It’s incredibly important to know how the companies you choose to do digital business with are keeping your data safe and confidential. With some types of programs, you have myriad choices and can choose the one that suits your security needs best. Not so with operating systems. At least 80% of solosmall lawyers are still using some version of Windows, while the remainder typically use Mac.1 And although lawyers are notorious for not upgrading, with many still running Windows 7, Microsoft has engaged in a concerted push to move users to its newest OS, Microsoft 10, even giving free upgrades for a year.
Windows 10 boasted some cool new security features like increased support for biometric identification, which is great, but it turns out that it collects a lot of data. A lot of your data.
The EFF [Electronic Freedom Foundation] does a good job reiterating how Microsoft used malware-esque tactics to get users to upgrade, then once installed, Windows 10 collects user location data, text input, voice input, touch input, web browsing history, and general computing telemetry data, including which programs you run and for how long — which would be arguably less of an issue if you had full control over how much of this data was collected and funneled back to the Redmond mothership.
At this time, this is probably too nascent to give rise to specific ethical concerns for lawyers, although data on where you use your computer and what you’re looking up on the web could theoretically reveal confidential data about your clients.
More to the point, though, it is unnecessary. Contrast this approach with how Apple deals with privacy concerns.
Apple is loathe to use customer data to deliver targeted advertising or personalized recommendations. Indeed, any collection of Apple customer data requires sign-off from a committee of three “privacy czars” and a top executive, according to four former employees who worked on a variety of products that went through privacy vetting.
Approval is anything but automatic: products including the Siri voice-command feature and the recently scaled-back iAd advertising network were restricted over privacy concerns, these people said.
Apple’s sales, particularly in the smartphone and tablet space, certainly aren’t struggling, so this approach to user privacy certainly isn’t turning away any potential purchasers. Microsoft would do well to use the shift to Windows 10 to heighten its commitment to privacy rather than decreasing it. The EFF even has some ideas about how to do that.
Microsoft should come clean with its user community. The company needs to acknowledge its missteps and offer real, meaningful opt-outs to the users who want them, preferably in a single unified screen. It also needs to be straightforward in separating security updates from operating system upgrades going forward, and not try to bypass user choice and privacy expectations.
These are all good, easily implementable suggestions. Most important, they are the things we should, at a minimum, demand from all the software we use.
Yes, yes, there are probably lawyers out there who are using some Linux variant, in which case you’ve likely already considered the concerns of this post. ↩