Microsoft, trying to get a grip on the controversy surrounding just what its Kinect peripheral will capture, collect, and save, has released a page dedicated to explaining just what it will do when it is connected to the Xbox One launching later this month. Microsoft hopes that these disclosures related to the Kinect and its privacy policies will ease consumers who are concerned about the security of their information and activities recorded by Kinect.
First the company said that – even if activities recorded by the Kinect were passed to the government, this information could not be used to build an image of the user's face, and that it is not "technically possible" for security agencies and state officials to access images of players. Microsoft also said that while game software can read player expressions and respond accordingly, that data is not sent to or collected for storage by Microsoft.
"It stays on the console and is destroyed once your session ends," the company claimed.
All of these concerns about just what the Kinect records with its cameras and microphones is related to disclosures earlier this year that Microsoft has shared an unknown amount of data with the National Security Agency and foreign governments. Microsoft claims that it wants to disclose this information to the public, but it is not allowed to by law. It has asked the FISA court for permission to do so, but that matter is still being dealt with in that special court.
Here's more from the page on what the Kinect does and does not do in relation to player data and information, and how consumers can protect themselves:
– Players can turn Kinect off at any time.
– When Kinect is used with certain games and apps, a user's skeletal movements can be used to estimate exercise stats. Microsoft says "you can decide how your stats are managed and whether they are shared".
– Kinect's facial-numeric identifiers, as described above, "stays on the console and is not shared with anyone".
– Microsoft can share user info "with companies we've hired to provide services on our behalf". Those companies must pledge to keep the information confidential.
– Microsoft can share user info "to comply with the law or respond to legal process or lawful requests, including from law enforcement and government agencies"
– Aside from these exceptions, the company "will not disclose your personal information to a third party without your consent".
– For games that enable in-game communications, the game publisher may also have access to the content of in-game communications when users are signed into their account with the publisher.
– Xbox applications built by partner companies, from Netflix to Sky, have their own separate terms and conditions with regards to privacy.
– Microsoft will read player data to serve better targeted advertisements, which users can opt out of.
– If customers link their Microsoft account with a partner company, "Microsoft may share limited account information with that company". That information may include name, address, email and date of birth, but not credit card or other payment information.
– Xbox applications using Windows Phone that require location data "will only collect and store the approximate location of your phone"
– Payment data is stored and used for "detection and prevention of fraud". In support of these uses, "Microsoft may share your payment data with banks and other entities that process payment transactions or other financial services, and for fraud prevention and credit risk reduction."
You can check out the full page here.