Xbox One's Kinect, Skype app were designed for privacy

Fear not, potential Xbox One users: Kinect never lets your face touch the cloud.

Microsoft is trying to head off any concerns that the Xbox One's powerful Kinect camera might become a mass surveillance device or a source or privacy headaches.

Albert Penello, Microsoft's director of product planning for Xbox, explained a little more about how Kinect works during a question and answer session on the gaming forum NeoGAF. Most notably, he insisted that users' facial data is locked to the console, and that Skype video chat is programmed not to run in the background.

Kinect's video cameras can recognize individual users, logging them in automatically when they step in front of the television. While Microsoft has already said that certain personal data, such as facial expressions and heart rate, will not leave the console "without your explicit permission," Penello said that actual face data does not leave the console at all.

"There could be some cool features we could enable if we stored that data in the cloud, like being able to be auto-recognized at a friend's. I get asked for that feature a lot," Penello wrote. "But, for privacy reasons, your facial data doesn't leave the console."

As for Skype, Penello said the video stream will freeze when the app isn't running in the foreground. "If you go back to the home screen, or launch another app, we actually stop the video stream," he said. "We do this so the user can't even ACCIDENTALLY have the video stream going on in the background."

NuAds, no problem

Penello also responded to concerns about Microsoft's NuAds, which use Kinect and other console functions to create interactive advertisements. A report in June by StickTwiddlers discussed how Kinect's facial recognition could enable targeted ads, citing unnamed Microsoft employees.

On this point, Penello's denials weren't as categorical, but he said he's not aware of any efforts to create these kinds of adds. "We have a lot more interesting and pressing things to dedicate time towards," he wrote. "It was an interview done speculatively, and I'm not aware of any active work in this space."

Penello added that "if something like that ever happened, you can be sure it wouldn't happen without the user having control over it."

Recent revelations about U.S. government surveillance have forced Microsoft to tread lightly with its upcoming game console. Originally, Microsoft designed the Xbox One not to function unless Kinect was plugged into the console. But in August, the company changed its mind, deciding that users can unplug Kinect as long as the game or app doesn't require it. It's just one of several policy reversals Microsoft has made in response to criticism. Still, Microsoft says it won't back down on bundling Kinect with every Xbox One console, arguing that it's an essential part of the experience.

Tags: skype, Xbox One, gaming, Kinect, security, Microsoft, games, privacy

Coding error protects some Android apps from Heartbleed

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Webroot SecureAnywhere Business

The lightest, fastest, easiest-to-manage, and most effective endpoint protection.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.