GamesBeat

5 privacy questions Microsoft should answer before the Xbox One releases

This post has been edited by the GamesBeat staff. Opinions by GamesBeat community writers do not necessarily reflect those of the staff.
Editor's Note from Rob Savillo:
Are you worried that the Xbox One might be watching you while you sleep? Or while you ... do anything else? Ethan explores five potential privacy issues for Microsoft's next-generation console.

HAL: I think you know what the problem is just as well as I do.
Dave: What are you talking about, HAL?
HAL: This mission is too important for me to allow you to jeopardize it.
Dave: I don’t know what you’re talking about, HAL.
HAL: I know that you and Frank were planning to disconnect me, and I’m afraid that’s something I cannot allow to happen.
Dave: [feigning ignorance] Where the hell did you get that idea, HAL?
HAL: Dave, although you took very thorough precautions in the pod against my hearing you, I could see your lips move.
Dave: Alright, HAL. I’ll go in through the emergency airlock.
HAL: Without your space helmet, Dave? You’re going to find that rather difficult.
Dave: HAL, I won’t argue with you anymore! Open the doors!
HAL: Dave, this conversation can serve no purpose anymore. Goodbye.

– 2001: A Space Odyssey

While we know that the Xbox One’s new Kinect can read users’ heart rates, Microsoft has yet to confirm whether it will be able to read people’s lips. Nevertheless, the slow but sure shift towards always-on — coupled with the next-gen console’s all-seeing eye — should give consumers pause.

Unlike other companies, such as Amazon, which find out information about you by tracking where you’ve gone on the Internet, Microsoft will literally have a digital window into the home of everyone who buys an Xbox One. Just like how Amazon aggregates information about how Kindle owners shop for and consume books, Microsoft will be gathering information on what kinds of games people play and how they play them. In addition, Microsoft will have a direct link into how people are feeling (and how many are present) while it does so. And not just for video games but television and movies as well.

Microsoft isn’t the only company focusing on technology like this — Nintendo and Valve have spoken about the possibilities of developing bio-feedback capabilities, too; however, Microsoft is one of the first to bring the tech to market and sell it to potential customers. Unfortunately, the company has been cagey about most of the details of the Xbox One. Going forward, it’ll be important for Microsoft to be transparent about how its new hardware works and what consumers do and don’t need to worry about. Here’s just a few of the issues that the company needs to address.

Xbox_One_Kinect_3_people

1. What exactly does the Xbox One record while on?

Yes, Microsoft has confirmed that the new console can be turned off. Unfortunately, that tells us nothing about what the console will be capable of recording through the Kinect during the rest of the time. Will there be a settings menu where users can go to decide precisely which parts of the Kinect’s functionality will be left on at any given moment? Will it be possible to use the devices’s sound and movement capabilities without that information being “live” and accessible by Microsoft?

home-screen

It won’t be enough for the company to simply claim that the final product will have adjustable privacy settings and the assumed on/off switch. It wasn’t that long ago that researchers revealed just how much sensitive information the iPhone was storing unbeknownst to its owners. The full range of data collected by the Kinect is too potentially extensive for Microsoft
not to address in full detail. Instead, the company should release a document that makes clear what kind of information the Kinect can and can’t capture while in different states, including standby.

2. What will any collected information be used for?

Obviously, information isn’t collected, stored, and possibly transmitted unless it’s going to be used for something. The applications could range from survey data of audience experiences to precise measurements of an individual person’s heart rate. How many people who streamed Iron Man 3 showed signs of excitement or boredom — and at which parts?

Information like that is incredibly valuable. On the one hand, it can be used to give media companies a better idea of the kind of content their audiences are after. Which missions in a Borderlands game seemed to produce the most fun? Which ones were too easy? On the other hand, that information could also be used to build out a list of preferences for each user profile. These preferences could then be used not only to more accurately target marketing but also, in the long run, to inform which kinds of games get made in the first place. So who exactly will have access to this information? Just Microsoft or third parties as well? And will Microsoft inform users who they are selling this information to, or will it remain anonymous?

3. Will the information be linked to specific Xbox One accounts?

In other words: Will Microsoft know that I sob like a baby when something sad happens in the game I’m playing or only that someone does? Will the information they gather from my Xbox One be linked not only to my demographic information but specifically to my name, payment history, and everything else? It’s one thing for Microsoft to build a generalized profile based around how someone uses the system and what her experiences are while using it but another to have intimate personal information tied together around individual names.

microsoft_xbox_one_kinect_4Why exactly? It’s the difference between someone hacking an Xbox One or a Microsoft server and only getting encrypted information that’s generalized among the population of all Xbox One owners in a particular region and that private information falling into the wrong hands and being traceable directly to a specific Gamertag and Xbox account.

Not only will users be depending on Microsoft to keep financial information safe but now a wealth of data regarding what they do while playing the Xbox One would be available — down to and potentially including the conversations they have while using the system and even the way their lower lips twitch when they eventually say “Xbox One off.”

4. What will privacy settings cover, and what will the defaults be?

It might sound overly cynical, but what default setting a service provider chooses for its customers can be extremely telling. Just think back to every time Facebook shifted its settings to create “better” experiences for its users. Facebook’s business model is built around ad revenue, and for those ads to be as effective as possible and garner the highest possible rates, the company relies on having access to and allowing other companies access to as much information as possible. How else could they link up someone with twenty-five favorite bands to music services like Pandora and Spotify?

So when users first boot up the Xbox One, will they choose their privacy settings then and there, or will it be something that each person has to “opt out” of later on? And will each different setting be clearly delineated, with options both for “share everything” and “share absolutely nothing?” Or will users necessarily have to adapt to a privacy continuum where everyone must share at least some private information gleaned through the Kinect with Microsoft and potentially other third parties?

5. How will the Xbox One’s terms of service affect privacy and lawsuits?

Kinect_Lifestyle1

Last but certainly not least, it will be crucial to know just what Microsoft intends to include in the Terms of Service Agreement that all Xbox One users will have to sign when setting up their new systems. While companies like Microsoft maintain that users are free to read their TOSes and not agree if they’d prefer, that’s cold comfort to someone who has already purchased an Xbox One and is just then finding out what ridiculous conditions of use are hidden inside.

If Microsoft really wants to be transparent and is really concerned about users’ privacy, it should be explicit and upfront about what terms of use if any will pertain to user privacy settings and the recourse allowed to users if they find personal information of theirs being shared that they had originally been unaware of.

If data gathered by the Kinect, both visual and aural, must be on some level shared as part of the Xbox One’s terms of use, Microsoft should let potential customers know that ahead of time rather than waiting as long as possible to do so. Furthermore, if terms of use dictate that customer complaints regarding privacy must be solved through binding arbitration via Microsoft (i.e. users won’t have recourse to a court of law if private information of theirs somehow goes astray), then the company should likewise also disclose that in the weeks and months before launch.


Screen Shot 2014-03-25 at 2.00.11 PMGamesBeat 2014 — VentureBeat’s sixth annual event on disruption in the video game market — is coming up on Sept 15-16 in San Francisco. Purchase your ticket now to save $200!
0 comments

GamesBeat is your source for gaming news and reviews. But it's also home to the best articles from gamers, developers, and other folks outside of the traditional press. Register or log in to join our community of writers. You can even make a few bucks publishing stories here! Learn more.

You are now an esteemed member of the GamesBeat community. That means you can comment on stories or post your own to GB Unfiltered (look for the "New Post" link by mousing over your name in the red bar up top). But first, why don't you fill out your via your ?

About GamesBeat