The Xbox One will feature, by default, an always-on, works-in-the-dark, microphone and camera that’s constantly connected to the internet and 300,000 servers. What could possibly go wrong?

Following on from the massive success of Kinect on the Xbox 360, Microsoft made the bold choice of bundling every Xbox One with Kinect 2.0. The second-generation Kinect might look like a separate peripheral, but the Xbox One will actually refuse to work if Kinect isn’t plugged in. (See: Kinect for the Xbox One: Sensor revolution or marketing hype?)

On the one hand, this is an awesome boon for developers, who can assume that every Xbox One user has access to voice and gesture controls. For the most part, this should result in richer games and experiences for consumers. On the other hand, what if you want to escape the cold, glassy, ever-present glare of Kinect? What if a developer forces you to use Kinect for a certain part of a game, but you bruised your leg at school and would rather stay seated? Microsoft has made some improvements to Kinect 2.0’s field of view, but what if you’re playing in a really small room, or another environment that just isn’t conducive to motion-based control?

And then there’s the privacy aspect. With the Xbox One, Kinect is constantly on, so that you can navigate around the console with voice and gesture commands. This means that that you’re constantly being watched by an IR camera that can see in the dark, and a microphone that’s constantly listening for your audio cues. Even more terrifyingly, you can turn on the Xbox One with a voice command — yes, even when the Xbox One is off, Kinect is still listening. What if a developer goes rogue and develops malware that snoops on you? What if someone develops Xbox One malware that records what goes on in your child’s bedroom, even when the console appears to be turned off?

Microsoft, for its part, says that privacy across all of its products is a “top priority,” and that “Kinect for Xbox 360 was designed and built with strong privacy protections in place and the new Kinect will continue this commitment.” As we know from experience, though, no system is invulnerable to the manifold attack vectors exploited by malware authors. The Xbox and Xbox 360 were chipped/modded/rooted, and it’s fairly safe to assume that the Xbox One will also suffer the same fate. The point is: The Xbox One is constantly listening and watching, Microsoft needs to make these feeds available to developers, and it’s really only a matter of time until those feeds are subverted — either by a legitimate app developer, or by someone who shouldn’t have access.

In hindsight, maybe we shouldn’t have got our panties quite so knotted over the always-on DRM controversy that never was. Maybe it’s the always-on Kinect that we should really be worried about. Oh, and don’t forget: Microsoft recently filed for a patent that uses the Kinect to spy on you, and block movies from playing if there are too many people sitting in front of your TV.

Now read: Xbox One: Hardware and software specs detailed and analyzed