Do companies store facial and voice recognition data from the thousands of hours of zoom/teams calls that their employees use?
Do companies store facial and voice recognition data from the thousands of hours of zoom/teams calls that their employees use?
I heard a person call into a show the other day, voice only, and talk about some poor working conditions at a factory. Made me think about how it would probably be so easy for nefarious bosses to be able to identify that person through voice recognition SW with all of the data that comes from us looking directly into cameras and speaking clearly in modern workplace meetings.
Do "anonymous" callers need to start using voice modulation software for these kinds of calls in the modern world?
It's been my experience that companies barely know how to get it to work for conferencing.
Unless this is a turnkey plugin that takes very few people to implement. It would be A. Too difficult and B. Too easy for anyone who knows about it to whistle blow it's existence
In general, if something is possible to exploit, some companies will exploit it.
Figuring out which ones do can be difficult-to-impossible, since that information is not usually available to the public, or in many cases even to most employees. Unless a whistleblower steps forward, the best we can do is guess, and take whatever precautions we feel are worthwhile.
Pull that in my state without both parties consenting, that's a felony. Even if I call a 1-party "it's ok to record 'em" state, they still have to let me know because my state is 2-party. No sane company is fooling with this.
SOURCE: Zoom admin and sysadmin for 10 years.
Yea, a lot of companies and even govt agencies have policies against recording meetings except for special circumstances. Edit: to clarify they have policies against employees initiating recordings (let alone automatically recording anything by default)
Once you have it, it's a record. Now you have to keep it and treat it like one.
Companies would only do it in response to an incident.
Same as any IT related thing. IT will block bad websites, maybe have some alerts for common stuff, but will only sift through logs when something goes wrong so they can assess the extent, impact and fixes for things.The exceptions are probably like Amazon where they have the processing power and dev-time to do things like this to their own employees, which might also turn into a marketable product for other companies.
Military contractors might as well (Boeing...)With Teams, a user can opt into voice and facial recognition. The benefits are that you can be attributed in conference rooms and in transcription.
Your voice and facial recognition info is deleted when your user account is de-licensed for 30+ days.
This only applies to your tenant though. It doesn’t work when you join meetings from other tenants.
That being said, the tech is there and it’s approaching commodity-levels.
I’ve seen some misinformation that doesn’t address the question and no answers.
First the misinformation: if you live in the US and work in an at-will state, your employee handbook will dictate what company can or cannot do. In most cases, especially for larger companies, there will be explicit language allowing the company to do whatever they on anything that uses their software or tech they’ve provided (eg your phone you use for company email). Two-party consent doesn’t apply in these cases because you signed the employee handbook or were informed it was a condition of your employment. Since it’s at-will too bad. However, even with these power, most companies aren’t doing shit unless you’re fucking up. Give someone a reason to throw IT or security at you and it could happen. Chances of this are higher at either larger companies or small companies with power-hungry idiots running the show. I have worked at all kinds and see all sides. If you are not in the US or live in a state with employment contracts (not at-will), this might not apply unless you signed away those rights and there is nothing getting them back. It’s always a good idea to be friendly with IT and security to learn what they do and do not do.
As to your question, do companies fingerprint employee voices, most likely not. In the US I’m at-will states you don’t need to go through all the trouble of tracking voices for termination or legal action. In the private world, this is a very secrecy-oriented problem (eg Apple trying to keep the lid on surprise and delight) so it wouldn’t happen except for very large scale. In the public sector, you genuinely should be afraid of this because government agencies are sucking down all the data they can. This is true around the world. More importantly, they’re all incompetent as fuck and being sold shitty software that doesn’t work so they’re misusing data like this for incorrect identifications.
In general, if you want to be anonymous, practice good operational security. Changing your voice never hurts. It’s not a bad idea to be safer (unless you’ve chosen a tool that can be easily reversed). You should also use phone numbers and hardware that can’t be traced back, which is a bit harder.