Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

Do companies store facial and voice recognition data from the thousands of hours of zoom/teams calls that their employees use?

I heard a person call into a show the other day, voice only, and talk about some poor working conditions at a factory. Made me think about how it would probably be so easy for nefarious bosses to be able to identify that person through voice recognition SW with all of the data that comes from us looking directly into cameras and speaking clearly in modern workplace meetings.

Do "anonymous" callers need to start using voice modulation software for these kinds of calls in the modern world?

Brkdncr ,

With Teams, a user can opt into voice and facial recognition. The benefits are that you can be attributed in conference rooms and in transcription.

Your voice and facial recognition info is deleted when your user account is de-licensed for 30+ days.

This only applies to your tenant though. It doesn’t work when you join meetings from other tenants.

That being said, the tech is there and it’s approaching commodity-levels.

thesmokingman ,

I’ve seen some misinformation that doesn’t address the question and no answers.

First the misinformation: if you live in the US and work in an at-will state, your employee handbook will dictate what company can or cannot do. In most cases, especially for larger companies, there will be explicit language allowing the company to do whatever they on anything that uses their software or tech they’ve provided (eg your phone you use for company email). Two-party consent doesn’t apply in these cases because you signed the employee handbook or were informed it was a condition of your employment. Since it’s at-will too bad. However, even with these power, most companies aren’t doing shit unless you’re fucking up. Give someone a reason to throw IT or security at you and it could happen. Chances of this are higher at either larger companies or small companies with power-hungry idiots running the show. I have worked at all kinds and see all sides. If you are not in the US or live in a state with employment contracts (not at-will), this might not apply unless you signed away those rights and there is nothing getting them back. It’s always a good idea to be friendly with IT and security to learn what they do and do not do.

As to your question, do companies fingerprint employee voices, most likely not. In the US I’m at-will states you don’t need to go through all the trouble of tracking voices for termination or legal action. In the private world, this is a very secrecy-oriented problem (eg Apple trying to keep the lid on surprise and delight) so it wouldn’t happen except for very large scale. In the public sector, you genuinely should be afraid of this because government agencies are sucking down all the data they can. This is true around the world. More importantly, they’re all incompetent as fuck and being sold shitty software that doesn’t work so they’re misusing data like this for incorrect identifications.

In general, if you want to be anonymous, practice good operational security. Changing your voice never hurts. It’s not a bad idea to be safer (unless you’ve chosen a tool that can be easily reversed). You should also use phone numbers and hardware that can’t be traced back, which is a bit harder.

shalafi ,

Pull that in my state without both parties consenting, that's a felony. Even if I call a 1-party "it's ok to record 'em" state, they still have to let me know because my state is 2-party. No sane company is fooling with this.

SOURCE: Zoom admin and sysadmin for 10 years.

cybersandwich ,

Yea, a lot of companies and even govt agencies have policies against recording meetings except for special circumstances. Edit: to clarify they have policies against employees initiating recordings (let alone automatically recording anything by default)

Once you have it, it's a record. Now you have to keep it and treat it like one.

canis_majoris , (edited )
@canis_majoris@lemmy.ca avatar

There are easier ways to spy on your employees. This is not cost-effective.

I use Zoom for work now and each call can be several gigabytes large, depending on resolution of shared materials and a few other factors. If you want to save that kind of stuff long term, you have to pay to keep it somewhere. If you multiply several gigabytes over a few dozen calls a day, you're going to end up with terabytes of garbage you need to store. Zoom also informs you of when a recording is starting and active, offering for you to leave the call or otherwise implicitly agree to being recorded. You have to pay for all these things because there's a significant amount of processing power involved. It's not like it's free to run facial recognition and speech recognition.

When I did contract work for Apple support, the spying was way more efficient than just listening to my calls. My supervisor could literally always see my monitor through the chat program we had installed. There's all kinds of remote software for things like this. If an admin wants to see you misuse your equipment, they have easier ways of finding out than sifting through calls to find wrongthink.

Snapz OP ,

Sorry, wasn't suggesting perpetual info capture, this could be a brief view every 3 to 6 months, just enough to update a voice/facial profile in a system.

canis_majoris , (edited )
@canis_majoris@lemmy.ca avatar

Again, there are easier ways to do this.

Biometric authentication can be required for some companies. You'd have to opt in to use the system or at least agree to the terms set forth by the employer. This kind of stuff doesn't just get collected just because; it's pretty sensitive data.

What you're talking about is a cyberpunk nightmare; some corporate-assisted mass surveillance designed for like, union busting.

If you're making vocal and facial profiles of employees you must have some reason to do so, and it can't just be to burn cash. Like I said before, this stuff costs money, and it's kind of pointless unless you're using it in a way that makes money, selling the data somehow.

towerful ,

Companies would only do it in response to an incident.
Same as any IT related thing. IT will block bad websites, maybe have some alerts for common stuff, but will only sift through logs when something goes wrong so they can assess the extent, impact and fixes for things.

The exceptions are probably like Amazon where they have the processing power and dev-time to do things like this to their own employees, which might also turn into a marketable product for other companies.
Military contractors might as well (Boeing...)

mox ,

In general, if something is possible to exploit, some companies will exploit it.

Figuring out which ones do can be difficult-to-impossible, since that information is not usually available to the public, or in many cases even to most employees. Unless a whistleblower steps forward, the best we can do is guess, and take whatever precautions we feel are worthwhile.

jordanlund ,
@jordanlund@lemmy.world avatar

It's been my experience that companies barely know how to get it to work for conferencing.

Munkisquisher ,

Unless this is a turnkey plugin that takes very few people to implement. It would be A. Too difficult and B. Too easy for anyone who knows about it to whistle blow it's existence

  • All
  • Subscribed
  • Moderated
  • Favorites
  • technology@lemmy.world
  • incremental_games
  • meta
  • All magazines
    •