Kinect Long Term Privacy Issues Daunting?

Microsoft’s new Kinect gesture-based game controller is about to invade living rooms across the world, but a privacy group is concerned about long term facial and voice recognition privacy issues.

Microsoft’s new Kinect gesture-based game controller is about to invade living rooms across the world. If Microsoft has its way, the living room is only the start of interactive sci-fi-like gesture controlled technology in every room of every house. It may be great fun, but before you hookup, you should know that Privacy International has some long-term concerns about Kinect’s use of facial and voice recognition technology. The group tweeted, "We played with Kinect recently; MS thought thru current privacy issues (e.g. consent) but longer term is daunting."

Right now, Kinect seems to be looking to make gamers out of those people who do not game because the remote controls are too complicated. Kinect is supposed to allow people to play games with their whole body and without needing remote controls. The technology uses motion sensors, skeletal tracking, facial recognition, and voice recognition. It has are two depth perception and light source 3D cameras and a regular Web camera to track and identify users. It also has facial recognition capabilities, artificial intelligence, and four microphones for voice commands that know the difference between chatter of other people in the room or sound coming from the TV. During game play, Kinect takes photos of gamers and then offers them for viewing or sharing.

The New York Times reported, "Microsoft upgrades and rewires the Kinect brain every 24 hours and can send updates to Xbox systems via the Internet when it chooses. Kinect recognizes someone it has seen before by body shape, so there’s no need to log into the system each time a game is played. It knows your left hand from your right and can distinguish between two players even when their paths cross." If it can't tell identically dressed twins apart, Alex Kipman, incubation director for Xbox 360, said Kinect will ask if you are A or B. Kipman added, "Then, you end up with the equivalent of a different bar code."

Meanwhile, Microsoft CEO Steve Ballmer said, “This is an incredibly amazing, wonderful first step toward making interactivity in the living room available to everybody.” Ballmer then cautioned that Microsoft still has “a lot of work to do.”

I hope privacy is not one of those topics needing work, but I ran into an issue while looking into Xbox Live and Kinect. The Xbox Live Terms of Use, which was updated October 2010, states under Privacy: "You may read about this data collection in more detail in the Microsoft Online Privacy Notice at nk/?LinkId=81184." However, that link is dead and leads to a "404 - File or directory not found" error. Mistakes happen, but the Terms of Use were just updated, so to see the error in regard to privacy may not be a good sign at all.

Don't forget that Microsoft is a huge corporation with a $62.5 billion annual revenue that made privacy cuts in IE8 to appease its marketing department. All that you do with Kinect while connected to Xbox Live is the property of Microsoft for whatever use it might see fit. The personal information collected might be used for marketing, for tracking, or stored and is currently defined by Microsoft's Privacy Policy. Why would the anyone want the stored information? That remains to be seen, but Microsoft has a history of helping law enforcement figure out how to ask for user information and also a history of sacrificing privacy in favor of money making possibilities.

I'm not saying it's dangerous that Kinect software can detect if a gamer is happy, but in Windows 8, Microsoft seems to be planning interactive computing. Microsoft called it “My PC Knows Me.” According to screenshots from Manan Kakkar, Microsoft plans for Windows 8 to detect users when they enter the room via proximity sensors and motion detectors, for the computer to resume where it left off, to use facial recognition as user authentication and login, and for the PC to lock and hibernate when it detects the user has left the room. What if I don't want my computer to watch me and detect me? This, like Kinect, may prove to be absolutely cool or it may open the door to unforeseen privacy or security issues.

An ethically questionable move that Microsoft recently made was pointed out by a security firm. Panda Security recently blogged, Dear Microsoft: Please Stop Pushing Potentially Unwanted Software Through Windows Update. Like some Windows users, Pedro Bustamante did not have and did not want the 160MB Microsoft's Windows Live Essentials 2011. He wrote, "It seems Microsoft is reverting to using WU to push unwanted software, kinda like what adware, spyware and rogue software does. I guess if you can’t convince users to download and install your software the next best thing is to push it down their throats whether they like it or not. Nice move MSFT!" Even after he unchecked the "Important Update," he discovered it was re-checked to be downloaded by default. More than just the software bundle and Bing toolbar, a person had to agree to a new Service Agreement and new Privacy Policy after Microsoft has asked users to provide more personal information.

There is a history of companies using the technology that they sell to later poke into our private lives. Think about the changes Apple made about collecting information and then required a user to agree its new terms and conditions if a person wanted to download any more apps. Let's hope that Kinect's privacy policy, any information stored by Microsoft, and any future updates are meant to help the user in the long term and not only Microsoft. Kinect will hit stores on Nov. 4.

Like this? Check out these other posts:

  • All of today's Microsoft news and blogs
  • Microsoft Proposes Each PC Needs A Health Certificate or No Net Access Allowed
  • EFF Warns of Untrustworthy SSL, Undetectable Surveillance
  • Microsoft's Davis on Privacy: Your Digital Life Data is Bankable Currency
  • ACLU Report: Spying on Free Speech Nearly At Cold War Level
  • Full-Body X-Ray Scanners Driving Down A Street Near You?
  • Facial recognition: Identifying faces in a crowd in real-time
  • Microsoft's Live@edu email not encrypted on cloud servers
  • Cyber-Warfare: U.S. Military Hackers and Spies Prepare to Knock the World Offline
  • Privacy Choices: Who's Watching You and Tracking Your Clicks?

Follow me on Twitter @PrivacyFanatic

Copyright © 2010 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)