03-29-2014 12:55 AM
71 123
tools
  1. psychotron's Avatar
    Wow. Hold on there, sparky. If you read my original post carefully you'll see I'm not trying to defend anyone. All I'm doing is trying to have a serious discussion about a relevant topic in the press. And as a matter of fact, it has A LOT to do with TOS, as it sets out your legal rights regarding use of a service.

    And it was pretty darned unnecessary to call me ignorant, don't you think? Let's not get childish about this. Can we not have an intelligent discussion about something and still be civil?
    03-21-2014 11:22 AM
  2. Citizen X's Avatar
    The fanbois are out in force today, I see.

    Yes, Google scans your email. Let's put this in context. An automated system scans the words in your email, matches it to keywords which advertisers have selected and shows an ad. That's as far as it goes. They

    MSFT accessed a private individual's account - This guy WAS NOT A MICROSOFT EMPLOYEE. He was a "third-party" if you RTFA:

    "An ex-Microsoft employee was recently arrested for allegedly leaking company secrets, all because Redmond found evidence against him in his contact's Hotmail account. "

    Humans read his email, WITHOUT a warrant signed by a judge. That is a very very different thing.
    He's a criminal. Are you? Then?
    HyperChrisX likes this.
    03-21-2014 03:18 PM
  3. Michael Alan Goff's Avatar
    By the way, the idea that no humans read GMail is funny. Two employees had to be fired at one point because they used GMail to stalk somebody. :|
    HyperChrisX and 2tomtom like this.
    03-21-2014 04:17 PM
  4. FinancialP's Avatar
    @OP I completely understand your sentiment. However your point won't go well here at wpcentral.

    I used to think Crackberry had some wild comments and beliefs. This place takes the cake.

    Rational people understand that all these companies snoop to some extent. Microsoft is no different they're in the "better to serve you" business as well.
    Ivin Laney and Kashan Osama like this.
    03-21-2014 05:07 PM
  5. Guytronic's Avatar
    Reading thru there's a lot fear\anger concerning evidence gained from a "private" account.

    No expert here yet all I can see is my privacy ends at my property line (and that's at risk also.)
    To me it's just a scary fact that if anyone is connected to the globe there simply is no privacy.

    I know I just have an agreement with the providers of web and mail services.
    Knowing I may have opened myself up to scrutiny by not bothering to get familiar with any agreement provided by any service is how I've dropped my guard.

    Simply put it's just not possible to send secrets out over connections provided by operations that you don't own without laying down your right to privacy.
    I'm pretty sure all web users have been watched from the beginning ... that's just not a secret anymore.
    Over wire info just isn't and never will be guarded completely.
    03-21-2014 08:15 PM
  6. tgp's Avatar
    Simply put it's just not possible to send secrets out over connections provided by operations that you don't own without laying down your right to privacy.
    I'm pretty sure all web users have been watched from the beginning ... that's just not a secret anymore.
    Over wire info just isn't and never will be guarded completely.
    Well put. There are lots of different businesses involved that have access to your data. Let's say for example I send an email to you from my Yahoo account, on my Android on AT&T. You have an Outlook email account and you receive the email on your BlackBerry using Verizon's network. Six companies are involved in that email: Yahoo, Google, Microsoft, BlackBerry, AT&T, and Verizon. I would imagine that any one of them could read that email if they wanted to, or at least would have some form of access to it. And that's not even counting the NSA!

    This incident happened to be one that the media got ahold of, but I'm sure it's nothing new. We would probably crap our pants if we knew what all went on behind closed doors. And that's with all companies: carriers, ISPs, OS manufacturers, governments...
    03-21-2014 09:04 PM
  7. Guytronic's Avatar
    Well put. There are lots of different businesses involved that have access to your data. Let's say for example I send an email to you from my Yahoo account, on my Android on AT&T. You have an Outlook email account and you receive the email on your BlackBerry using Verizon's network. Six companies are involved in that email: Yahoo, Google, Microsoft, BlackBerry, AT&T, and Verizon. I would imagine that any one of them could read that email if they wanted to, or at least would have some form of access to it. And that's not even counting the NSA!

    This incident happened to be one that the media got ahold of, but I'm sure it's nothing new. We would probably crap our pants if we knew what all went on behind closed doors. And that's with all companies: carriers, ISPs, OS manufacturers, governments...
    Laid out very well my friend.
    snowmutt likes this.
    03-21-2014 09:21 PM
  8. Markham Ranja's Avatar
    No, just no. No. For starters, he was a Microsoft employee, do you not see what you just quoted "ex-Microsoft employee"? And Google, doesn't just scan - they scan, collect, and sell. Lastly, Microsoft has its own investigation department much like with other companies, which if they find something suspicious (in this case they did), it would then be brought to the FBI or whatever the government security agency is for legal actions. Microsoft didn't need a warrant, it's their service, their ToS, their policy, services agreement, code of conduct, etc.

    From your perspective, you say it like Microsoft did something unlawful because they went through the guys' data for investigation, and its ok with you if Google scans your everything and make profit out of you. It doesn't matter if it's automated or human, data is still collected. Only difference is that Microsoft's own codes were being leaked and violated a whole lot of their policies, while Google sells everything from its user.
    RTFA again. There are 2 people - Kibkalo, the MS employee who was leaking secrets, and an unnamed blogger, who received these secrets. MS searched the blogger's account without a warrant.

    Also, FYI, MS and every other email service HAVE to scan your email, for spam filtering and other purposes. And nobody "sells" user data, that's just stupid.

    Yes, it is not ok with me if MS intentionally goes after MY accounts because THEY unilaterally think that I might be causing harm to MS. Google serves ads on everybody's email - that seems to be better to me. MS' ToS have this "that they reserve the right to "protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services"

    That's a problem with the overly broad wording of privacy policies. Nearly every company in the world is a Microsoft customer. And "protecting rights or property" is very broad. Could Microsoft look for information about why a customer is not paying its bills in Hotmail accounts? Could they scan their customers' corporate email for indication of piracy? Or software licensing irregularities? What about patent disputes?
    03-22-2014 12:07 AM
  9. travis_valkyrie's Avatar
    RTFA again. There are 2 people - Kibkalo, the MS employee who was leaking secrets, and an unnamed blogger, who received these secrets. MS searched the blogger's account without a warrant.

    Also, FYI, MS and every other email service HAVE to scan your email, for spam filtering and other purposes. And nobody "sells" user data, that's just stupid.

    Yes, it is not ok with me if MS intentionally goes after MY accounts because THEY unilaterally think that I might be causing harm to MS. Google serves ads on everybody's email - that seems to be better to me. MS' ToS have this "that they reserve the right to "protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services"

    That's a problem with the overly broad wording of privacy policies. Nearly every company in the world is a Microsoft customer. And "protecting rights or property" is very broad. Could Microsoft look for information about why a customer is not paying its bills in Hotmail accounts? Could they scan their customers' corporate email for indication of piracy? Or software licensing irregularities? What about patent disputes?
    The blogger was reported to Sinofsky by the random person because of the email probably along with the sample codes. Only then Microsoft took action to abide with the agreement. Warrant or not, the end result would've been the same, but Microsoft is not a law enforcement agency so they cannot get a warrant for itself, that's why they had to stick with their agreement. And since this was not an ordinary case of scanning for spam or etc, they had to take a different approach to catch a criminal.

    47533580.jpg
    2tomtom likes this.
    03-22-2014 02:21 AM
  10. Jaskys's Avatar
    But in both cases the legality is extremely questionable (Google is fighting a class action over the very thing you mention as we speak). The previous employee should still be afforded a citizens right to privacy. Microsoft is not a law enforcement agency and doesn't have any more privilege than you or I to go through someone's private email without a warrant or court order.

    Posted via the WPC App!
    He has contract with MS and he broke it, MS can do anything with people who works for them, what would you do?

    Oh keep leaking little boy, you're doing a GOOD job, those security vulnerabilieties that you gave out to public, are really great, hackers are on their way to infect thousands of computers, but we won't stop you. Keep doing what you do, oh and pirates says thanks for KMS activation

    You have to understand, would you allow random person who would wreck anything in your house to live with you? No, so MS doesn't want some reckless ******* living in their house.

    That person broke the law, broke MS contract.
    03-22-2014 02:32 AM
  11. jojoe42's Avatar
    Personally I think the press has overblown it a little. He did break a few contracts in the process of sharing these early Windows 8 builds (I'd imagine an NDA, employment contract and MS account T&Cs) and so fair enough Microsoft gets to scan through someone's inbox. Not only has he broken agreements with those contracts, it's also illegal too. So what if he has a citizens' privacy rights thing - he clicked agree to the MS T&Cs which is SEPARATE to a citizens' privacy rights, and besides he broke Microsoft copyright/disowned their rights to their CONFIDENTIAL stuff, it's not like the guy emailed a torrented movie and MS pulled him up. Early builds of Windows belong to Microsoft, anyone else who has access to it is on Microsoft's terms, and they have the right to pull someone out if they fall out of agreement.
    herbertsnow likes this.
    03-22-2014 04:31 AM
  12. csd_images's Avatar
    Here's John Frank's statement on the matter. It lays clear MS's actions and why the undertook them. If you have issues or want to second guess the guy in charge of legal counsel for MS feel free.

    Statement

    Microsoft is usually fairly transparent when issues like these occur. If you have an issue with how MS conducts these searches then e-mail them but note they was totally within the remit as the law as it stands in this point of time.

    Here's Frank's bio if you don't know who the guy is:

    LinkedIn

    To note finally, this isn't the same on any level nor related in any way to what Google does with the AdSense network. All e-mail providers have similar terms and conditions that will veto any right to privacy, if you have any inclination for privacy then don't use e-mail as everyone who plays pass the parcel on the network will potentially have copies of the data or has the ability to eavesdrop. The investigation was triggered upon finding criminal actions detrimental to Microsoft, if you say Google, Apple, AOL or any other company who hosts e-mails won't do this if they find similar circumstances then you're naive or a troll.

    The solution here is simple, if you're concerned with privacy learned to use PtP encryption which is easier said than done when it's not the easiest thing to set up and ensure veracity. If you are reliant on a third party then you've compromised the chain of trust.
    03-22-2014 04:41 AM
  13. jailman's Avatar
    Well ... Microsoft has the right to protect its business dont they ?
    03-22-2014 04:46 AM
  14. herbertsnow's Avatar
    I agree with Microsoft. Don't like too bad.
    03-22-2014 10:09 AM
  15. neo158's Avatar
    Well ... Microsoft has the right to protect its business dont they ?
    Exactly, the problem is that everyone thinks that this is exactly the same as what Google has been doing. It isn't, it was their own servers and the search was conducted in accordance with their ToS, which is the same ToS we all accepted when we created our own Microsoft Accounts.

    The point is that if you engage in illegal activity on a companies servers then that company has the right to search their servers as part of the investigation, no warrant needed.
    herbertsnow and Guytronic like this.
    03-22-2014 10:14 AM
  16. boasist's Avatar
    Uhhh, you are using a free service provided by someone other than yourself. You should never think that your information that passes through that service isn't subject to investigation at any time.
    Guytronic likes this.
    03-22-2014 10:18 AM
  17. Zulfigar's Avatar
    Uhhh, you are using a free service provided by someone other than yourself. You should never think that your information that passes through that service isn't subject to investigation at any time.
    +1
    Guytronic likes this.
    03-22-2014 10:18 AM
  18. neo158's Avatar
    Uhhh, you are using a free service provided by someone other than yourself. You should never think that your information that passes through that service isn't subject to investigation at any time.
    It may be a free service but unless there is evidence of wrongdoing, in this case there was, then email should be private.

    Are you saying that if you pay for your email service it's more secure?
    03-22-2014 10:22 AM
  19. Michael Alan Goff's Avatar
    Everyone who is complaining about this should really start reading the Terms of Service.
    neo158, Guytronic, jojoe42 and 1 others like this.
    03-22-2014 10:32 AM
  20. Morpheus Phreak's Avatar
    As someone who worked on a team at MS that had to perform similar tasks from time to time (not for e-mail though) I have a somewhat unique ability to know how this all works.

    It is something that is actually handled very carefully, and with a lot of consideration put into it. Even extremely justified requests are handled very delicately.

    You might be surprised that we are just regular humans like everyone else. :P
    Last edited by Morpheus Phreak; 03-22-2014 at 03:22 PM. Reason: Realized I missed a period at the end of a sentence, and replaced a letter to fix a typo.
    Guytronic likes this.
    03-22-2014 10:34 AM
  21. herbertsnow's Avatar
    Is this hypocrisy in light of the Scroogled campaign or justified in light of the situation? Under what kind of circumstances should a corporation be allowed to do things like this without a court order? Even the NSA needs permission from the DOJ to gather info on suspects. Opinions?

    Microsoft: We have the right to search your Hotmail account (updated)

    EDIT: I guess I need to make a couple of things a little more clear. What I was mainly trying to accomplish with this post was to play devil's advocate and foster an important discussion. Do I personally think Microsoft was justified? For the most part, yes. Richard Hay of Windows Observer wrote a very good and relatively fair take on the situation here: Microsoft neither Scroogled nor violated privacy issues in their search of leakers Hotmail account | WindowsObserver.com

    But I do think this is still a topic worthy of discussion as I believe it raises another important question regarding privacy - Just because it is in the TOS of the email host, does that alone make it right or legal, even given the circumstances? The reason I bring that up is because consent is given in Goggle's TOS for them to use an algorithm to scan a user's email for keywords in order to target advertising, yet they are still facing a class action suit based on that practice. Thinking about that also led me to this thought - Is it possible that the defense may be able to persuade the court that is prosecuting this case to declare the email evidence inadmissible due to the manner in which it was gathered? My reasoning behind that is the fact that even known criminals who are clearly guilty of misconduct have wiretap evidence and such dismissed all the time based on how it was obtained. In any case, only one thing is absolutely certain at this point in my opinion, and that is that things become dreadfully murky once lawyers become involved.


    I think that Microsoft may have perhaps avoided much of this supposed bruhaha had they simply given permission to an outside law enforcement agency to conduct the investigation and gather evidence as the way they went about it might smack a bit of vigilantism in the eyes of privacy advocates. As always, though, hindsight is 20/20.
    You need to get out more.
    03-22-2014 10:57 AM
  22. shmsnh's Avatar
    The fanbois are out in force today, I see.

    Yes, Google scans your email. Let's put this in context. An automated system scans the words in your email, matches it to keywords which advertisers have selected and shows an ad. That's as far as it goes. They

    MSFT accessed a private individual's account - This guy WAS NOT A MICROSOFT EMPLOYEE. He was a "third-party" if you RTFA:

    "An ex-Microsoft employee was recently arrested for allegedly leaking company secrets, all because Redmond found evidence against him in his contact's Hotmail account. "

    Humans read his email, WITHOUT a warrant signed by a judge. That is a very very different thing.
    Congratulations on a job well done. Calling everyone else a fanboy, without having a clue about what you're saying.
    neo158, Cleavitt76 and 2tomtom like this.
    03-22-2014 12:56 PM
  23. Cleavitt76's Avatar
    Some of you seem to be confused about search warrants, court orders, constitutional rights, and similar US laws.

    Search warrant: "A search warrant is a court order issued by a magistrate, judge or Supreme Court official that authorizes law enforcement officers to conduct a search of a person, location, or vehicle for evidence of a crime and to confiscate evidence if it is found. A search warrant cannot be issued in aid of civil process.

    Search warrants are not issues to private companies or individuals. They are for law enforcement. A search warrant doesn't apply in this case any more than I would need a search warrant to take pictures of my own house if I was collecting evidence for a vandalism/theft case that I reported.

    Court order: "A court order is an official proclamation by a judge (or panel of judges) that ... requires the carrying out of certain steps by one or more parties to a case."

    If MS had asked for a court order to gather evidence from their own servers for a criminal case in which they are the victim the judge would no doubt think they were total idiots. Court orders are used to force someone to turn over information/evidence that they are otherwise unwilling to turn over.

    As far as "rights to privacy" with services offered by a private company, that does not apply when you are involved in a crime. The terms of service of any service provider clearly state that the data on their system can be searched/seized/deleted/etc. if there is reason to believe you are doing something illegal (which these people were). Microsoft didn't go trolling through all of the data in Hotmail to track down the blogger. The blogger emailed Microsoft to ask them about the stolen information! That's a lot like the stupid criminals that accidently drop their wallet at the scene of the crime. Do you think a search warrant is needed for the victim (or law enforcement) to look inside that wallet?

    Some of you act like this is a case were someone said something bad about MS and MS abused its power to hunt them down and destroy them. This was an investigation into a major crime. The reality is that the two people involved in this crime were incredibly stupid. The former employee was committing several crimes and he used MS services (SkyDrive) in the process. The blogger emailed Microsoft using his Hotmail account to ask them if the stolen authorization codes were legit. How stupid can you get?! If someone stole my phone and then started using it to call their friends and take pictures, do you think I should ask for a search warrant or court order before I look at their calls records on my cell phone bill? Should I get permission to copy their selfies that automatically upload to my OneDrive? What do you think the police would say when I ask them for permission to log into my AT&T account and read the text message that the criminal is sending? I'm pretty sure they would say, "why are you asking us for permission?"
    neo158, mpt15, Guytronic and 1 others like this.
    03-22-2014 06:41 PM
  24. neo158's Avatar
    Some of you seem to be confused about search warrants, court orders, constitutional rights, and similar US laws.

    Search warrant: "A search warrant is a court order issued by a magistrate, judge or Supreme Court official that authorizes law enforcement officers to conduct a search of a person, location, or vehicle for evidence of a crime and to confiscate evidence if it is found. A search warrant cannot be issued in aid of civil process.

    Search warrants are not issues to private companies or individuals. They are for law enforcement. A search warrant doesn't apply in this case any more than I would need a search warrant to take pictures of my own house if I was collecting evidence for a vandalism/theft case that I reported.

    Court order: "A court order is an official proclamation by a judge (or panel of judges) that ... requires the carrying out of certain steps by one or more parties to a case."

    If MS had asked for a court order to gather evidence from their own servers for a criminal case in which they are the victim the judge would no doubt think they were total idiots. Court orders are used to force someone to turn over information/evidence that they are otherwise unwilling to turn over.

    As far as "rights to privacy" with services offered by a private company, that does not apply when you are involved in a crime. The terms of service of any service provider clearly state that the data on their system can be searched/seized/deleted/etc. if there is reason to believe you are doing something illegal (which these people were). Microsoft didn't go trolling through all of the data in Hotmail to track down the blogger. The blogger emailed Microsoft to ask them about the stolen information! That's a lot like the stupid criminals that accidently drop their wallet at the scene of the crime. Do you think a search warrant is needed for the victim (or law enforcement) to look inside that wallet?

    Some of you act like this is a case were someone said something bad about MS and MS abused its power to hunt them down and destroy them. This was an investigation into a major crime. The reality is that the two people involved in this crime were incredibly stupid. The former employee was committing several crimes and he used MS services (SkyDrive) in the process. The blogger emailed Microsoft using his Hotmail account to ask them if the stolen authorization codes were legit. How stupid can you get?! If someone stole my phone and then started using it to call their friends and take pictures, do you think I should ask for a search warrant or court order before I look at their calls records on my cell phone bill? Should I get permission to copy their selfies that automatically upload to my OneDrive? What do you think the police would say when I ask them for permission to log into my AT&T account and read the text message that the criminal is sending? I'm pretty sure they would say, "why are you asking us for permission?"
    That's a herp derp moment if I ever saw one, how could they both be so incredibly stupid. Candidates for the Darwin Award I think!!
    tgp likes this.
    03-22-2014 07:42 PM
  25. fatclue_98's Avatar
    He was never a Microsoft employee. Read the article again. They investigated the account of a blogger, not of the employee who leaked secrets.
    I read about this on another publication, I can't remember which, but the French blogger warned the guy about leaking too much and then contacted Microsoft. It would appear to me that this blogger cooperated with Microsoft. I don't see the problem here. In the US, your expectation of privacy ends the nanosecond you hit that "send" button. Want privacy, hire a Navajo to send encoded smoke messages or get yourself a good set of pigeons. That's reality whether we like it or not.
    03-22-2014 08:54 PM
71 123

Similar Threads

  1. How's your 810 holding up?
    By soundscan9800 in forum Nokia Lumia 810
    Replies: 52
    Last Post: 11-24-2015, 05:08 PM
  2. Easiest way to remove red eye
    By donebrasko in forum Nokia Lumia Icon
    Replies: 4
    Last Post: 05-16-2014, 06:01 PM
  3. (Fan) Challenge for wpcentral developers... We want news reader app following UI of wpc wp8 app
    By Anant Anand in forum Windows Central for Windows Phone - App Support
    Replies: 9
    Last Post: 03-23-2014, 09:47 AM
  4. I just registered an AppStudio account. Have a question.
    By Dadstar0410 in forum Software Development and Hacking
    Replies: 19
    Last Post: 03-22-2014, 01:38 PM
  5. Just what is the best way to sync music to my phone?
    By sunshine182 in forum Nokia Lumia 820
    Replies: 1
    Last Post: 03-20-2014, 11:11 PM
LINK TO POST COPIED TO CLIPBOARD