Is my phone listening to me? A step-by-step privacy check

Stories of phones listening to people and displaying ads for products they were just talking about have become widespread. Despite most major platforms stating the opposite, people often worry that the passive listening features of voice assistant programs might constantly record their audio.

On top of that, many phone users have concerns about excessive app permissions, apps that secretly grant themselves permissions, and local policies around data collection.

This guide will walk you through the circumstances in which your audio is recorded, what data platforms collect, and what you can do to prevent your phone from recording you.

Why your phone might be listening to you

Phones contain microphones capable of listening passively and reacting to certain commands. Additionally, many apps and device features are designed to use or require voice input. Here are some of the reasons that your phone might be listening.

Wake words in voice assistants

Voice assistants like Siri, Google Assistant, and Alexa rely on wake words like “Hey Siri” or “OK Google” to function. If these services are enabled on your phone, it will passively listen to you, waiting for the activation phrase.

Most manufacturers state that this data remains on-device until triggered, but it’s possible for false positives to occur. These false positives can activate the assistant and unintentionally record your conversations. The clips may then be uploaded to the provider's cloud servers for processing and, in some cases, reviewed by real analysts.

The good news is that phone companies generally let you disable voice activation or opt out of voice data storage.

App permissions that enable listening

Apps installed on your phone can request access to the microphone, often whenever you install or first use them. Of course, many apps have clear use cases for this, such as voice recorders, video chat, speech-to-text, hands-free access, and other accessibility features.

However, some untrustworthy apps may request microphone access unnecessarily and listen in the background, especially if granted permission to run while not in use. Older versions of Android or iOS didn’t always show when the mic was active, but modern systems now provide visual indicators. Android added this feature in version 12 (2021), and iOS in version 14 (2020).

While apps can’t add new permissions without your approval, some malicious apps may try to trick you into granting more access or misuse existing permissions. This risk is higher with apps from third-party stores, which may request unwarranted permissions. To stay safe, it’s best to stick to official app stores and regularly review your app permissions.

How data is collected for targeted ads

It’s easy to imagine that your phone is always listening to you to deliver ads, but the truth is that ad targeting systems rely on massive data aggregation from multiple sources. These can include your location history, browsing habits, app usage, purchase activity, contact lists, and social media behavior.

This data then gets compiled into behavioral profiles that can predict your interests with high accuracy and sometimes align with your recent conversations in an unsettling fashion. In many cases, this happens because advertisers detect that you’ve been near someone who searched for or talked about a product, triggering cross-device ads.

For example, if you visit a friend’s house and you have a conversation about a book, you might see an advertisement for that book later on. This isn’t because your phone is listening; it’s more likely your friend researched or discussed the book online.

If you’ve allowed apps to share data with third parties, those parties can include ad networks. This form of passive data sharing is legal under most terms of service and is easy to mistake for a company recording your audio.

How to test if your phone is listening

If you think your phone is eavesdropping on you, here’s a simple way to check. Just keep in mind that this isn’t based on any real scientific data; it’s a simple ‘just-for-fun’ test.

Step 1. Choose a unique topic to talk about

Pick a subject that’s highly specific and unrelated to your usual interests. Ideally, pick something that you've never searched for or talked about while online. For example, you might say phrases out loud like “I wish I had a middle-aged platypus” or “Where can I find a brown fedora?”

Your goal is to avoid any possibility that your phone’s ad system already has any behavioral data on the topic. That way, there’s no chance that it would appear under your normal advertisements.

If it’s possible, make sure that nobody in your household or your close friends has interests that are similar to what you researched. Using the example above, if you have children in your house, you might get a normal advertisement for a popular kids’ show starring a fedora-wearing platypus.

Step 2. Talk near your phone without searching

Over the next few days, speak about your chosen topic out loud near your phone several times a day. Try to consistently mention the topic while the phone is idle and the screen is off. Avoid typing, searching, or clicking on anything related to it, as any online interaction will alter your results.

For this test to work, make sure that any voice activation apps like Siri or Alexa remain active. In theory, they’re not listening to you when they aren’t activated by their wake commands.

Step 3. Watch for related ads or content

Monitor your Google ads, social media feeds, and any other application that displays advertisements. If ads start appearing that directly match your spoken conversations, even though you’ve never engaged with that idea online before, you may have reason to be suspicious.

Limitations of this phone listening test

This method is not scientifically reliable; ad targeting is driven by extremely complex algorithms that take into consideration your location, browsing, device IDs, behavioral data, and more.

Just because an ad appears doesn’t prove your phone listened; it may result from metadata correlation, third-party data, or just a coincidence. You’d need complex forensic tools and a lot of technical experience to ascertain beyond doubt that your phone is really listening.

Is it legal for your phone to listen to you without your consent?

Broadly speaking, it’s illegal in most countries for devices, including phones, to record or transmit audio without the user's consent. That said, consent laws vary widely.

Some countries require one-party consent, where only one participant in a conversation needs to agree to recording, while others require all-party consent. And some countries allow recording where there is no “reasonable” expectation of privacy.

Also, when you agree to app permissions or terms of service, you may be legally authorizing that company to record you with your microphone. Depending on the app, you could be listened to by the platform itself, your ISP, or even your boss without being fully aware.

These data logs can also be requested by your local government. While the details vary, every country has some way that law enforcement can access this data. For example, the ECPA Title 3 and the GDPR article 6 allow governments to request your data logs under certain circumstances.

U.S. and EU privacy laws

These real-world laws directly or indirectly regulate microphone access and voice data collection:

1. GDPR (2018, EU): This law requires companies to obtain clear consent before collecting personal data, including voice recordings. Through the GDPR, users retain extensive rights to access, correct, or delete data. Organizations that violate these policies face heavy fines. The GDPR is the current gold standard for user privacy protection laws.
2. ePrivacy Directive (2002, EU): The ePrivacy Directive mandated consent before storing or accessing data on user devices. This law is similar to the GDPR and came into force in the early days of the internet when privacy concerns were just beginning to come to international attention.
3. CCPA (2020, California): The CCPA protects consumers by mandating transparency in what a company does with your data, and it protects users' rights to opt out of having their data stored, including microphone recordings. It also allows users to delete their data.
4. ECPA (1986, U.S.): This broad law makes unauthorized interception of communications devices illegal. While this law varies and permits one-party consent in many states, companies must still adhere to the ECPA.
5. BIPA (2008, Illinois): BIPA sets extremely strict laws for what a company can do with biometric data, including voiceprints. It requires companies to obtain written consent before data collection. Violation of BIPA comes with hefty fines and has led to several high-profile lawsuits.

Platform policies on data and microphone use

Major tech companies must provide transparency about how and when they use your microphone. Here are a few examples of major platforms' policies.

• Apple (Siri): Audio is only processed after the phrase "Hey Siri" is used. Recordings are not stored by default unless you opt in. You can also review and delete your Siri history.
• Google (Assistant): Google records audio after hearing the wake word if you’ve enabled Voice & Audio Activity. You can manually review and delete any stored history.
• Amazon (Alexa): Alexa stores and uses voice commands after hearing the wake word. Recordings are saved by default but can be deleted from your settings menu.
• Meta (Facebook): Facebook apps request microphone access for features like voice messages, but Meta’s policy states that it doesn’t use audio for ad targeting.

How to stop your phone from listening to you (iOS and Android)

Disable voice assistants

Voice assistants like Siri and Google Assistant rely on passive listening to detect wake words. Disabling them prevents background audio from accidentally activating the microphone. This is the most effective way to stop unintentional voice capture and ensure that your phone isn’t always ready to listen.

How to turn off Siri (iOS)

Here’s how you can disable both the automatic and manual activation of Siri’s voice commands.

1. Go to Settings.
   
2. Open Apple Intelligence & Siri.
   
3. Turn off the Listen function for Hey Siri.
   
4. Toggle off Press Side Button for Siri.
   
5. Toggle off Allow Siri When Locked.
   

How to turn off Google Assistant (Android and iOS)

To turn off Google Assistant:

1. Open the Google app.
   
2. Tap on your profile icon.
   
3. Open Settings.
   
4. Tap on Google Assistant.
   
5. Tap Voice Match, then toggle off Hey Google.
   

Turn off microphone access for apps

You should restrict microphone access to essential apps only. You can manually review and remove mic permissions for apps you don’t trust.

iPhone microphone settings

Here’s how you can easily change your iPhone’s microphone settings and prevent it from using your microphone, even in the background.

1. Go to Settings.
   
2. Open the Privacy & Security or Privacy menu.
   
3. Next, tap on Microphone.
   
4. Review and toggle off any app that shouldn't have access. Note that some apps require microphone permissions to function.
   

Android microphone settings

For newer Android phones (version 12 and above), follow these steps.

1. Go to Settings > Apps.
   
2. Tap on See all apps.
   
3. Choose an app that you want to review.
   
4. Open Permissions.
   
5. Finally, open Microphone and manage your settings.
   
6. While it’s open, consider changing your privacy settings for better overall security.

To restrict mic access on an older Android (11 and below), follow these steps instead.

1. Open Settings.
   
2. Tap on Privacy.
   
3. Open the Permission manager.
   
4. Click on Microphone.
   
5. Tap Deny to remove an app’s access to your mic.
   

Delete voice history from Siri, Google, and Alexa

Stored voice recordings can be reviewed and deleted from your account settings. Deleting these reduces stored data and prevents future use for AI training or advertising.

Siri

1. Open your Settings app and go to Siri or Apple Intellgence & Siri.
   
2. Tap on Delete Siri & Dictation History.
   
3. Confirm by pressing the Delete button.

Google

1. Visit myactivity.google.com and log in.
   
2. Find Web & App Activity.
   
3. Click on See and delete activity.
   
4. Delete your data. You’ll need to accept a few prompts.
   

Alexa

1. Open the Amazon website and mouse over the Account & Lists option.
   
2. Click Manage Your Content and Devices.
   
3. Mouse over Privacy Settings and click on Alexa Privacy.
   
4. Click the Review Voice History option.
   
5. Choose All History in the Filter by date section and All devices and profiles in the Filter by device or profile section, then click Delete all of my recordings.
   

6 privacy tips to keep your conversations private

Use only verified apps from official stores

Apps from unofficial sources can bypass your phone’s regular security protocols and might contain hidden malware designed to access your camera or microphone. Sideloading, jailbreaking, or using third-party app stores significantly increases the risk of being spied on.

When downloading apps, always use the official app stores, since these stores have more reliable vetting processes and are less likely to harbor threats. Even then, it’s important to read user reviews and ensure you’re using the official app for whatever service you want to access.

Review and revoke unnecessary app permissions

Some apps request access to your microphone, camera, location, and more, even if it’s not essential to function. You should regularly review your phone’s app permissions and make sure that no apps have permissions that you don’t want them to have. On both Android and iOS, you can manage these permissions under your privacy settings.

Keep your software and apps updated

Outdated software is easy to exploit. Updates often include vital security patches that fix known vulnerabilities used by criminals to gain unauthorized access, including to your camera or microphone. These security patches can also fix the vulnerabilities that enable malicious apps to access your microphone and camera.

In general, you should always have automatic updates enabled to ensure you’re protected the moment the new patch comes out. Make sure you regularly update your phone, browser, and every app you have installed to minimize the chance of attacks.

Delete old voice assistant logs

It’s possible for voice assistants to store previous recordings on company servers for training or review purposes. Fortunately, you can manually delete these logs from your account settings. Regularly deleting your data limits the amount of personal information being retained in any given company's cloud and helps protect your privacy.

However, some companies may retain a copy of these logs for a given period of time, depending on the service. For example, [0]=8.ex.2-HowLongWeNeed" target="blank_" rel="nofollow noopener">Meta’s privacy policy states that it will retain a copy of your data for legal reasons, such as litigation or to protect itself.

Use a VPN to encrypt your traffic

A virtual private network (VPN) encrypts all internet traffic between your device and the VPN server, which protects you from data interception. While it doesn’t block microphone access, it stops your ISP, advertisers, or potential attackers from monitoring your online activity. For example, you could install a good iOS VPN to encrypt your data and mask your IP address on your phone.

ExpressVPN uses powerful encryption and has an airtight no-logs policy, meaning the company will never log your data. It also offers built-in protection against malware, making it harder for a malicious program to gain access to your microphone.

Cover or disable mic access when not needed

When you're not using any voice features, you can disable microphone access entirely through your system settings or app-specific controls. If you’re really concerned, you could also physically cover your microphone with something. You can buy microphone covers, but using tape or a sleeve to muffle noise can also help.