Curious what song is Apple playing in the auditorium ahead of its announcement? Well, here is Shazam. Turn it on and you have this music-fairy helping you know about the song in a matter of few seconds. BUT, when you turn it off on your Mac, Shazam actually never stops listening. The microphone on your MacBook remains ON for the app in the background.
Privacy concerns over Shazam's constant listening habits
Of course, we don't want Shazam to listen to our conversations all the time. Which is why the app offers the option to disable this listening. However, sliding this to OFF never actually turns the microphone off.
Patrick Wardle, a former NSA hacker, reverse-engineered the app to find out what exactly was happening. A user of his app OverSight - designed by Wardle to alert users when apps use webcam and microphone - contacted him alerting that Shazam was listening on the Mac even after switching the app off.
Wardle analyzed the code to find out the song-identification app never stops listening on the Mac. While the app doesn't "process" this audio, it is still a major concern. Here's what Shazam had to say about this problem:
The iOS and Mac apps use a shared SDK, hence the continued recording you are seeing on Mac. We use this continued recording on iOS for performance, allowing us to deliver faster song matches to users.
The SDK still pulls the audio but doesn't process it on Mac when the switch is toggled 'OFF'.
For users, it's an obvious privacy threat. But, Shazam says it's just a feature that makes the app work faster.
James Pearson, VP of global communications for Shazam, said in an emailed statement, "There is no privacy issue since the audio is not processed unless the user actively turns the app 'ON'. If the mic wasn’t left on, it would take the app longer to both initialize the mic and then start buffering audio, and this is more likely to result in a poor user experience where users ‘miss out’ on a song they were trying to identify."
Shazam told Wardle that it "will look to address this in a future update." However, in response to Motherboard, Pearson said Shazam won’t change anything, as "we do not have any reason to make changes."
The app currently doesn't store or process the recorded audio, but what if it does so in the future? Well, all you can do is trust the app. For one, I have followed Wardle's suit and deleted the app.
[Update]: Shazam's clarification
James A. Pearson, VP Global Communications Shazam, wrote to Wccftech clarifying that the concerns are only with the desktop app and that too records a "subset of the soundwaves." He also confirmed to us that the company will indeed be sending out an update in the coming days to fix the problem.
Here's his complete email statement.
Contrary to recent rumors, Shazam doesn’t record anything. Shazam accesses the microphone on devices for the exclusive purpose of obtaining a small fingerprint of a subset of the soundwaves, which are then used exclusively to find a match in Shazam’s database and then deleted.We are always sensitive to what our users experience and we respect these concerns and take them very seriously. Even though we don't recognize a meaningful risk, the company will be updating its Mac app within the next few days. Shazam has always learned from and listened to our global community.