October 8, 2007

Touching my info (part II) – Microsoft responds (after a fashion)

Posted in Customer Lack of Service at 3:09 pm by loolar

Mike Torres, a Microsoft employee (and, in the interest of disclosure, my brother-in-law), commented on my last post.  From Mike’s comment (emphasis mine):
“there aren’t a bunch of evil people running around the halls wondering how we can get people to give us information so we can lock it in a vault. It’s actually quite the opposite. Windows Live Spaces is actually a leader when it comes to freedom of information sharing…”

I wouldn’t be against them “locking my personal information in a vault” – my problem is with the “freedom of information sharing;” specifically, freely selling my valid email address.

Admittedly, I’m being a bit snarky with your comment.

However, on a more serious note:  While I doubt Microsoft is doing this (mostly because they would not get away with it for long), here’s the trouble:

As Microsoft creates this “barrier for entry” (even if for understandable reasons), and the public culture accepts it, it opens up the floodgates, by way of example, for other less scrupulous companies to use this method – as I suspect many of them do – to harvest information for their own annoying purposes (junk mail, “special offers,” etc.), or, more dastardly, to sell it to third parties.  Anyone who’s ever looked into spamming knows that it starts with a service selling, “verified addresses – guaranteed!”

Basically, if we come to expect that we must enter our name and email to use something, sooner or later, less-savvy net users (the same people who must be told over and over again not to open .exe files from strangers) are going to blithely and blindly continue to do so even if the website isn’t something as, er, ahem, “reputable” as say, Microsoft.  It’s a bad example to set.

And while spam is annoying, I am never in favor of trading my privacy for security (to mangle the famous quote usually, and apparently, incorrectly attributed to Ben Franklin: “Anyone who trades liberty for security deserves neither liberty nor security.”).

Again, I think a set of (user-selected) rules that puts the onus on the blogger to moderate things that violate those rules is the best solution.  Lazy people can always check off all the rules.  Anything else is just suspicious, invasive, and annoying.


  1. Mike Torres said,

    We’ll have to discuss in person 🙂

    “Lazy people can always check off all the rules.”

    That’s the problem in a nutshell. Lazy people DON’T check off anything. To maintain the quality of the service, the service provider has to make it work out of the box so to speak. Otherwise the service becomes spam infested and it degrades for *everyone*.

    Trust me on this, Microsoft isn’t selling your email address to anyone. At the bottom of every single page in Windows Live is this link: http://privacy.microsoft.com. I think you’ll find that when compared to “other companies” our privacy policies are the most progressive. I’ll explain how seriously we take privacy when I see you in a couple weeks.

    But I do agree that it’s annoying to ask for registration even if not nefarious – we’re doing everything we can to change this. I’m surrounded by dozens of bright, motivated people who have the customers’ best interests at heart. Again, we require it in an attempt to improve the experience for the many, not to degrade it. So we’ll only do it when the collective benefit outweighs the collective detriment.

  2. Jeff Herrold said,

    Or the default can be all rules checked off, allowing more motivated types to customize it; and lazy types to live with the default (even if doing so out of ignorance). This at least puts the ability in the hands of the user to modify. And isn’t that Microsoft’s claim to fame vs. Apple?

    As for the current method, well, any single solution that is broadly applied runs the risk of being broadly wrong.

  3. Mike Tores said,

    I wasn’t saying it wasn’t “wrong”. I was just saying it was “less wrong” than the alternative. It’s the law of large numbers. Unfortunately, there isn’t a solution that “just works” for everyone right now. But we’re working on one.

  4. Adam said,

    Speaking of desensitization, what is this site doing requiring my email address to post a comment?


  5. Jeff Herrold said,

    Yeah, it’s asking for your email address – but it’s not asking for you to “create a profile.” I think it’s one thing to ask for your “name” for a post – it’s another to demand you create a unique User ID for that service.

  6. Mike Tores said,

    JFYI that with Windows Live ID (formerly Passport) you can use your email address as-is 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: