Good Morning from my Robotics Lab! This is Shadow_8472, and today, I’ve been thinking long and hard about my policies towards current practices of data collection and how I’m going to balance privacy and functionality. Let’s get started!
Wakeup Reactions
My first reaction when thinking about data collection is that it’s all bad – overreaching companies look at where you’re going and what you’re doing and use that data to feed you ads and filter your social media feeds so you start thinking “correctly” according to some big boss at the top. I’m scared. Some people just give up trying because they feel it’s too late to stop the cyberpunk dystopia we’re quickly sinking into so it’s not worth it to even try. Others will go overdrive the other direction and redesign their whole lifestyle around having little to no online interaction.
I’d describe myself as somewhere in the middle. I’ve tried to take a reasonable stance; I only replace digital services with less invasive alternatives when they’re otherwise up for replacement. This strict of a policy has led me to go a year without a phone and to boycott Minecraft ever since they announced mandatory Microsoft accounts. Overall, I feel a little safer for my efforts, but I’d feel better if I could convince the rest of my family to take similar steps as they are able. At the same time, I feel a little more isolated than I should be.
Data Collection: the Good and the Bad
The truth about online data collection is that there are functions that logically won’t work if it doesn’t happen at all. Posting to a comments section implies permission to display said comment publicly. It may also subject it to moderation, and inclusion in site backups (it may show up again if site is rolled back to before user-end deletion). Sharing a photo may additionally require giving the service permission to “digitally manipulate” it to make a low resolution thumbnail. Ordering up a video from a streaming service requires it to know what you’re watching. All these things are fine, even though you are technically forgoing elements of privacy to allow things to work.
The bulk of applications of data collection exist in a huge gray zone between acceptable and unacceptable. That video streaming service can make more appealing suggestions by building up a profile on you, observe that all your peers are into MoneyBuck’s Capitalist Island Adventure let’s plays (not a real game so far as I can tell), and guess that you might be too! The same technology and permissions can be used to track your interest in candidates for the Yellow-flag political party and with the way things are set up, it only takes a few lines of fine print you will never see, unless you actively look for them and they can sell their profile on you to some other company who prefers you vote Orange-flag and –with another line or two of fine text you won’t likely ever see or understand– will slowly change what it shows you to make you more sympathetic to the Orange-flag party while it hides pro-Yellow-flag stuff from people already in the Orange-flag camp.
In extreme, real-life cases, they’re essentially digitally harvesting your organs to profile you for profit in a not-illegal black market. Their model of you is perfectly legal because you technically give consent to the fine print of a web page they’ll only serve up when asked specialy.
Struggles of the Privacy Resistance Movement
Privacy tools exist. Many people give up hope anyway presumably because their go-to information sites often have built their business models around the user data market – places with a vested interest in hiding tools designed to assist in undermining abusive data collection policies.
Some jurisdictions have passed laws requiring opt-out options. It’s a start, but in my experience, there’s still a lot of room for sites and services to avoid unintentionally informing users of their rights and/or make it annoying or inconvenient for users wishing to exercise them. More than once, I’ve seen an opt-out popup revert on page refresh. For user accounts, expect instructions on how to find the opt-out controls to be buried behind at least a few layers of “Please see our X for more information” worth of of tiny type.
Minecraft and Microsoft Accounts
I don’t think of Microsoft in a positive light anymore. Their announcement trailer for account migration was honestly more than a little offensive because it left me with the message that my concerns in particular could be bribed away with a cape. They can burn my cape for all I care. It wouldn’t look good with my player skin anyway. I’ve been vocal about rejecting the terms of service for a Microsoft account.
However, I’d be lying if I said I didn’t miss playing Minecraft. If I want to keep playing, there will come a time when I’ll need to migrate. I’m still not happy about getting an account, but how much of a privacy backslide is it really? What steps can I take to tell them, “I said, ‘No!’” in a way they will understand?
I reached out to the folks at tos;dr [Terms of Service; Didn’t Read]. Their whole thing is annotating terms of service documents and highlighting potentially objectionable or commendable phrases they find embedded in the legalese. But they only have so many resources. In the end, they’re good to sound the alarm and not so good for pressing forward. I wasn’t able to get anything conclusive straight from them.
As migration propaganda was pushed through my family’s Minecraft launchers, I managed to talk my family into slogging through the tiny type. A lot of it sounded pretty good. Sugary even. Alarmingly calm. One document led to another led to three more and the web went on. It was not a fun read. Only as we were coming to the end of a document chain did we find that this Privacy Dashboard they mentioned several times [1] was effectively a partial red herring; I’ll need to talk to a human being somewhere in their system to exercise my full rights. {Writer’s note: I really wanted a direct quote, but it’s late, and “Learn more” is the enemy of “Find on Page.” Consequently, I don’t know if I’m on the right page.} With all the tricks I’ve seen so far, I half-expect their staffed privacy department to be severely understaffed to the point where it barely exists, legally speaking.
I may not agree with everything I’ve seen, but there’s nothing stopping me from minimizing my contact with them. I’ll only make an account once it’s absolutely necessary. I’ll only ever use Linux when playing because it doesn’t have all the mysterious collection nodes requiring additional policies on data collection from Windows, Mac, and some other names I don’t recognize or remember. The official launcher with its ads for their other games will only be my last-resort option after days of trying to get a chosen 3rd party launcher working. Finally, I’ll lock down my account once it’s made with their Privacy Dashboard for what that’s worth while I at least try to go the final step and clamp it down hard through a live agent. If I am going to accept their terms of service, it will be on MY terms.
Takeaway
Too few people care about data collection practices and the people who do are burdened with the alarmingly rational feeling of Big Tech watching them, even if they make a hobby or career out of researching how to be as nondescript online as they might be while walking a dog. Privacy should not be something Grandpa Joe needs to worry about after little Jimmy the computer nerd tips him off. On the other hand, it’s easy to get overenthusiastic about reclaiming privacy and cut yourself off socially instead. Each person has his or her own balance point, but it’s all too often privacy by intervention instead of by default.
Final Question
Have you ever boycotted anything to seemingly no avail?
Work Cited
[1] Microsoft, “Microsoft Privacy Statement” Microsoft, July 2021.[Online]. Available: https://privacy.microsoft.com/en-us/privacystatement [Accessed Sept. 6, 2021]