1.59 Ensure 'Configure Speech Recognition' is set to 'Disabled'


This policy setting specifies whether websites can use the W3C Web speech API to recognize speech from the user. The Microsoft Edge implementation of the Web speech API uses Azure Cognitive Services, so voice data will leave the machine.

The recommended state for this setting is: Disabled.


Allowing speech recognition to use the Web speech API in Azure Cognitive permits voice data to leave the machine, potentially allowing sensitive data to be collected from a non-secured 3rd-party source.


Users will be unable to use speech recognition for voice typing. Users that use speech recognition for accessibility will need other tools implemented for voice typing.


To establish the recommended configuration via GP, set the following UI path to Disabled:

Computer Configuration\Policies\Administrative Templates\Microsoft Edge\Configure Speech Recognition

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from: Download Microsoft Edge for Business - Microsoft.

Default Value:

Enabled. (Web-based applications that use the Web speech API can use speech recognition.)

See Also


Item Details


References: 800-53|CM-6, 800-53|CM-7, CSCv7|9.2

Plugin: Windows

Control ID: 8e75ca61f232242d3ea3360b53121b5a84b53b8be58bd05ff3dba16a8cadbe65