Google Allo, the new “smart messaging app that helps you say more and do more” launched earlier this week on September 21, is “dangerous” and should be avoided, according to Edward Snowden.
The former NSA contractor posted a number of tweets to warn against using the chat app at all. It is a app that “records every message you ever send and makes it available to pick up upon request.” said Snowden.
Snowden is probably right. When Google Allo was announced at Google’s I/O conference earlier this year, the messaging app was presented as a step forward for privacy. Alongside the end-to-end-encrypted Incognito Mode, the Allo team talked about bold new message retention practices, storing messages only transiently rather than indefinitely. But Google has apparently backed off on some of those features.
The version of Allo rolling out today will store all non-incognito messages by default — a clear change from Google’s earlier statements that the app would only store messages transiently and in non-identifiable form. The records will now persist until the user actively deletes them, giving Google default access to a full history of conversations in the app. Users can also avoid the logging by using Allo’s Incognito Mode, which is still fully end-to-end encrypted and unchanged from the initial announcement.
Allo is so smart that it can do “cool things” such as predicting your every word and witty emoji. But the reason it can do it is because the app has been collecting as much users’ personal data and behaviors as possible. “The more you use it, the more it improves over time,” said Snowdon on Twitter.
Allo relies on the encryption protocol used by Signal, which Snowden himself approves of as a private messaging app, but in Allo it is only active when users are in Incognito Mode.
According to Google, the change was made to improve Allo’s smart reply feature, which generates suggested responses to a given conversation. Like most machine learning systems, the smart replies work better with more data. As the Allo team tested those replies, they decided the performance boost from permanently stored messages was worth giving up privacy benefits of transient storage. We suggest you use a more private alternative to google.