In the latest in a sadly lengthy series of companies misappropriating their capacity to listen to you, a new report reveals a Skype transcription program in China ran with little oversight or security protecting recordings of Skype customers. The company says these issues have been addressed, but it’s still a very unflattering look at its practices.
The Guardian reports that a project to grade the translation software within Skype and Cortana ran for years in Beijing. An anonymous worker, who worked on the project, revealed there were “no security measures” to protect the recordings. This became especially apparent when they transitioned to working at home:
I judged British English (because I’m British), so I listened to people who had their Microsoft device set to British English, and I had access to all of this from my home laptop with a simple username and password login… I heard all kinds of unusual conversations, including what could have been domestic violence. It sounds a bit crazy now, after educating myself on computer security, that they gave me the URL, a username and password sent over email.
The worker told the Guardian that they’d been hired with almost no vetting. They had no cybersecurity assistance, and were in fact encouraged to do things that would make anyone with a modicum of knowledge of the field cringe. For example, they were told to use the same password for all their accounts for “ease of management,” meaning the password was the same for every employee hired in a given timespan.
We’ve known about humans listening to our Skype calls since August, when a Motherboard report revealed that contract workers were permitted to listen to some fairly intimate recordings. This was the first most of us had heard that actual humans were doing the bulk of the listening. Even then, workers were pretty upfront about how bad the security measures were, with one of them telling Motherboard: “The fact that I can even share some of this with you shows how lax things are in terms of protecting user data.”
In response to this report, Microsoft told The Verge that it’d already implemented a solution: namely that audio recordings were now transcribed in “secure facilities in a small number of countries” of which China is not one. It also added that transcribers were only allowed to listen to audio snippets ten seconds long or shorter and weren’t allowed access to the full conversation.