When it was announced in 2013, the Xbox One was met with concern and criticism. Confusion about the Xbox One’s always-online nature, used game-stopping DRM functionality, and other controversial features led many to see the new Microsoft console as anti-consumer. Looking back on the Xbox One’s launch in 2018, Xbox head Phil Spencer said the team was in “a world of pain,” and many thought Xbox leadership had gone tone-deaf to customers’ desires. Even if Xbox executives weren’t listening to their fans, though, the Xbox consoles themselves were, through the Xbox Kinect and, later, Cortana. It turns out third-party contractors hired by Microsoft were listening, too.
A Motherboard report yesterday revealed that contractors working for Microsoft listened to audio recordings captured by users’ Xbox consoles. The contractors listened in order to improve the consoles’ voice command functionality, but recordings were sometimes triggered by mistake. While former contractors anonymously told Motherboard that these recordings mostly consisted of the same types of standard commands — “Xbox, tell Solas to heal” or “Xbox, give me all the games for free” — recordings sometimes captured audio not related to the voice commands.
“Most of the Xbox related stuff I can recall doing was obviously unintentional activations,” a contractor currently working for Microsoft told Motherboard, “with people telling Cortana ‘No’ as they were obviously in the middle of a game and doing normal game chat.”
Before the Xbox One launched, Microsoft planned for the console to require a connection to an Xbox Kinect camera (available with the Xbox 360 prior to the Xbox One’s launch). The company posted an article in June 2013 titled “Privacy by Design: How Xbox One and the New Kinect Sensor Put You in Control,” which detailed the settings users would be able to activate in order to control what the Kinect saw and heard. The article claimed that videos, photos, facial expressions, heart rate, and other data recorded by the Kinect would “not leave your Xbox One without your explicit permission.” Still, concerns privacy concerns related to the camera led Microsoft to make the Kinect no longer mandatory, though the Kinect still shipped with launch Xbox One console bundles. Microsoft later introduced the Siri-equivalent Cortana voice assistant, which furthered the Xbox One’s voice command capabilities. An Xbox One dashboard redesign tested in July removed Cortana from testers’ consoles, requiring users to issue Xbox One voice commands through a separate device.
While the content of the Xbox audio recordings reported by contractors isn’t particularly alarming on its own, it’s the use of contractors in the first place that makes the recordings noteworthy. Apple and Google paused human reviews of Siri and Google Assistant audio recordings earlier this month after it was reported that Apple contractors heard private conversations and even sexual encounters while listening for accuracy. The addition of a third-party audio processor seems to inherently increase the number of vectors for data to leak. Even if it never does leak, as in the Xbox audio’s case, the idea of users’ audio being heard by people other than the users themselves and by those at Xbox/Microsoft is enough to raise privacy concerns in the minds of many.
Users concerned about their Xbox audio privacy can manage recorded audio in their Microsoft account privacy settings.