Posts Tagged ‘Microsoft’

In the mix…EU data retention laws, Wikipedia growing

Friday, June 11th, 2010

1) Australia thinking about requiring ISPs to record browsing histories (via Truste).

Electronic Frontier Australia (EFA) chair Colin Jacobs said the regime was “a step too far”.

“At some point data retention laws can be reasonable, but highly-personal information such as browsing history is a step too far,” Jacobs said. “You can’t treat everybody like a criminal. That would be like tapping people’s phones before they are suspected of doing any crime.”

Sounds shocking, but the EU already requires it.

2) European privacy officials are pointing out that Microsoft, Google and Yahoo’s methods of “anonymization” are not good enough to comply with EU requirements (via EFF).  As we’ve been saying for awhile, “anonymization” is not a very precise claim.  (Even though they also want ISPs to retain browsing histories for law enforcement–confused? I am.)

3) Wikipedia is adding two new executive roles.  In the process of researching our community study, it really struck me how small Wikipedia‘s staff was compared to the staff of more centralized, less community-run businesses like Yelp and Facebook.  Having two more staff members is not a huge increase, but it does make me wonder, is a larger staff inevitable when an organization tries to assert more editorial control over what the community produces?

Ballmer sees a customer demand for privacy

Monday, July 28th, 2008

I have meant to comment on this Ballmer clip from the Washington Post (embedded below) for a few weeks, so this is hardly news, but I can’t pass it up.

There is some undeniably good news for those concerned about privacy. After years of laying low under the glare of Google’s “Don’t be Evil” mantra, Steve Ballmer has said “I actually think we [Microsoft] are going to have to compete on Privacy Policy.”

Watch the clip:

Ballmer is suggesting that the market might make “privacy” a competitive differentiator between services. For example, as a user you might compare two personal financial services with similar functionality, and choose the one that offers “better” privacy guarantees.

To date I think it is fair to say that privacy has not been a mainstream concern for people choosing what software or service to use.

How Microsoft chooses to execute on this lofty goal remains to be seen. At CDTF, our hope is that Microsoft won’t frame privacy in the usual fear-mongering terms of protecting individuals from being “spied on” or “exposed” but will instead address privacy head-on by finally providing individuals with the control and access they need to become active partners in safeguarding their own privacy(…without losing the opportunity to take advantage of the data available to us all: as individuals, businesses, society and yes, even marketers.)

[Full disclosure: Microsoft is currently a client of my consulting business. I also worked at Microsoft from 2003-2006.]

Microsoft’s acquisition of Credentica–will it make my sister care about privacy?

Friday, June 6th, 2008

It’s somewhat old news, but still interesting: Microsoft’s acquisition a few months ago of Credentica, a start-up with an encryption-and-authentication system that “allows users to disclose the absolute minimum to complete digital transactions — and to do so in a way that ensures the information they need to reveal has no shelf life whatsoever.”

One of the most interesting issues in privacy to me is the gap between those who live and breathe privacy and security day to day and those who don’t. Having gone from the latter group to the former only recently, I know how wide that gap is. Those who care about privacy discuss and analyze various solutions with passion and intensity, while people like my sister dispose of broken laptops by placing them in NYC trashcans. (True story—the laptop was mine, and she was sincerely puzzled when I threw a fit.) All the news coverage of data leaks has led many people to have a vague sense of dread about their privacy rights, but understand nothing more. So even if interesting solutions are proposed for protecting personal information, the question of who will care enough to adopt them is as important as whether the proposals actually work.

It seems this issue played out in the development of the U Prove technology, which had been proposed before. It just wasn’t very marketable when it was pitched to individual consumers. One thing Stefan Brands and Credentica did differently was marketing it to software developers. That strategy seems to have proven successful, given that Microsoft has now bought the company.

But will Microsoft’s investment in Credentica pay off with users who have only vague concerns about their privacy? (I love the way the Wired article says, “Brands and Thompson tend to refer to the math behind U-Prove as ‘magic’ rather than going too deep into the details.”) Will Microsoft be able to overcome its image as a big bad company and persuade consumers they are really invested in protecting privacy? It’s a difficult problem. Privacy concerns need to be addressed now, before the public cares enough to demand it, but solutions proposed by major companies may not satisfy uneasy consumers.

I’m biased, of course, because we at the Common Datatrust Foundation are working on a different model, that privacy and security should be entrusted to a trusted third-party that would administer and monitor exchanges of information between individuals, institutions, agencies, and businesses. But I’d be happy to see progress by Microsoft or any other company or organization in proposing privacy and security systems that truly returns control over personal information back to individuals without requiring everyone to understand all this privacy stuff.

I’m curious to know what others think. If we believe the privacy of even those who don’t care should be protected, where should the push for change come from?

Get Adobe Flash player