A Microsoft effort to improve
calls and the
virtual assistant by listening in on user interactions reportedly had "no security measures" in place to protect data. Contract workers in China were able to access recordings via a web app from personal computers in their homes, according to a Friday report in The Guardian.
An unnamed former contractor told the publication he reviewed thousands of recordings on his personal laptop from his home in Beijing over the two years he worked for Microsoft. The recordings included deliberate and accidental Cortana activations as well as some Skype calls, according to The Guardian. Workers were reportedly given no cybersecurity help, and usernames and passwords to access recordings were emailed to new contractors in plain text.
Microsoft has human workers listen to "short snippets" of voice conversations to improve services like Skype and Cortana, media reports revealed this past summer. And it's not just Microsoft. Apple, Google, Amazon, Facebook and others all had similar programs in place. The industry practice raised privacy concerns from consumers about how their voices and data were being used. Some of the companies have since made changes to their programs, including letting people opt out of audio reviews.
Microsoft has also made changes, including moving its review program to "secure facilities," none of which are in China.
"This past summer we carefully reviewed both the process we use and the communications with customers," a Microsoft spokesperson said in an email Friday, in response to a request for comment on the Guardian report. "As a result we updated our privacy statement to be even more clear about this work, and since then we've significantly enhanced the process including by moving these reviews to secure facilities in a small number of countries."