Nintendo Warns Switch 2 GameChat Records Chats, Shares Data on Request

Nintendo has alerted owners of its upcoming Switch 2 console that the built‑in GameChat feature creates temporary local copies of voice and text conversations, and that those recordings can be forwarded to the company upon user request. According to a support notice published by Nintendo and highlighted by Ars Technica, the system stores a short‑term cache of the chat on the device’s internal storage, essentially giving the console a “record‑what‑you‑say” capability that is active while the feature is enabled.

The temporary files are saved as encrypted blobs using AES‑256 for data at rest. When a player decides to report a conversation—either for moderation, to flag abusive behavior, or to submit feedback—the console bundles the selected cache, re‑encrypts it with Nintendo’s public key, and uploads the package over a TLS 1.3‑protected channel to Nintendo’s servers. The upload process is designed to be opt‑in, but the underlying mechanism remains active on the device, meaning that any compromised application or firmware tweak with sufficient privileges could potentially trigger the same export routine.

Privacy researchers have flagged the design as a potential data‑leak vector. The cached recordings contain raw audio waveforms and text snippets, which could be analyzed for voice‑recognition metadata or personally identifiable information. If an attacker were able to manipulate the manual‑report trigger or intercept the encrypted upload, the result could be an unintended exfiltration of sensitive conversation data—a scenario that falls under the classic definition of a data‑breach vulnerability. The lack of a visible “chat recorded” indicator on the UI has also raised concerns that users may be unaware that any recording is occurring.

Nintendo recommends several mitigations while a firmware update is in development: enable two‑factor authentication on linked Nintendo accounts, regularly delete the temporary chat cache from the system settings, and disable the auto‑report option that automatically sends logs to the company. The upcoming patch is expected to add a clear on‑screen badge that signals when a conversation is being recorded, as well as an opt‑out toggle that prevents the console from storing any local copy of the chat. Users are advised to apply the update as soon as it becomes available to limit exposure.