You're referring to the claim by Israeli security researcher web developer Tal Ater that there is a "bug" in Google Chrome that allows a website to open a pop-under window that remains active even after you leave the website and which can activate a system's microphone, thus enabling the site to eavesdrop on you.
First, this is a proof-of-concept at the moment. I don't know of any reports that websites are doing this. The NSA, well, of course. What else do you expect from them ...
Google say this is not a bug but a feature : you have to enable the voice control feature for each website where it is to be used. If that website engages in shady practices by creating an invisible or pop-under window in order to continue to monitor conversations, that would be grounds for down-rating it in site reviews plus, very likely, grounds for legal action against the websiteowner (US only, I suspect). But you would probably have to be able to prove malicious intent rather than carelessness during the software creation process. I leave that discussion to others elsewhere to continue; it has no place here.
http://talater.com/chrome-is-listening/
http://gizmodo.com/google-chrome-has-a-bug-that-could-let-anyone-eavesdrop-1506483705
Update: A Google spokesperson has responded with the following comment:
The security of our users is a top priority, and this feature was designed with security and privacy in mind. We've re-investigated and this is not eligible for a reward, since a user must first enable speech recognition for each site that requests it. The feature is in compliance with the current W3C specification, and we continue to work on improvements.
Or in other words, it seems that voice recognition behavior is working as intended in the current stable build of Chrome as far as Google is concerned. But Google has modified pop-under behavior, and is looking alternative visual indicators for showing when a website is recording.
(my emphasis).