes "lol we'll just upload your chats to Gemini cloud".
There is no such thing as privacy on a non-free OS and especially on a non-free OS with a closed app store.
We told you this would happen.
I just switched to /e/os. Soooo no the fuck they can't!
God. That feels good. Everyone should try this.
Or GrapheneOS, the best way to thank Google for making Pixel :).
(Until they have their own phone.)
It felt weird to buy a Google Pixel, only to delete Google from it.
(Until they have their own phone.)
... looks over at Framework
Unless your counterparty uses Google / Android.
More surprising is that people think this is the first time - be default your WhatsApp backups are unencrypted by default so they have had the access for long time for large part of the userbase. Also primary reason why WhatsApp hasn’t been a problem for law enforcements.
I hope the EU sues the shit/existence out of them for exfiltrating private conversations and violating the secrecy of correspondence without explicit consent
Tech corporations and their managers are basically data rapists
> for exfiltrating private conversations and violating the secrecy of correspondence without explicit consent
I have bad news for you: https://www.patrick-breyer.de/en/posts/messaging-and-chat-co...
The EU wants to exfiltrate chats as well.
That is very bad. The EU is very much not a monolith though, and both things could happen at once.
May be they are reading the notification using notifications reading service (Feature in Android) and use intents to send messages. But from intent you can either share (user action) a message to a particular contact or automatically open whatsapp on a particular contact and prefill the message in text box. May be whatapp may have exposed an intent to directly send message or they are just prefilling the text box
Not exactly related, but does anyone know what's the best way to backup WhatsApp data on an Android phone without using Google drive these days?
There is a WhatsApp folder on your phone, which contains the database of messages. You can just backup the entire folder by any standard backup method, including copy pasting.
I use Syncthing to backup WA and Signal
But isn't it quite useless to backup WA when it's all encrypted and you can't backup the key?
The backup key is shown the first time you enable encryption.
I guess they've changed this in the last 2 years or so because last time I checked they kept your key hostage and only allowed transferring all data, including the key, to a new phone.
I'm using this method since 2020 or even before. I've never ever enabled the backup on GDrive.
Is your phone rooted?
Would you happen to have good resources detailing the process?
Pretty much what I summarized back in 2019: https://scarpino.dev/posts/automated-phone-backup-with-synct...
Nowayadays Syncthing is no more maintained due to some PlayStore drama, but Syncthing-Fork is a good replacement.
I confess I got a pretty good laugh out of seeing this on the same day I saw billboards bragging that "not even WhatsApp can read your messages." Oops.
If you use Google to backup your WhatsApp chats (most people do), Google can already read your messages, because the backup is not encrypted.
I think this hasn't been true for a couple of years now
https://faq.whatsapp.com/490592613091019
Encrypted backups are "off" by default and need to be explicity turned on.
At least Google users get a usable AI for all of their phones spying.
Siri can't even pronounce my own name correctly!
I wonder what meta will do, they recently introduced meta ai inside WhatsApp (even though I didn’t enable it, or asked for it), it’s just floating there.
With Gemini having access, those who are happy to give AI access to their apps would surely prefer Gemini as it will be phone wide instead of meta ai which only runs inside WhatsApp.
This is concerning but I am telling my Whatsapp user friends about the access to their immense data that Meta has and they should be concerned. But even the friends in tech, who lead massive product development, feel there is nothing concerning.
What do you tell them the risk is?
Oof, that's not what the WhatsApp ads on the train station platform say.
It looks like a new EU fine is coming... But this time it should come fast because this is unacceptable
Any way for other AI apps to do that. It could be nice to have a local open source app doing the same. Does something like that exist?
Why does Whatsapp allow this? It defeats their whole encryption Spiel.
No amount of in-transit encryption can help when google controls the OS.
WhatsApp by default backs up messages to Google Drive. It has done so for many years. Google likely already has all your chat data.
That data is encrypted
Now it is, but when they offered this feature initially it wasn't, and when they added the feature, you had to go in the options to turn it on. Evil.
Being unable to easily uninstall is quite annoying. Reminds me of the old Microsoft with their deep integration of Internet Explorer into the OS.
This is why we need free software and free phones. I want the software I run to work for me.
Honestly I was surprised not to see an announcement for some kind of agentic API in Android during GIO. Think some kind of combination of content providers and a rest interface, defined by the developers of each app.
Having the system level agent needing to interface with the UI in such a messy way doesn't feel like the best way for it to accomplish its tasks.
Do people use Gemini on their phones? Does it do anything if you’re not using it?
Google promises
That gave me a good belly laugh. Thankyou Google.
In the year 2025 I can’t think of any reason a person would use Signal instead of WhatsApp. All your friends and family should move to Signal if that is your excuse.
It was fairly easy to move people I talk with to signal. I stopped responding to anything else. I don’t miss the few people who didn’t adjust.
Mostly for QoL and polish, which WhatsApp has the upper hand in. Perhaps most notably, WhatsApp treats desktop as a first-tier platform instead of as an afterthought, which makes its desktop app considerably nicer.
> In the year 2025 I can’t think of any reason a person would use Signal instead of WhatsApp.
I can. Several, actuallly
> All your friends and family should move to Signal if that is your excuse.
They did. Those that didn't/won't, do have my telephone number, though.
There seems to be this blatant forcing AI products on people. WhatsApp themselves have an AI feature that you can't turn off or remove. Their only advice is to simply not use it. Is it just a massive push before regulations or are they speed running annoying everyone so much that regulation is the only option?
Sorry, but this title sounds overly click-baity to me. Google definitely can’t read or write my WhatsApp messages. Because I’m not using an Android/Google phone with WhatsApp on it. Although I am using both Gemini and WhatsApp, the whole article doesn’t apply to me, and surely I’m not unique in this.
> Google can now read your WhatsApp messages
Now ? I guess some people really need a reality check. Google controls the OS which runs of your phone and has access to all your data. Just like Apple or Microsoft.
just stop using whatsapp
e2e encryption is insufficient when you don't control the host, and though you may own your Android/iOS device - the proprietary stack owns you.
Sorry, but hasn't Google Assistant had this same access for the past 10 years?
Do you not have to prompt Gemini to initiate any search?
If this is true, Zuck will be furious.
"What are you going to do, huh?" -- with love, Google.
If you connect Gemini to Assistant, and connect Assistant to Whatsapp, then you have connected Gemini to Whatsapp.
https://support.google.com/assistant/answer/9984245?hl=en
Documentation is unclear, but it appears Gemini is always connected to Utilities, and Utilities is always connected to Whatsapp, and the data flow between these apps is not documented.
how does this work ? Aren't the whatsapp data encrypted locally ?
You have to unencrypt data to process it and as soon as you do that, the right Kernel APIs are enough to see whatever you want -- here the accessibility APIs are probably enough to read any text you would be able to read.
another person in the thread suggests it's working over a screen capture stream. But that's what i'm wondering : are they working over a video of the screen or by integrating directly with the internals of the OS.
The more likely candidate is reading notifications, no?
If Android can render the messages, Google must have a way to access them.
yes WhatsApp messages are stored in an encrypted sqlite database.
I'm not an android dev so I'm not positive about this but I expect whatsapp is shipping their app with "App Actions" interface giving the assisstant certain actions it can perform, so this is not wholesale database access. See [0]
App Actions extend your in-app functionality to Assistant, enabling users to access your app's features by voice. When a user invokes an App Action, Assistant matches the query to a BII declared in your shortcuts.xml resource, launching your app at the requested screen or displaying an Android widget.
You declare BIIs in your app using Android capability elements. When you upload your app using the Google Play console, Google registers the capabilities declared in your app and makes them available for users to access from Assistant.
https://developer.android.com/develop/devices/assistant/over...
Screen reader?
oh ok, didn't understand that it was working over a screen capture stream... thanks !
Just a kind reminder that you can't delete chats on Gemini if you're using a Google Workspace account.
I don't know how they believe that this is remotely a good thing, or if this is even in accordance with the GDPR.
Now just assume something odd happens and it pulls in a couple of your WhatsApp messages into its Activity History.
Don’t most people do WhatsApp backups to Google Drive? Google already has your entire chat history.
Choose your own adventure:
1. Security > Privacy > Convenience 2. Security > Convenience > Privacy 3. Privacy > Security > Convenience 4. Privacy > Convenience > Security 5. Convenience > Security > Privacy 6. Convenience > Privacy > Security
> Privacy > Security
There's no privacy without security.
More precisely, confidentiality is one dimension of information security. It doesnt make sense to put them against each other.
AI has really accelerated enshitification
If you do not like this, file a complaint with your State's AG. I just did that.
I do not use WhatsApp, but I have other apps I do not want google to see.
Not every state(, country, province, region, whatever) has laws that restrict or prohibit this kind of activity. A complaint to a public prosecutor may not be a good option for many people, especially in the US which historically has had very permissive laws about how corporations can handle user data (with some exceptions like the CCPA, though TBD if that legislation would do much here).
Don't use Gemini then, it seems pretty simple
As the article states, "After turning it off, Google will still retain your data for up to 72 hours to "maintain safety and security of Gemini Apps" and allow Gemini to respond contextually.""
Which means, AFAICT, it doesn't matter if you turn it off or not, Google still collects information and stores it for 72 hours as part of the core functionality of the operating system.
That's if you used Gemini with this feature. And if you haven't...?
One doesn't even need to have a google account at all if one doesn't want to do business with them
WhatsApp backup on your Google account contains all your message history, and is unencrypted. If you use google cloud backup for your phone, Google can read your WhatsApp messages, and has been able to do so for more than 5 years now.
There's an option to enable end-to-end encryption on your backups.
https://faq.whatsapp.com/490592613091019
Nice. It wasn’t there last time I checked.
I wonder what percentage of WhatsApp users backup to Google cloud, and what percentage of those use encryption.
There's a lot of business happening on WhatsApp. I don't think Google cares that much about the messages I sent to my family (although it helps with profiling and ad targetting) but I bet the real money is understanding what people are buying and how they do commerce in WhatsApp.
I don't see what the problem is. If the User doesn't want Gemini to read his or her messages, the User doesn't have to partake in the sending of the messages. Simple! A User agrees to be bound by the ToS (Terms of Service) in having they do take to receive the user agreement as bound in law by Google. The User doesn't need to understand or have the right to contest the agreement or the use of any data created by a User, as the User can simply not use the product or service as governed by the same Google ToS. Simple!
So simple. :-)
[dead]
Things like these make me glad to have a Xiaomi phone with their minimal implementation of Google instead of a full on Android phone. I get to avoid this stuff being pushed on me, and I don't use any of the Xiaomi "AI" stuff (which wouldn't support foreign apps anyway).
Granted, my data is definitely being sent to Xiaomi analytics, fixed by NextDNS. Re: governmental influence, I'd prefer Chinese to US (then again, that is my ethnicity bias). Recent events make the two governments look more similar than ever.