[Geowanking] MS local.live.com & privacy (lack of)

Jeremy Irish jeremy at groundspeak.com
Mon Dec 12 18:06:35 PST 2005


At first glance I really didn't have a problem with what they were saying. Also I'm not a lawyer so correct me if I'm missing something. Let's break out the parts that you guys seem concerned with:

> "Use of Location Information ... Microsoft may use the information 
> collected to provide you with more effective customer service, to improve 
> Location Finder and any related Microsoft products or services,...

This part was the only part that genuinely bothered me. Specifically, "information collected [...] to improve Location Finder and any related Microsoft products or services." The biggest issue for me is that I don't know what they mean (which I think was intentional) and can be twisted into something sinister.

This, however, doesn't bother me at all:

> Microsoft may disclose location information if required to do so by law or 
> in the good faith belief that such action is necessary to (a) conform to 
> the edicts of the law or comply with legal process served on Microsoft; 
> (b) protect and defend the rights or property of Microsoft and our family 
> of Web sites; or (c) act in urgent circumstances to protect the personal 
> safety of Microsoft employees or agents, users of Microsoft products or 
> services, or members of the public.

I'd like to understand why disclosing location information to protect the personal safety of someone would be a Bad Thing. We (Groundspeak) have a strong privacy policy that protects people except by subpoenas (obviously), but it seems like a really nice policy to have. In fact I can think of two occasions where this would have been extremely helpful.

And this is just plain necessary:

> Location information collected by Location Finder may be stored and 
> processed in the United States or any other country in which Microsoft or 
> its affiliates, subsidiaries or agents maintain facilities. "

Well duh. If I'm saving information to restore for a user in the future, I have to store it somewhere. It seems to me that this kind of text is meant to make sure people understand that information is stored for later retrieval. For example the service saves the most recent queries so you can click on them and not have to retype them. Addresses are particularly nice to click on after you search for a local McDonalds or whatever to do a second search. 

We store all sorts of location data like home coordinates on Geocaching.com and "My Origins" on Waymarking.com, for example. It's just stating the obvious (which legalese tends to do often).

But I get the beef. I just don't seem to be able to connect the dots:

> Clearly Microsoft's IP location database includes spooky 
> datamined information about users' actual location that is not normally 
> available by querying the publically accessible databases.

Clearly it contains information about your IP address but you're jumping to a conclusion that doesn't seem obvious to me. How did you determine that the application of their privacy policy helped determine your location? 

One possibility is that you run web sites on your static IP. If you register a domain and your DNS records point to your IP address it is certainly possible you were just mapped by that domain registrar.

If it wasn't a DNS lookup, at some point you would need to provide a coordinate to map to that address. If you weren't doing so - who would? There's certainly more to look into before you jump into conclusions that there are black helicopters monitoring your satellite feed.

I probably missed the glaring point in your expose, so feel free to pick holes in my logic.

Jeremy





More information about the Geowanking mailing list