Slashdot Mirror
Microsoft is Privately Testing 'Bali,' a Way To Give Users Control of Data Collected About Them (zdnet.com)
Microsoft is working on a project codenamed "Bali," which is designed to give users control of data collected about them. The project is a Microsoft Research incubation effort and seems to be in private testing at this stage. From a report: I learned of the existence of Bali in a tweet from "Longhorn," which I saw via another Twitter user, "Walking Cat." Longhorn described Bali as "a project that can delete all your connection and account information (inverseprivacyproject)." I found a link to the Bali project page. That page allows those with a code to sign into the site and says those without a code can request one.
The "About" page for Bali describes it as a "new personal data bank which puts users in control of all data collected about them.... The bank will enable users to store all data (raw and inferred) generated by them. It will allow the user to visualize, manage, control, share and monetize the data."
The "About" page for Bali describes it as a "new personal data bank which puts users in control of all data collected about them.... The bank will enable users to store all data (raw and inferred) generated by them. It will allow the user to visualize, manage, control, share and monetize the data."
That's the fucking question, not whether you can force users to jump through hoops to maintain (the illusion of) basic privacy with some new portal, WHY DO YOU THINK IT'S FINE TO COLLECT ALL THIS BY DEFAULT?
The fuck do you think you are, Facebook?
User privacy protections aren't bad, but the best thing would be for MS to give users the real option of going cloudfree, not nudging users (hard) to cloud-up their personal data.
How about software written that doesn't try to force you into the cloud. How about controls that truly limit information leaks from your browser that can be used to fingerprint you, such as always reply with the same font list regardless of what you have on your computer, or refuse to give up mouse hover location, and do not send keystrokes in real time, require a click or OK to send form data as a completed field rather than streamed. Take away every avenue used for unique identification by default at the browser level. Unique identification should only be possible if the user signs in with credentials.
Digital is, by definition, imperfect. Analog is the way to go.
Microsoft : "give us all your personal data and we can control who can access if for you. You can trust us."
This is dumber than Facebook wanting you to give them your nudes so they can make sure nobody posts them online.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Google purportedly gives you access to control a lot of your 'data' on their apps and websites. It only takes digging through hundreds of obscure settings and un-obvious control schemes, individual devices, and individual applications.
And even then you'll find that they add new "settings" without telling you and default them to the on position, so they're getting information you never even knew they were grabbing.
An opt-in system is the ONLY system that should be allowed, and not the EULA opt-in system. A system where you have to click every single checkbox for every bit of information they intend to collect.
Or you could just avoid all this and download my awesome Android Flashlight app. I swear it only turns your phone's LED on and off. Promise.