7 Comments

Summary:

Yes, we are all being watched and our data harvested and that won’t stop. But if someone, or someone’s app, misuses our data, they should be punished under the law, said Craig Mundie.

Microsoft's Craig Mundie
photo: Microsoft

There is no stopping the massive collection of people’s data a la PRISM or Facebook — that genie is long out of the bottle. But we can — and should– make it a lot more painful and expensive for people or companies that misuse that data trove, said Craig Mundie, former Microsoft CTO who now is a strategic advisor to the CEO.

“Personally, I’d make [data misuse] a felony. Without that, the downside is too low.  We should make it a serious crime to subvert those mechanisms,” Mundie told attendees of the EmTech 2013 conference at MIT’s Media Lab in Cambridge, Mass.

The problem now is when people “allow” a smartphone app to use their GPS data, for example, they have no idea where that app will pass that data downstream, he said.

“In computing there is no use without an app. So you need to force people to register the uses of apps, the use of the data an app makes and from that determine whether it’ll comport with some desire or control by the individual, the institution, or the government,” he said.

How to do that? One way is to put cryptological wrappers or metadata around pieces of data that will guide their use down the supply chain. Mundie likened that to digital rights technology used in the music and film industries.

Mundie’s mention of digital rights management (DRM) technology might be a red flag for skeptics who suspect Microsoft might be more motivated by software piracy than individual data privacy rights, but I digress.

The data protection technology is viable, but other factors remain knotty, according to other experts.

“The cryptography is viable to do this now  … but from a policy perspective how can you enforce having the app tell you where all that data will be going?” asked Katherine Frase, Ph.D, VP and CTO of Global Public Sector for IBM who also spoke at the conference.

This theme — that data collection (actual surveillance) is happening everywhere all the time — cropped up again and again at the conference.

Frase’s suggestion for now: “Get over wondering if you’re being hacked. You are, every day. Just figure out what you can do about it,” she said in an interview.

Longer term we need to settle on policy issues about how to get the right level of transparency around data use so you can get to usage-based decision making, she added.

  1. We should criminalize making terrible software that has no sense of security or user friendliness

    Share
    1. Now now….. (lol)

      Share
  2. My first impulse is to point out how Microsoft handed all Skype communications to the Feds as a condition for buying that company.

    But maybe Mundie has a good point. We do want companies (Fitbit, Mint, Google, Facebook) to collect tons of information from us to make new things possible and old things easier. So regulating how that information is used (by outlawing altogether a minimum of things, and then requiring use to conform to easily understood agreements between users and companies) makes sense.

    Share
    1. yes it is a little rich that microsoft guy is talking this (esp after prism too)…

      Share
  3. He is probably just out to get a bit of publicity for the MS CEO job, since he is advisor to the CEO now. Like many C-Suits, he is clearly out of his depth on this one! It is almost like saying, lets solve world hunger by planting more veggies!

    Share
  4. OK, so does this mean charging 100,000 NSA employees with a felony?

    If so, now we’re talking.

    If not, this is a useless academic exercise.

    Share
  5. Monkeysoft should outsource its remnants to stinking india… I’m sick of it

    Share

Comments have been disabled for this post