It was after having dinner with a friend in London’s Canary Wharf that I first became suspicious.
We had settled into our seats and arranged our belongings – my iPhone placed in front of me on the table, as usual – when I noticed my companion was struggling to read the menu without glasses.
‘I thought you’d had laser eye surgery?’ I asked. ‘Yes,’ she replied. ‘But it only works for long distance.’
It was after having dinner with a friend in London’s Canary Wharf that I first became suspicious
It was a mundane conversation between friends, just like any other that takes place at countless dinner tables across Britain – but one which, in fact, turned into something altogether more unsettling.
Within hours, I used my mobile to scroll through my Facebook account and, with growing unease, noticed adverts for LASIK laser eye surgery and a selection of spectacles from LadyBoss glasses appearing alongside the usual updates from friends.
I don’t even wear glasses myself. Surely, I thought, it must be a coincidence? And yet the timing felt troubling.
Could it be possible that our phones are somehow eavesdropping on our conversations – and that key phrases are being logged and used to send us targeted adverts? The implications, if true, are chilling.
Ad for glasses… After talking about eyesight
We are obsessed with our phones. They accompany us to our most personal spaces – our homes, our bedrooms and bathrooms – are privy to our most intimate of conversations and are used for all aspects of our business, personal and financial lives.
But what I discovered over several days of investigation reveals what can only be described as a frightening new chapter in our relationship with these devices.
To me, there is no doubt: the microphones on our phones are indeed listening to our everyday lives.
We do not even have to be using our phones to make a call for them to eavesdrop. Unless the microphone is disabled, they appear to be able to pick up words and phrases and translate them into related adverts which then appear in apps such as Instagram and Facebook.
If I hadn’t observed this insidious behaviour for myself, I wouldn’t have believed it was possible.
Facebook, which owns Instagram and WhatsApp, completely denies using microphones to eavesdrop on conversations, or to tailor adverts.
They insist they only show adverts based on user’s interests and information they voluntarily upload. How then can they explain what I uncovered in this investigation?
Facebook, which owns Instagram and WhatsApp, completely denies using microphones to eavesdrop on conversations, or to tailor adverts
I carried my iPhone with me at all times over the course of a week. It was always switched on and close enough to me for it to be able to ‘hear’ any conversations.
One day, I visited my GP for an NHS check-up, and she booked me for a blood test. By the time I was back with the nurse to take my blood, I had received an offer on Facebook from private firm Thriva offering me a ‘blood test today’.
From there, I met a friend for lunch. I’d decided to purposely discuss obscure subjects so that my previous internet search history wouldn’t interfere with any new ads.
Ad for a blood test to track health over time
The friend told me about his love of photography. He was going to Heathrow to photograph a British Airways Boeing 757 landing and we discussed buying camera lenses.
This time, I got ads on both my Facebook and Instagram accounts from airlines AND photography companies. I hadn’t searched for either online. One ad told me ‘You don’t need to be tech savvy to edit photos’, and even showed a picture of an aeroplane.
Finally, I showed a friend a book of prints by a 19th Century artist called Aubrey Beardsley, which my father had discovered in a library that burnt down during the Second World War. I have two of his prints on my wall.
Despite never Googling the artist, you can probably guess what happened next. An advert appeared on my Instagram for the Victoria and Albert Museum with a similar image they have in their collection.
To be absolutely certain my phone was eavesdropping, I left it next to the radio and tuned into Italian news network Radio 24. Bingo.
The following day, my Instagram was full of dozens of Italian adverts, including one for an exhibition, another for a singer’s new album and various Italian holiday offers.
But that wasn’t the full extent of my phone’s espionage. It was also, I discovered, spying on my pictures.
A friend sent me a picture on WhatsApp of a £1,190 Chloe Nile leather cross-body bag that she had seen in Selfridges. I had never Googled or looked up the bag myself. It was too expensive for me, so I replied: ‘I wonder if we could find a replica.’
Days later, a similar bag popped up in an advert on my phone, priced at a far more realistic £39.99. Surely not another coincidence?
WhatsApp would say so. They insist your messages are so encrypted that even they can’t tell you what you’ve been sending.
A little research threw up a similar case of an American woman called Jen Lewis, who in 2017 posted a picture of herself on Twitter wearing a pink shirt and blue jeans.
She was subsequently targeted on Facebook by a lingerie company, which sent her an ad of a model wearing an almost identical outfit.
She wrote in a post to her page: ‘Uh, Facebook just served me a bra ad where a woman is wearing the outfit that I’m currently wearing.’
It went viral, with 21,400 ‘likes’ from people around the world. Facebook insisted it was coincidence, but thousands of people were unconvinced, suggesting that the woman’s phone or laptop camera was targeted with image-recognition software.
Of course, the questionable habits of social-media giants in harvesting our personal data is nothing new.
Most people will already know that, when they use a search engine or visit certain websites, they can expect to be targeted by related adverts in their internet browser.
But the idea that our conversations, and photographs are being collected is a different prospect entirely.
This time, I got ads on both my Facebook and Instagram accounts from airlines AND photography companies
I got in touch with Dr Vitor Jesus, senior lecturer in cyber-security and privacy at Birmingham University. ‘I’m not surprised by the sequence of events you experienced,’ he told me.
‘Every time you download an app and give it permission to access personal information, whether it be photographs, contacts or microphone, you open yourself to being targeted.
The companies tell us they do this, but the information is buried in long agreements and policies that most of us don’t bother to read. So I say, buyer beware!
Ads in Italian… After listening to Italian radio
‘There is no such thing as a free app. And at the moment, because users are technically giving permission, it is not illegal.’
This ‘permission’ is tacitly given because the microphones on most people’s phones are always left on. The phones are pre-programmed to listen for ‘trigger’ phrases which activate personal assistant apps such as Siri or Alexa.
This means that many other apps could be using the same technology without the phone owner’s knowledge.
Dr Jesus said: ‘It is entirely possible to have multiple apps listening in the background all the time, with each being triggered by keywords.
‘Your details are then passed on to the relevant companies who will bombard you with adverts.’
The precise way this works is still something of a mystery – even to experts – because it depends on which app is listening in. But it is thought that app developers create a list of keywords relating to its advertisers or their products.
The microphone sends conversations through transcription software which instantly turns it from speech to text.
If key words or phrases are present, the app triggers adverts to be sent to users.
Paolo Sartori, managing director of cyber-security firm TransWorldCom, believes companies such as Facebook, Instagram and WhatsApp have all developed algorithms that allow this process to work effectively.
Ad for a copycat bag… After getting a photo of the real thing
‘We conducted our own mini-test in the office a few months back, and it was certainly an eye-opener,’ he said. ‘We used phrases around razors and lady shaving.
That evening, one of our staff was bombarded with ads on Facebook for shaving products. She was the only one with Facebook on her phone; everyone else had removed it.’
Mr Sartori warned that this is one way free apps could make money – by selling data about their users to advertisers. He said: ‘It would explain how these social-media platforms are able to come up with adverts after we have spoken.’
But if our private lives are being used for advertising, what else is being monitored? Interestingly, none of the experts believe the social media companies are acting with malicious intent.
At the moment, we have no way of knowing for sure. And it is worrying to realise just how easily we may have opened ourselves up to being exploited for profit.
David Emm, principal security researcher at international cyber-security firm Kaspersky Lab, offered reassurance.
He said that there is not someone listening to our every word and that it is not possible for a device to determine who said what – just that the word or phrase was used by someone within earshot of the phone.
But he warned: ‘People should think more about what they download on their phones and remember that nothing is free. There are just different ways of paying.’
Of course, our phones are not the only devices with microphones or built-in cameras. Our other ‘smart’ household devices – designed to make modern life more efficient – may have a darker side, too.
From TVs and Alexa assistants to baby monitors, fridges and smart meters, reports have shown that such gadgets have the ability to record people without their permission.
I decided to ask Siri, the personal assistant app on my phone, outright whether he (or she) was listening to my conversations.
‘Hey Siri,’ I say.
‘I’m here,’ it replies.
‘Have you been listening to my conversations?’ I ask.
‘I’m not sure I understand,’ Siri replies, defensively.
‘Have you been spying on me?’ Siri knows what to say – almost as if it had been pre-programmed: ‘Nope. Are you sure you haven’t been spying on me?’
It has all the hallmarks of a modern spy thriller – only this one feels rather too real for comfort.