I've never understood how people can truly believe that by checking (or unchecking) a checkbox their privacy will be fully protected. Especially since we're talking about a closed-source OS.
I mean I cannot possibly verify what exactly goes on in the annals of the operating system and what happens to my data, where it is logged and where it is stored and how it is sent.
So regardless of the settings, I always assume that my data is logged and read by some creepy agent in the Ministry of Truth.
If it's not, then I'm just lucky.
Having grown up in a totalitarian state, that's the default way I think about this stuff and no amount of promises (except the source code which I can personally compile) can make me trust any 3rd party corporation.
> Having grown up in a totalitarian state, that's the default way I think about this stuff and no amount of promises (except the source code which I can personally compile) can make me trust any 3rd party corporation.
He does not trust corporations or governments to act within the confines of the law.
There is some risk but it's not high. Microsoft is a huge, rich company. If it leaked they were violating their own privacy policy that blatantly, there would be the mother of all class action lawsuits.
There would federal CFAA, Economic Espionage Act, etc., investigations plus antitrust abuse investigations.
How do you explain PRISM and similar revelations about surveilance and spying ?
The corporation itself might behave like an angel, but there are agencies which can force it to open or install backdoors.
Given that the number of such requests is relatively small, the probability of it being detected is low and even if the victim does notice it, then the corp can always say - "they twisted our hands".
As far as I can tell, PRISM was about getting access to data the company was already keeping. So the NSA would get your Google Location data, but only if you were giving to Google. As far as I know, the NSA hasn't made someone collect it anyway.
Legally, the heart of the NSA legal basis is the 3rd party doctrine that states that data held by a third party isn't private. It would be a very illegal search to have Microsoft invade your privacy under NSA order.
Of course, there is also some risk that the NSA or some other party goes rouge as does it anyway. But you have that problem with essentially all software and hardware.
You'd have to compile your own OS from source code you inspected thoroughly. And even then, the NSA is almost without a doubt sitting on linux 0-days.
And literally (and I don't mean figuratively) nobody knows whats on all the firmware in all the components in all your devices.
The risk of being an NSA target is super low. The harm in being a false positive target is pretty low too. Even if the NSA hacked your windows install, they won't find any plans to blow up the Sears tower and then go about their business.
Compared to risk that a car accident will destroy your existance, who cares about this tiny risk.
I probably wouldn't windows if I were a KGB agent, but other than that, why worry.
> Even if the NSA hacked your windows install, they won't find any plans to blow up the Sears tower and then go about their business.
This is just a restating of "if you have nothing to hide, you have nothing to fear". That's already been discussed recently [1] already so I won't re-tread.
> Compared to risk that a car accident will destroy your existance, who cares about this tiny risk.
Because it's not about the risk, it's about the intellectual climate the situation creates. Notice that because of car accidents there is a lot of focus on car safety, stopping drunk drivers, texting while driving, etc?
Surveillance is like that. As in a panopticon [2], when there's a chance you're being surveilled, certain conversations and ideas feel dangerous. Sometimes because they're antiestablishment but other times just because you're worried they'll be misconstrued. The net effect is censorship through fear.
I mean I cannot possibly verify what exactly goes on in the annals of the operating system and what happens to my data, where it is logged and where it is stored and how it is sent.
So regardless of the settings, I always assume that my data is logged and read by some creepy agent in the Ministry of Truth.
If it's not, then I'm just lucky.
Having grown up in a totalitarian state, that's the default way I think about this stuff and no amount of promises (except the source code which I can personally compile) can make me trust any 3rd party corporation.