(Re-posts)
A Note to Google Users on Net Neutrality:
The Internet as we know it is facing a serious threat. There's a debate heating up in Washington, DC on something called "net neutrality" – and it's a debate that's so important Google is asking you to get involved. We're asking you to take action to protect Internet freedom.
In the next few days, the House of Representatives is going to vote on a bill that would fundamentally alter the Internet. That bill, and one that may come up for a key vote in the Senate in the next few weeks, would give the big phone and cable companies the power to pick and choose what you will be able to see and do on the Internet.
Today the Internet is an information highway where anybody – no matter how large or small, how traditional or unconventional – has equal access. But the phone and cable monopolies, who control almost all Internet access, want the power to choose who gets access to high-speed lanes and whose content gets seen first and fastest. They want to build a two-tiered system and block the on-ramps for those who can't pay.
Creativity, innovation and a free and open marketplace are all at stake in this fight. Please call your representative (202-224-3121) and let your voice be heard.
Thanks for your time, your concern and your support.
Eric Schmidt
Take action now
Call Congress at 202-224-3121 or click here to enter your zip code to find your representative
Sign the online petitions at ItsOurNet and SaveTheInternet.com for Internet freedomIt's Our Net
Sign up to receive occasional updates about this and other important public policy issues [?]
Also...
http://www.theregister.co.uk/2006/06/08/ms_wga_phones_home/
Microsoft product phones home every day
Oh didn't we mention that in the licence?
By John Oates
Published Thursday 8th June 2006 13:06 GMT
Security White Papers - Download them free from Reg Research
Microsoft has admitted that Windows Genuine Advantage (WGA) will phone Redmond every day - something it neglected to tell users before they installed it.
WGA is designed to detect pirated copies of MS software but is also creating some false positives - two UK dealers have contacted the Reg to report customers complaining that WGA had branded their software as an illegal copy.
The software checks what is installed on your machine and then reports back to Microsoft - it sends your IP number and information on your software set-up. If your software is dodgy you will start receiving pop-up reminders from Microsoft.
Michaela Alexander, head of anti-piracy at Microsoft UK, told the Reg: "First of all this is a pilot - customers have the choice to subscribe or not. WGA is very careful about which license keys are checked - some numbers have been leaked and therefore have been culled by Microsoft. If customers bought a genuine copy of Windows but as a result of a poor installation or a repair a different license key was used then WGA would flag it as not genuine."
But Alexander said all this was detailed in the opt-in process. But she added: "The last thing we want is unhappy customers so we are investigating this - but it is a pilot and this is part of the process."
The word from the US is that Microsoft will change WGA so it only phones home once a fortnight, instead of every day, and will do a better job of letting users know what the software is doing. More from Seattle Post Intelligencer here.
Did anyone say Linux?
Comments
Hide the following 2 comments
Did anybody mention the data protection act to Redmond?
09.06.2006 01:09
One of the Duties of Data Controllers is to register:
The following link is to Microsoft UK's Data Protection Record for
Registration Number: Z6296785
MICROSOFT CAMPUS
THAMES VALLEY PARK
READING
BERKSHIRE
RG6 1WG
http://www.esd.informationcommissioner.gov.uk/esd/DoSearch.asp?reg=2942316
When this registration comes up for renewal in 2007 (8 January), it would be of general public interest to object to the blanket use of transferring data "worldwide". America has no Data Protection Legislation so incautious transport of data to there would be against the Data Protection Principles (see below). For this reason most UK Based American Corporate Data outsourcing goes to India which is within the structures of "Data Safe Harbours" - that is jurisdictions with data protection legislation meeting at least minimal UK standards. Nowhere in the NAFTA area comes up to this standard. It would be of general public interest to object each and every year in order to ensure Microsoft does not gather data on a speculative basis. Which would be outside the spirit of the legislation.
There are mechanisms for complaint - to be found on the website. Contacting the Information Commissioner is by any of the methods here:
http://www.ico.gov.uk/eventual.aspx?pg=Contact%20Us
What this record tells you. It tells you that Microsoft Gathers information for Eleven Purposes. If it gathers data outside of these Purposes Data Subjects have a right to object. It is outside of the accepted spirit of the legislation to gather data and ~then~ declare the purpose. Failure to exercise the Data Protection Policy is an Offence. If a person has obtained personal information illegally it is an offence to offer to sell or to sell personal data. Should Microsoft be obtaining personal information outside of their declared purposes and kinds of data then they are commiting an offence.
If Data Controllers fails to gather the data in line with the Data Protection Principles they can be censured by the Data protection Registrar/Commissioner. Some "changes" to data protection usages are criminal offences if the Registrar is not informed - before the change takes place. There are Data Protection Principles that cover such things as the way in which the data is gathered. These are not just "nice" principles, they are law.
All personal data must be
1) fairly and lawfully processed
2) processed for limited purposes
3) adequate, relevant and not excessive
4) accurate
5) not kept for longer than is necessary
6) processed in line with your rights
7) secure
8) not transferred to countries without adequate protection.
Of Paticular interest is Principle 8. What need does Microsoft have to Offshore any data to
Redmond? It would be entirely possible to check UK Licenses in the UK using a UK based Machine. UK customers have the above principles in their favour. It is neither here nor there that Microsoft has a computer to perform this task in Redmond. For Data Protection Purposes they could equally locate it in Thames. Which would demonstrate compliance.
Another consequence of these Principles is that Data is not to be collected "speculatively". It is fine to collect data for a specific purpose (to validate licence compliance) but not to then send advertising (pop ups advising you your licence is invalid) if, in fact, you do not wish your personal data to be collected for advertising. It would seem reasonable to suggest that pop ups requesting registration or fees would be advertising - regardless of you breaking the law or not. it might also be breaking principle three. Popping up every day or every week - a license needs checking once - seems excessive. And the more people that say so the better.
Companies such as MySpace inform their users that their data will be held in the US and subject to US Data Processing (not protection) legislation. Microsoft could do this each time a Windows Box contacts Redmond. This is a significant lapse in Localisation which is consequential both for their Customers and their business practices. In terms of transfering personal data outside of the UK the only recent Authorisation was General Electric Company (GEC). Microsoft may not be breaking the letter of the law but they certainly seem to be ignoring the spirit.
Section 7 of the Data Protection Act 1998 entitles an individual to request from a data
controller a copy of the information constituting personal data about him. This right is
subject to a number of exemptions in Part IV and schedule 7. There is nothing in
section 7, nor Directive 95/46/EC, limiting the purposes for which a subject access
request may be made. There is also nothing to provide for a data controller to require
the data subject to state the purposes for which he intends to use information obtained
as a result of his subject access request. There are also no exemptions from the right
of access where civil legal proceedings are contemplated or ongoing. In short, it is possible to request all the personal data held by a Data controller about your personally (for a small fee) which relate to you self. It is also possible to instruct them of any corrections that they need to make for it to be made accurate. Having obtained data, and enquiring which purpose it was gathered for it is possible to go through the eight principles and see if they were adhered to.
It is fairly worthless, but reaonable to look at the microsoft websites' privacy policies - quite simply it is on line and can be changed with the winds. Unless somebody woudl care to print to PDF and upload to Indymedia. I have not done so as this may breech some obtuse commercial senstivity.
http://privacy.microsoft.com/en-us/default.aspx
These principles were significantly affected by the Durant Case - in respect of what is "personal"
http://www.ico.gov.uk/cms/DocumentUploads/Durant_27_feb_06.pdf
Should you require your MP to look into these matters, it might be helpful to let that person know of the following document:
http://www.ico.gov.uk/cms/DocumentUploads/Disclosures_to_MPs_carrying_out_constituency_casework.pdf
There are other manners in which which personal data is collected - such as at supermarkets - using loyalty cards. CCTV is also covered in this legislation. The same eight principles apply to Loyalty Cards or Identity Cards.
One of the significant - and eco friendly ways - to reduce the opportunity for misues of your personal information in a Data Protection sense is to refuse to have Telephone Advertising or Junk Mail. These are the Front end "interface" for businesses to gather information they have no automatic right to. Reducing such paperwork and telephone contact is one way of reducing Data Protection Exposures.
People who have expressed a Public Interest in Privacy from Microsoft (slightly out of date)
Jay C. Cannon, Privacy Strategist, Microsoft, USA
Peter Cullen, Chief Privacy Strategy Officer, Microsoft, Washington State, USA
And People Responsible in other places:
Chris Turner, Senior Inspection Manager, Office of the Information Commissioner, UK
Pavan Duggal, Advocate, Supreme Court of India, New Delhi, India
All of whom have discussed Microsoft's Pricacy Practices. But not necessarily their data protection practices.
Ensure your increase your privacy
Remove your public record from the electoral roll. This means anybody who wishes to find your Electoral Register entry will need to visit the local council. With a pencil. This will have the long term effect of removing your data from Experian and Equifax both of whom rely on the Electoral Register to sell you your own private information.
http://www.privacy.org/pi/bigbrother/uk99/
Electoral Roll - see your local council
http://www.liverpool.gov.uk/Council_government_and_democracy/Elections/Electoral_Roll/index.asp
http://www.trafford.gov.uk/content/elections/electoralroll.asp
http://www.manchester.gov.uk/freedom/scheme/democracy.htm
http://www.leeds.gov.uk/Electoral%20Registration/page.aspx?style=
(No - you are not being asked to vote its a source of information for companies).
Equifax and Experian (Hold out no hope of data protection here)
http://www.equifax.co.uk/privacy.htm
marketingoptout@equifax.com (yes seems sad that you have to opt OUT rather than IN).
http://www.experian.co.uk/corporate/dataprotection.html
Refuse to have Telephone Advertising Here (not a chargeable service)
Telephone Preference Service (TPS)
http://www.tpsonline.org.uk/tps/
Refuse to have Junk Mail Here (Again - not a chargeable service)
http://www.mpsonline.org.uk/mpsr/
Or use this Trading Standards Portal Site
http://www.tradingstandards.gov.uk/telservices/telservices.cfm
Links.
All of these links are counted by cookies but contain no commercial advertising. They are all on the Information Commissioners Web Site.
http://www.ico.gov.uk
Link to Microsoft Data Protection Records:
http://www.esd.informationcommissioner.gov.uk/esd/DoSearch.asp?reg=2942316
You may link to this record but not copy it. You may refer to it in the spirit of the Copyright Designs and Patents Act (1988).
Some Offences created by the act
http://www.ico.gov.uk/eventual.aspx?id=83
MP Disclosure Guidance
http://www.ico.gov.uk/cms/DocumentUploads/Disclosures_to_MPs_carrying_out_constituency_casework.pdf
Privacy Enhancing steps that Microsoft can well afford
http://www.ico.gov.uk/cms/DocumentUploads/Privacy_enhancing_technologies_Tech_Guidance_Note.pdf
A Guide to what Microsofts Obligations are
http://www.ico.gov.uk/eventual.aspx?id=1038&expmovie=1
Training Materials.
https://www.ico.gov.uk/eventual.aspx?id=7127
Free of Charge to UK taxpayers. It suprises Americans how "restricitive" the principles are intended to be. It is good to be informed of what Data Protection means when discussing Corporate Data Use. Particularly in light of Identity Cards.
Contacting
http://www.ico.gov.uk/eventual.aspx?pg=Contact%20Us
Legal Decisions
http://www.ico.gov.uk/cms/DocumentUploads/Durant_27_feb_06.pdf
Links for Microsoft
http://privacy.microsoft.com/en-us/default.aspx
These microsfot sites use a number of tracking measures. A lot of the content is "managed" so you might get different versions of the document depending on - whatever.
Links about Microsoft
http://www.watchfire.com/resources/ibd-p3p-wf.pdf
http://www.sans.org/newsletters/newsbites/newsbites.php?vol=8&issue=43&rss=Y
(contains such articles as this:
Sacred Heart University Suffers Data Security Breach (26 May 2006)
Sacred Heart University in Fairfield, CT has acknowledged that it detected a computer intrusion on May 8. The police and the FBI have been notified and have begun investigating the incident. According to an area television station, the school has notified 135,000 individuals that their personal data may have been exposed. The school has not released any more details about when the breach occurred or what information was exposed. According to a posting on the university's web site, an investigation utilizing school resources and an independent Internet security firm is also underway.)
An Interested Party
hard experience says
12.06.2006 15:32
. . . . mngmnt dffrnt????
yehrite