Category Archives: privacy

Cyber Privacy by April Falcon Doss

This is a book about pervasive data collection and its implications. The author, April Falcon Doss, is a lawyer who spent 13 years at the US National Security Agency (NSA), itself an organization controversial for phone-tapping and other covert surveillance practices. Disturbing though that is, one of Doss’s observations is that “in democratic countries … the government doesn’t have nearly as much data as private companies do.” She argues that government-held data is less troubling since its usage is well regulated, unlike privately held data – though these safeguards do not apply in authoritarian regimes.

Government use then is just one piece of something much bigger, the colossal amount of personal data gathered on so much of what we do, our buying habits, what we search for on the internet, our health, our location, our contacts, tastes and preferences, all tracked, stored, and used in ways that we might not expect. Most of the book simply describes what is happening, and this will be eye-opening to anyone who has not followed the growth of data collection and its use in marketing and advertising over the last twenty years or so. Doss describes how a researcher analyzed his iPhone activity and found that “within seven days, the phone had exported data via 5,400 hidden app trackers.” – and Google’s Android is even worse.

How much do we care and how much should we care? Doss looks at this question which to me is of particular interest. We like getting stuff for free, like social media, search, maps and directions; but how aware are we of hidden costs like compromised privacy and would we be willing to pay in other ways? Studies on the subject are contradictory; humans are not very logical on the matter, and it depends exactly how the trade-off between privacy and cost is presented. The tech giants know this and in general we easily succumb to the temptation to hand over personal information when signing up for free services.

Doss makes some excellent and succinct points, as when she writes that “privacy policies offer little more than a fig leaf of user notice and consent since they are cumbersome to read, difficult to understand, and individuals have few alternatives when it comes to using the major digital platforms.” She also takes aim at well-intended but ineffective cookie legislation – which have given rise to the banners you see, especially in the EU, inviting you to accept all manner of cookies when you visit a web site for the first time. “A great deal of energy and attention has gone into drafting and implementing cookie notice laws,” she says. “But it is an open question whether anyone’s privacy has actually increased.”

She also observes that we are in uncharted territory. “It turns out that all of us have been unwitting participants in a multifaceted, loosely designed program of unregulated research,” she writes.

Personally I agree that the issue is super-important and deserves more attention than it gets, so I am grateful for the book. There are a couple of issues though. One is that the reason personal data gathering has escalated so fast is that we’ve seen benefits – like free services and personalisation of advertising which reduces the amount of irrelevant material we see – but the harms are more hidden. What are the harms? Doss does identify some harms, such as reduced freedom in authoritarian regimes, or higher prices for things like Uber transport when algorithms decide what offers to show based on our willingness to pay. I would like to have seen more attention paid though to the most obvious harm of the moment, the fact that abuse of personal data and social media may have resulted in political upheavals like the election of Donald Trump as US president, or the result of the Brexit referendum in the UK. Whatever your political views, those who value democracy should be concerned; Doss gives this matter some attention but not as much as it merits, in my opinion.

Second, the big question is what can be done; and here the book is short of answers. Doss ends up arguing that we have passed the point of no return in terms of data collection. “The real challenge lies in creating sufficient restrictions to rein in the human tendency to misuse information for purposes that we’ve collectively decided are unacceptable in society,” she writes, acknowledging that how we do so remains an open question.

She says that her ambitions for the book become more modest as the research continued, ending with the hope that she has provided “a catalogue of risks and relevant questions, along with a useful framework for thinking about the future” which “may spark further, future discussions.”

Fair enough, but I would like to have seen more practical suggestions. Should we regulate more? Should Google or Facebook be broken up? As individuals, does it help if we close social media accounts and become more wary about the data that we give away?

Nevertheless I welcome this thought-provoking book and hope that it does help to stimulate the future debate for which the author hopes.

BenBella Books (3 Nov. 2020)

Microsoft Office and privacy: happy to send what you type to the cloud for analysis?

I attempted to open a document from on-premises SharePoint recently and was greeted with an error asking me to check my privacy settings.

image

“The service required to use this feature is turned off” I was informed. Hmm, what service is that then? The solution turned out to be in the new Office privacy settings, just as the dialog suggested.

If you disable what Microsoft calls “Connected experiences” it appears to block access to SharePoint. Probably not what the user intended.

image 

This setting is not great for clarity. Privacy-conscious users like myself may disable it because it represents your agreement to “experiences that analyze your content”. Since this means uploading your content to the cloud for analysis it sounds as if it might weaken both privacy and security. If you look at all the options though, it may be possible to agree to access online file storage without agreeing to content analysis:

image

It looks as if by unchecking “Let Office analyze your content” you might be able to stop Office uploading your stuff.

Is there anything to worry about? We need to know more about what happens to our data. There is a Learn More link that takes us here. This lists lots of features but does not tell us what we want to know. Maybe here? This tell us that:

Three types of information make up required service data.

  • Customer content, which is content you create using Office, such as text typed in a Word document, and is used in conjunction with the connected experience.

It is still not clear though what happens to our data, other than that it is “sent to Microsoft”. Even the massive Microsoft Privacy Statement is no more illuminating on this point. In fact, it is arguably rather alarming since it contains this statement:

Microsoft uses the data we collect to provide you with rich, interactive experiences. In particular, we use data to:

  • Provide our products, which includes updating, securing, and troubleshooting, as well as providing support. It also includes sharing data, when it is required to provide the service or carry out the transactions you request.
  • Improve and develop our products.
  • Personalize our products and make recommendations.
  • Advertise and market to you, which includes sending promotional communications, targeting advertising, and presenting you with relevant offers.

We also use the data to operate our business, which includes analyzing our performance, meeting our legal obligations, developing our workforce, and doing research.

In carrying out these purposes, we combine data we collect from different contexts (for example, from your use of two Microsoft products) or obtain from third parties to give you a more seamless, consistent, and personalized experience, to make informed business decisions, and for other legitimate purposes.

This suggests that Microsoft will profile me and send me advertising based on the data it collects. What I need to know is not only the fact that this happens, but also the mechanism, in order to make an informed judgement about whether it is sensible to enable these options. Of course it is also possible that the Office content analysis service does not do this. I am guessing.

What can go wrong? These risks are hard to quantify. If you are typing something confidential, it makes sense not to share it more than is necessary, as further sharing can only increase the risk. There are some interesting scenarios too, such as what happens if Microsoft receives a legal demand to have sight of the content of your documents. Microsoft may not want to give access to your content, but in some circumstances it might not have the choice. Then again, I doubt it retains content sent for the purpose of personalisation, beyond whatever factors the service determines are significant. However this is not stated here.

Is this any different from storing documents on a cloud service such as SharePoint / OneDrive online? It is a bit different since in the Office case you are permitting Microsoft to analyze as well as to store your content.

All of this is up for debate. I accept that the risks are probably small as well as the fact that the wider world has little or no interest in most of the content I type but do not choose to publish.

Nevertheless, there are a few things which seem to me reasonable requests.

– A clear statement concerning what happens to my content if I choose to let it be analyzed by Microsoft’s cloud service, to enable better informed decisions about whether or not to enable this feature. Dumping the user into an all-encompassing privacy policy is not good enough.

– Improved settings (and possibly some fixed bugs) so that privacy-conscious users do not inadvertently disable access to on-premises SharePoint, as in my example, or other unexpected outcomes.

– A simple way to exclude a specific document from the service, conceptually similar to “in-private” mode in a web browser though with more chance of actually protecting your privacy (in-private mode is not really very private).

In general, I do not think the solution to a customer’s reasonable concerns about privacy and security of personal information is to obscure how this data is handled.

Manage your privacy online through cookie settings? You must be joking.

Since the deadline passed for the enforcement of the EU’s GDPR (General Data Protection Register) most major web sites have revamped their privacy settings with new privacy policies and more options for controlling how your personal data is used. Unfortunately, the options offered are in many cases too obscure, too complex and too time-consuming to be of any practical value.

Recital 32 of the GDPR says:

Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data … this could include ticking a box when visiting an internet website … silence, pre-ticked boxes or inactivity should not indicate consent.

I am sure the controls on offer via major web properties are the outcome of legal advice; at the same time, as a non-legal person I struggle on occasion to see how they meet the requirements or the spirit of the legislation. For example, another part of Recital 32 says:

… the request must be clear, concise, and not unnecessarily disruptive to the use of the service for which it is provided.

This post describes what I get if I go to technology news site zdnet.com and it detects that I have not agreed to its cookie management.

Note: before I continue, let me emphasize that there is lots of great content on zdnet, some written by people I know; the site as far as I know is doing its best to make business sense of providing such content, in what has become a hostile environment for professional journalism. I would like to see fundamental change in this environment but that is just wishful thinking.

That said, this is one of the worst experiences I have found for privacy-seeking users. Here is the initial banner:

image

Naturally I click Manage Settings.

Now I get a scrolling dialog from CBS Interactive, with a scroll gadget that indicates that this is a loooong document:

image

There is also some puzzling news. There are a bunch of third-parties whose cookies are apparently necessary for “our sites, products and services to function correctly.” These include cookies for analytics and also for Google ad-serving. I am not clear why these third-parties perform functions which are necessary to read a technical news site, but there we are.

I scroll down and reach a button that lets me opt out of being tracked by the third party advertisers using zdnet.com, or so it seems:

image

I want to opt out, so I click. Some of the options below are unchecked, but not many. Most of the options say “Opt out through company”.

It also seems pretty technical to me. Am I meant to understand what a “Demand Side Platform” is?

image

I counted the number of links that say “opt out through company”. There are 63 of them.

I click the first one, called Adform. Naturally, the first thing I see is a request to agree (or at least click OK to) their Cookie Policy.

image

I click to read the policy (remember this is only the first of 63 sites I have to visit). I am not offered any sort of settings, but invited to visit youronlinechoices or aboutads.info.

image

Well, I don’t want anything to do with Adform and don’t intend to return to the site. Maybe I can ignore the Adform Cookie Policy and just focus on the opt-out button above it.

image

Currently I am “Opted-in”. This is a lie, I have never opted in. Rather, I have failed to opt out, until I click the button. Opting out will in fact set a cookie, so that Adform knows I have opted out. I am also reminded that this opt out only applies to this particular browser on this particular device. On all other browsers and/or devices, I will still be “opted in”.

OK, one down, 62 to go. However scrolling further down the list I get some bad news:

image

In some cases, it seems, “this partner does not provide a cookie opt-out”. The best I can do is to “visit their privacy policy for more information”. This will require a search, since the link is not clickable.

How to control your privacy

What should you do if you do not want to be tracked? Attempting to follow the industry-provided opt-outs is just hopeless. It is mostly PR and attempting to tick legal boxes.

If you do not want to be tracked, use a VPN, use ad blockers, and delete all cookies at the end of each browsing session. This will be tedious for you though, since your browsing experience will be one of constant “I agree” dialogs, some of which you may be able to ignore, or others for which you have to click I Agree or endure a myriad of semi-functional links and settings,

Maybe the EU GDPR legislation is unreasonable. Maybe we have been backed into this corner by allowing the internet to be dominated by a few giant companies. All we can state for sure is that the current situation is hopelessly broken, from a privacy and usability perspective.

The price of free Wi-Fi, and is it a fair deal?

Here we are in a pub trying to get on the Wi-Fi. The good news: it is free:

image

But the provider wants my mobile number. I am a little wary. I hate being called on my mobile, other than by people I want to hear from. Let’s have a look at the T&C. Luckily, this really is free:

image

But everything has a cost, right? Let’s have a look at that “privacy” policy. I put privacy in quotes because in reality such policies are often bad news for your privacy:

Screenshot_20180211-141004

Now we get to the heart of it. And I don’t like it. Here we go:

“You also agree to information about you and your use of the Service including, but not limited to, how you conduct your account being used, analysed and assessed by us and the other parties identified in the paragraph above and selected third parties for marketing purposes”

[You give permission to us and to everyone else in the world that we choose to use your data for marketing]

“…including, amongst other things, to identify and offer you by phone, post, our mobile network, your mobile phone, email, text (SMS), media messaging, automated dialling equipment or other means, any further products, services and offers which we think might interest you.”

[You give permission for us to spam you with phone calls, texts, emails, automated dialling and any other means we can think of]

“…If you do not wish your details to be used for marketing purposes, please write to The Data Controller, Telefönica UK Limited, 260 Bath Road, Slough, SLI 4DX stating your full name, address, account number and mobile phone number.”

[You can only escape by writing to us with old-fashioned pen and paper and a stamp and note you have to include your account number for the account that you likely have no clue you even have; and even then, who is to say whether those selected third parties will treat your personal details with equal care and concern?]

A fair deal?

You get free Wi-Fi, O2 gets the right to spam you forever. A fair deal? It could be OK. Maybe there won’t in fact be much spam. And since you only give your mobile number, you probably won’t get email spam (unless some heartless organisation has a database linking the two, or you are persuaded to divulge it).

In the end it is not the deal itself I object to; that is my (and your) decision to make. What I dislike is that the terms are hidden. Note that the thing you are likely to care about is clause 26 and you have to not only view the terms but scroll right down in order to find it.

Any why the opt-out by post only? There is only one reason I can think of. To make it difficult.