I'm sorry, but isn't this just nitpicking? Just because they don't say how it's analyzed doesn't make this a scandal.
You know what I guess I am corrected - they said "employees couldn't read or listen". It's a contractor loophole!!! -/sarcasm
So yes, I think to us this is nit picking. But to the general public this is news.
I still remember a few years back having conversations with people about how companies like Google, Apple, and whatever hire people to listen to your recordings when you use services like Ok Google and Siri. Of course no techies bat an eye at this talk. But people in the general populous called me a conspiracy theorist.
I don't think we realize the technical literacy divide that exists.
For instance, Google will say that they analyze your Gmail to improve the service etc, but that no human will ever read your email.
How is the average person expected to keep track?
"No, leave it as it is; nobody's that concerned about their privacy being violated by other people listening to recordings captured by Alexa, Siri etc."
I have long assumed that with Whatsapp... I honestly don't believe that it's as secure as it used to be: Facebook'a raison d'etre is all about data gathering.
Also, when I read a WhatsApp message on my phone, it's unencrypted as I see it on the screen, it kind of has to be... what stops FB (or anyone for that matter) from reading it too at that point.
Sorry, I went on a tangent a bit there but I feel it was relevant.
There's something incredibly dystopian by using humans as part of a process you literally tell people is entirely machines.
As an aside: Being a tech I have been asked numerous times by non-techs "What actually is AI?"
I usually answer "a lot of if-statements" :)
I was making a joke :)
learns that the full automation is physical labor by cosmonauts at every stage of the process. No spoilers about the end, it's even better.
These stories are really overblown. All these companies are doing it in order to make voice recognition better. It’s simply not possible to do with some QA... you have to know what people are actually saying vs what the system recognized.
I am sure they are "training" their AI. I don't doubt it but they have access to masses of data. Some mega-personal I would imagine and also some that can provide insight into other businesses and markets and so on.
The temptation to "use" that data would be absolutely enormous and the financial pressures to use it to provide whatever advantage would be equally enormous.
I recall years ago reading about the FB app spying on users' usage of other apps on phones (My Google-fu is broken right now but I'll keep looking for it and update if I find it).
Imagine if <insert mega-corp> has data from one purpose/system that could provide a massive leg-up to them. Do you think they would ignore it? Perhaps in regulated industries like finance (I happen to work in finance and we have systems and procedures in place for this kind of thing) they may have to destroy it once it's been used for a very specific purpose but we're talking about Skype.
The best scenario is if the data doesn't exist or can't be read... it removes the possibility of temptation and financial pressures to use it.
FB knowing what apps people use makes a lot of sense because it tells them how they’re doing relative to others. You’re not getting such information in the home.
This has likely been going on for some time.
Notice that the article you linked is hosted on forbes.com/sites/ericjackson...
Some guy named Eric Jackson (https://twitter.com/ericjackson) - who appears to be a PE investor wrote that article.
Forbes is a content farm that hosts opinion posts:
Forbes.com uses a "contributor model" in which a wide network of "contributors" writes and publishes articles directly on the website. Contributors are paid based on traffic to their respective Forbes.com pages; the site has received contributions from over 2,500 individuals, and some contributors have earned over US$100,000, according to the company. Forbes currently allows advertisers to publish blog posts on its website alongside regular editorial content through a program called BrandVoice, which accounts for more than 10 percent of its digital revenue.
I'm very skeptical of these privacy claims. The fact that my voice commands are being sent to a random person on one end listening to them at home makes me reconsider the real purpose of these 'Smart Assistants' in general. If Microsoft thinks that the contractor can only access it via a 'secure portal' means that they are respecting your privacy, then the security is as a good as it being compromised and contradicts their end-to-end encryption claims.
To these companies, 'privacy' is just another buzzword used to keep us using their services. I think it would take something far worse than this to break the social inertia around these services and for us to reconsider using them.
Funny enough, at one point Microsoft basically merged Skype and MSN, and the text chat parts of Skype started using “MSNP24”, a couple version numbers up from the latest MSN protocol, MSNP22. I never dug in to see how much it was really like MSNP from MSN because I lost interest in Skype not long after.
Though to be clear, yeah, it didn't really fix the mobile app. It felt just as broken up to the moment I uninstalled Skype.
This isn't a fact of life, this is a flaw in the API of most popular mobile OSes. Open source comunnity maintaned operating systems have solved the problem of providing a network service for handling push notifications (local or not) multiple times now and these companies have refused to implement them because it makes it much easier to create an ecosystem around their crap.
This gives them controll and controll can be traded for money, it has aboslutely nothing to do with technology. That's just life
However, even if you allow apps to run in the background basically indefinitely as Android once did (there were IRC clients that Worked, using only the phone,) it simply is bad for battery life. Having multiple push services that are blessed to run periodically is also just not good for battery life. The proof is in the pudding; I switched to IRCCloud for IRC on the go after noticing what a terrible battery drain it was.
Now, third party push services can certainly do better than IRC, but they’re still centralized. Decentralized networks are just not power efficient. It requires always on machines to be effective.
I’m not saying I love the status quo, but it’s unclear how to do better.
(Obligatory legal line noise: these are my own opinions and not those of my employer.)
I mean, you could just run IRC in a TUI (e.g. Irssi or WeeChat) and connect to that via Mosh plus Tmux. You'd have low latency, 24/7 uptime, resuming, low resource usage... but no push notifications.
And yes, doesn't mean MSFT doesn't have access to other communication and doesn't mean other cases aren't serious leaks of information to arbitrary contractors.
>An industry source disclosed that America's supersecret National Security Agency (NSA) is offering "billions" to any firm which can offer reliable eavesdropping on Skype IM and voice traffic.
And then Snowden revelations confirmed that MS was intercepting Skype :
>Microsoft has collaborated closely with US intelligence services to allow users' communications to be intercepted, including helping the National Security Agency to circumvent the company's own encryption, according to top-secret documents obtained by the Guardian.
>In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;
That was immediately before O365, and at that point BPOS/Exchange online was starting to get traction with some governments. Microsoft was also ramping their OCS/VoIP business.
Government is a huge market for O365, they were able to get ATOs and go conquer most states and federal agencies. They also bought a huge VoIP play, learned how to operationalize it, quickly spun it into a service component that serves >100M people.
Microsoft, like any company, isn’t good or evil, but will do whatever is in the company’s best interests, and they’ll act appropriately when their interests align with the government.
Skype looked like a solid investment at the time. Microsoft makes a lot of money from corporate clients so it's probably just another strategic acquisition that they did not know what to do with.
There is a difference between being compelled to spend billions on a company just to provide wiretapping for feds, and buying a company with a wildly successful product then being asked to handle wiretaps after the fact. One of those is ridiculous, the other is expected.
As long as they're only spot checking and not browsing through any one persons calls for no reason I don't see why it's a big deal. It's mostly business lines anyway.
That said, they should have some protocols and controls in place for listening to any calls, with solid paper trails. Every company like that should have a privacy manager to direct and monitor these measures. They could even document/blog about their work on privacy for marketing purposes (assuming the executives are aware of just how in-demand privacy has become these days).
Go back 50 years and apply this same logic to AT&T instead of Skype to see how far our expectations of privacy have degraded.
I'm talking about engineers accessing it anyway.
I really don't have a problem with that and I'm pretty hardcore into privacy. I assume all Skype calls are 100% tapped, auto-translated, and data-mined available for any agency who wants it.
Zbigniew Brezinski, former national security advisor of the United states:
"The technetronic era involves the gradual appearance of a more controlled society. Such a society would be dominated by an elite, unrestrained by traditional values. Soon it will be possible to assert almost continuous surveillance over every citizen and maintain up-to-date complete files containing even the most personal information about the citizen. These files will be subject to instantaneous retrieval by the authorities."
Book - governments not to work for the people:
I don't know if they have apps, but as far as I know their server code is on github.
I personally use jitsi because it is FLOSS software and it's less likely to send conversation contents to the NSA or other dragnet surveillance entities. But it's not end to end encrypted.
That is indeed not the case anymore, as per the PRISM program, which was leaked during the Snowden leaks of 2013.
From Wikipedia  the following three quotes:
"The documents identified several technology companies as participants in the PRISM program, including Microsoft in 2007, Yahoo! in 2008, Google in 2009, Facebook in 2009, Paltalk in 2009, YouTube in 2010, AOL in 2011, Skype in 2011 and Apple in 2012"
"Internal NSA presentation slides included in the various media disclosures show that the NSA could unilaterally access data and perform "extensive, in-depth surveillance on live communications and stored information" with examples including email, video and voice chat, videos, photos, voice-over-IP chats (such as Skype), file transfers, and social networking details."
"According to The Guardian, NSA had access to chats and emails on Hotmail.com and Skype because Microsoft had "developed a surveillance capability to deal" with the interception of chats, and "for Prism collection against Microsoft email services will be unaffected because Prism collects this data prior to encryption.""
Regarding that last quote, Wikipedia mentions these sources