Slashdot Mirror

← Back to Stories (view on slashdot.org)

Passport May Violate Euro Privacy

Posted by timothy on from the if-you-have-nothing-to-hide dept.

good-n-nappy writes: "More shocking news about Passport. The EU thinks Passport may violate privacy. Of course, Microsoft claims that all data is supplied voluntarily (for now... cue evil laugh). Too bad we in the U.S. will likely have to continue sacrificing privacy for national security." Part of a continuing series.

20 comments

  1. Excuse the ignorance... by MImeKillEr · · Score: 3, Interesting

    ...but it was explained to me by a friend who uses Passport that one of its main features was to sheild consumers from having to give their credit card information to every webfront said user purchases from. Instead, the webfront is given a confirmation number on the transaction. I ask you, how exactly does this make MS evil? Having never used Passport, I'm relying on his view for this (and seeing as how I've known him for 15 years, he's in the tech market, knows his stuff, etc...)

    How about a little less (right!) biased comments for the stories from the staff?

    Mod away. My karma's good.

    --
    Cruising the internet on my TI-99/4A @ a whopping 300 baud!
    1. Re:Excuse the ignorance... by linuxbert · · Score: 4, Informative

      Your right, the idea is a good one, infact, the CC companies have a Secure online trasaction standard (SET) that is used to authenticate cards, but not have individul mechants deal with the card information.

      The problem with passport, is that some people dontlike all there shopping habits and personal information tied up in a big repository, that could be sold at the drop of a hat.

      Microsoft also has a history of changing policies to benifit them, and take away rights from the user, and there is also the concern of your dataa being kept by microsoft as a result of thier track record on privacy and security of systems

      if visa offered this thier intentions would be to lessn fraud and increase thier profits. id say visa is trust worthy, and has a vaild point, so sign up now, but what is MS's reasons for doing this?

    2. Re:Excuse the ignorance... by MImeKillEr · · Score: 3, Interesting

      Ahh, but it was also explained to me that MS doesn't actually gather such data, and that the information is actually obtained by a 3rd party.

      To quote my buddy's email:

      "But people were worried that MS would track peoples spending habits if they had your CC info. Well they contract it out to a 3rd party organization that provides absolutely no data to MS on spending habits, etc..

      Just who exactly the 3rd party is, I don't know. Again, I'm ignorant when it comes to Passport, as I don't use it.

      --
      Cruising the internet on my TI-99/4A @ a whopping 300 baud!
    3. Re:Excuse the ignorance... by good-n-nappy · · Score: 2, Interesting

      You're still dodging the obvious question - what does MS get out of the deal? I suppose they're doing this for philanthropic reasons, right?

      The real reason this is a threat to privacy isn't as obvious in the short term. Its the same as the Oracle (tm) national ID card in the US. Only once it is an accepted standard will the true abuse begin.

      Your buddy is correct about how the system is supposed to work, but wait till MS changes the EULA. Do you really trust MS not to do this? If you do, then you or your buddy works for them.

      --
      Never underestimate the power of fiber.
    4. Re:Excuse the ignorance... by dirk · · Score: 3, Interesting

      You're still dodging the obvious question - what does MS get out of the deal? I suppose they're doing this for philanthropic reasons, right?

      I am assuming here, but what they would be gaining would be websites paying to use the Passport service. As Passport takes off, more and more websites sign up to use it, and (I'm assuming here, but it makes perfect sense) pay MS for the use of the Passport service. It works like a credit card service, where the consumer pays nothing for it, because the business pays the fees up front. So yes, they are doing it to make money, just like Visa would be.

      --

      "Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
    5. Re:Excuse the ignorance... by good-n-nappy · · Score: 1

      Yeah, that's nice. When Passport becomes a monopoly, there'll be a new meaning to the "microsoft tax."

      Of course, good luck taking business from the only monopoly bigger than Microsoft's.

      --
      Never underestimate the power of fiber.
  2. MS Privacy?!? by ChiPHeaD23 · · Score: 3, Interesting

    Even if MS had a great privacy policy (which it doesn't), how safe can you be trusting them with personal data? Their history of insecurity makes me think twice about telling them anything. Remember the Hotmail exploit a few years back? What happens when someone cracks Passport server?

    As far as MS can tell I'm still an old lady from Qatar...

  3. That's shocking by anthony_dipierro · · Score: 4, Insightful

    I guess Jon Katz was right that "modern media is about making money, and that depends entirely on selecting stories that entertain, titillate, blow up or confront." Add bash Microsoft to that list.

  4. Trust No One by Anonymous Coward · · Score: 0
    Your faith in Visa is misplaced.

    This past winter I recieved a quite lengthy letter from Visa (revised terms of service), the jist of which was that they were going to sell my personal information and spending habbits to third parties and there's not a damn thing I can do about it. So I canceled my card as that was the only option I had.

    Credit card companies are just as evil as M$, if not more so.

  5. In other news.. by Anonymous Coward · · Score: 0

    Linus may be from Finland, Women may be from Venus, and Sauron may be plotting to overthrow the last blood of Numenor.

  6. UK Data Protection Act. by Martin+Spamer · · Score: 5, Informative

    The UK Data Protection Act 1998 (http://www.hmso.gov.uk/acts/acts1998/19980029.htm ) governs how 'data-holders' make capture and process personal data.

    This Act is an EU treaty obligation ( http://www.privacy.org/pi/intl_orgs/ec/final_EU_Da ta_Protection.html ) and replaces a similar act from 1984

    The UK Government can be rightly criticised on many aspects of IT legislation, however the Data Protection is not one.

    The Act codifies 'Eight Principals'.

    1. fairly and lawfully processed;
    2. processed for limited purposes;
    3. adequate, relevant and not excessive;
    4. accurate;
    5. kept no longer than necessary;
    6. processed in accordance with the data subject's rights;
    7. secure;
    8. not transferred to countries without adequate protection.

    It seem likely to me that the MS-Passport violates several of these, though most notable numbers 7 and 8.

    The Data Protection Registra/Commissioner.

    http://www.dataprotection.gov.uk

  7. Ignorance excused. by Martin+Spamer · · Score: 2


    Ignorance excused.

    The two most obvious problems with the Microsoft Passport is that 1) It shares your personal data with vendors in countries that do not protect that data. That is a breach of the Eight Data Protection Principal. 2) The Data must be secure, if not this is a violation of the Seventh Principal.

  8. Passport Insecurity? by Coward+Anonymous · · Score: 1

    Aren't hotmail accounts now part of the passport world?
    If so, has anyone noticed the little fact that passport passwords are case insensitive?
    Great security...

  9. Passport and chat groups by Anonymous Coward · · Score: 0

    I just tried to log onto the ninemsn.com.au epilepsy chat room for the first time, and found that it had already filled in my username from my Hotmail account, and inserted my email address into the form. I guess some cookies had not been deleted since I checked my Hotmail. So now Microsoft knows that I have epilepsy, and they know my email address. I think the Europeans are trying to stop just this type of data collection. Good luck to them, I only hope Australia picks up its act and does something about it too.