Category Archives: Law: Privacy
Summing up these 45 pages, one can say that Microsoft basically grants itself very broad rights to collect everything you do, say and write with and on your devices in order to sell more targeted advertising or to sell your data to third parties. The company appears to be granting itself the right to share your data either with your consent “or as necessary”.
This was particularly ominous:
Also, when device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for the user’s device is automatically backed up online in the Microsoft OneDrive account.
That said, there will be a few things you can turn off by deep diving into your computer’s settings and the Privacy Dashboard. And, I suspect, by not having a Microsoft Account or a OneDrive at all.
Microsoft’s new services agreement goes into effect on 1 August 2015, only a couple of days after the launch of the Windows 10 operating system on 29 July.
When I got home yesterday, this ad (which is actually just the front of a very involved mailer that opens up to have three more sales sheets inside) was waiting for me in the day’s mail. I’m used to getting ‘personalized’ mail that addresses me by name — often by the wrong name since I haven’t been called by my legal name since birth. But this was the first piece of direct mail that linked my name and my wife’s. Since I spend much of the day reading and thinking about databases, identification, and privacy, I wasn’t terribly creeped out about this, but Caroline clearly was, saying it was “excessively personal.” I don’t think the problem was the knowledge that someone knows we are together, since we haven’t made much secret of it for the last 26 years or so. Caroline also asked me to note that the necklace is very ugly.
The ad does make me wonder how often things like this turn up with the wrong name on it (fortunately, my wife’s name is indeed Caroline). Or just after people die, or break up. Could get ugly. Queue references to the famous Target incident.
Note to marketers: I believe that when we had the insides of our wedding rings engraved with our names we exhausted our demand for personalized jewelry.
The Coral Gables Chamber of Commerce will be having a marathon candidates’ forum on March 31st at the University of Miami Fieldhouse. Doors open at 5:30 with the Group IV debate at 6pm; then it’s group V, and ending with the Mayoral candidates. I’m going to guess an hour each, since the event ends at 9pm.
The Chamber of Commerce candiate forum web site invites attendees to register (free) by March 27th — but I’m betting they’ll let you in even if you don’t RSVP.
It’s unfortunate for me that the event overlaps a little with the terrific Data Privacy and Security Law Summit being held on campus all day on the 31st. Fortunately, I’m just doing the welcome at the start of the event, so I guess I can duck out at the end.
Warrant Canary Statement:
As of February 5, 2015, Cheezburger has never received a National Security Letter, an order under the Foreign Intelligence Surveillance Act, or any other classified request for user information.
Government Requests for User Information:
User Accounts Affected
US Subpoenas from Government Zero 0 US Civil Subpoenas Nil 0 US Search Warrants Zilch 0 International Requests Nothing 0 Emergency Requests Nada 0 National Security Requests Zip 0
Spotted via Cheezburger Network releases very clear transparency report at the Inq.
Verizon advertising partner Turn has been caught using Verizon Wireless’s UIDH tracking header to resurrect deleted tracking cookies and share them with dozens of major websites and ad networks, forming a vast web of non-consensual online tracking. Explosive research from Stanford security expert Jonathan Mayer shows that, as we warned in November, Verizon’s UIDH header is being used as an undeletable perma-cookie that makes it impossible for customers to meaningfully control their online privacy.
Mayer’s research, described in ProPublica, shows that advertising network and Verizon partner Turn is using the UIDH header value to re-identify and re-cookie users who have taken careful steps to clear their cookies for privacy purposes. This contradicts standard browser privacy controls, users’ expectations, and Verizon’s own claims that the UIDH header won’t be used to track users because it changes periodically.
This spectacular violation of Verizon users’ privacy—made all the worse because of Verizon’s failure to allow even an opt-out—has already had far-reaching consequences.
UPDATE (1/17/15): Ad Network Turn Will Suspend Zombie Cookie Program. When Will Verizon?