Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Guidelines for Customer Privacy

Posted by ryuzaki0 on from the first-unplug-your-windows-machine dept.

jcatcw writes "Microsoft has released its 'Privacy Guidelines for Developing Software Products and Services.' According to Peter Cullen, chief privacy strategist, Microsoft has learned about protecting user's data from such endeavors as Hailstorm and WGA. 'Certainly that and other things have contributed to us thinking deeply with how we provide security and privacy, as well as respect and control with how their information is used,' he said. 'We think others should join in this discussion.'"

4 of 63 comments (clear)

  1. Re:Uh-oh! by Anonymous Coward · · Score: 1, Interesting

    It would explain why an Xbox appears in the leaked 2007 movie script, but there's an iPod in it too, so I'm guessing Frank Welker works for Apple.

  2. Bad provisions in Microsoft's concept of privacy by Animats · · Score: 2, Interesting
    There are several bad provisions in that proposal.
    • The proposal does not require that, when collecting data, the collecting organization specifically identify itself. EU data privacy laws generally require that. California law requires that web sites give "the actual name and address of the business" before accepting credit cards, and that's a good standard. If you can't identify who collected the data, you can't effectively exert your rights against them. "xyz.com" isn't enough; you need "XYZ, Inc. 1234 Wilshire Blvd, Los Angeles, CA".
    • "Web sites: Visiting pages on a Web site implicitly means the customer consents to the site's privacy statement and terms of use." - that's very weak, and not supported by law.
    • For some things, even explicit consent is not enough. See the standards at StopBadware.org, which prohibit automatic updating which modifies other programs changes the functionality of the one being updated without user consent. (Think Tivo, where automatic updates took away commercial-skipping. That's badware.)
    • Personal data transfer to third parties and retention policies need not be specified. Not good. In particular, the owner of the data (the user) needs the right to know which third parties have the data. And the collector of the data must remain responsible for what "affiliates" do with it. This has been a serious problem, where the "good company" disclaims responsibility for what their "affiliate" did. Remember the "outsourced medical transcription" scandal.
    • The "privacy" document doesn't address the privacy issues associated with digital rights management (DRM). "Who knows what's on your ebook?"

    For a more user-side view of privacy from a technical standpoint, the National Association of Theater Owners Digital Cinema Requirements document is valuable. Digital cinema at the movie theater level has DRM, and the theater owners have organized to tell (not ask) the studios exactly how intrusive the DRM can be. Stuff like

    • "The System shall not compromise the security of the theatre's in-house network, including the security of digital cinema systems, point-of-sale systems, and other data systems owned and/or operated by the exhibitor." (i.e. no Sony-type rootkits)
    • "The system shall be designed to push data to outside business entities per the needs of the exhibitor, and shall not allow outside business entities to pull data from the exhibitor's equipment or from the premises without the express written permission of the exhibitor on a case-by-case basis. All such communications shall be recorded and shall be auditable by the Exhibitor." (i.e. no spyware; the user has to explicitly send the log data, and can look at it first)
    • "System components (servers, projectors) shall be capable of being moved from auditorium to auditorium within the same facility in any combination without limitation and without requiring receipt of new decryption keys." (you can swap components around without DRM problems)
    • "Systems shall allow the movement and playback of shows among all auditorium systems within a complex." (you can move the movie from one room to another without DRM problems)
    • "New Security Keys shall be delivered within 15 minutes of the time of request." (no long downtime because the DRM people screwed up)
    • "Systems shall employ the standard interchange method for security log reports .... Systems shall employ tools that allow the exhibitor to filter security log reports logs prior to sharing." (it's all in XML, and you can see what the DRM owner sees.)
    Compare that with Windows Vista.
  3. Re:privavcy guidelines ... by bashamer · · Score: 2, Interesting

    this limits your future scalability

    you want to capture more rather than less so you can use this data as training for future functionality.

  4. In some ways, I want them to know a bout me. by Deathlizard · · Score: 2, Interesting

    I though I would never say this, but in a sense, I want Microsoft to know who I am when it comes to WGA. That way, when WGA screws up, I can prove that I'm the owner.

    Something like when I activate windows, I have the option to login to my passport to associate my windows ID with that Windows Serial Key. that way, if my key is stolen by some hacker and WGA decides to lock my computer down, I can contact MS and prove that I'm the original owner of that key and get it either unlocked or a new key resubmitted.

    If I have to deal with WGA on windows, at least allow me to protect myself from being screwed out of my purchase by the next key stealing Trojan or eventual random keygen.

    --
    In Soviet Russia, Trojan exploits YOU!