Allo App Of Google Can Uncover What You’ve Searched To Your FriendsAllo, Google’s mobile messaging app can uncover your Google search history to people you message, which could have big privacy implications. The behavior appears to be a defect. I noticed the problem in a recent voice conversation with a friend, in which I was testing the app. Allo includes Google Assistant, the company’s latest version of its virtual assistant software. Google recently announced plans to make Assistant accessible on Android phones. The feature has been available on Google’s own Google Home and Pixel phone, its competitor to Amazon’s wildly successful Echo.

An exclusive feature of Allo is that you can use Assistant while in the middle of a conversation with a friend. For example, while talking to your friend about where to eat, you can ask Assistant to search for restaurants in a certain area. But Assistant isn’t always perfect. Sometimes, it responds with answers unrelated to questions at hand, or it will respond with an answer to an earlier question and it’s then that it can negligently disclose a previous search query. In the middle of our conversation, my friend directed Assistant to identify itself. Instead of offering a pithy retort or a name, it responded with a link from Harry Potter fan website Pottermore.

The link led to an extract from “Harry Potter and the Order of the Phoenix,” the fifth book in J.K. Rowling’s Harry Potter series. But the response was not merely a nonsequitur. It was a result related to previous searches my friend said he had done a few days earlier. It didn’t come from any of my search histories, since I had not viewed any Harry Potter-related websites in the days before our conversation. We also did not mention Harry Potter in our text exchange until Assistant brought it up.

Fortunately, in this case, it was just Harry Potter stuff. But you can imagine how uncomfortable it could be if something more sensitive popped up. It seems to be a potentially damaging glitch since it could become a major privacy issue for anyone using the app. Already, Allo has been disapproved by privacy backer because it does not use end-to-end encryption by default. Messages sent in default modes are accessible to law enforcement agencies by warrant. Assistant tries to safeguard against sharing private information in Allo.