Has Microsoft Been Using LinkedIn for Surveillance and Espionage?
Executive Summary
- Microsoft made a major error in acquiring LinkedIn if Microsoft could only rely on legitimate revenue streams.
- We cover the likelihood that Microsoft has been using LinkedIn to spy on the employees of businesses.
Introduction
In the article How Microsoft’s Purchase of LinkedIn Could Have Never or Financially or Operationally Worked,
In this article, we will cover how big of a mistake the acquisition of LinkedIn was. It was an impossibility for Microsoft to obtain an ROI on the acquisition if the acquisition were justified solely on legitimate sources of revenue from LinkedIn.
This brought up the question in our minds — what if there were other revenue sources that Microsoft had used to justify the acquisition?
Our References for This Article
If you want to see our references for this article and other related Brightwork articles, see this link.
Why Didn’t Salesforce Outbid Microsoft for LinkedIn?
Curiously, the suitor that would have been the best fit for LinkedIn would have been Salesforce, as it could have integrated LinkedIn contacts into the Salesforce CRM. Curiously, Salesforce underbid Microsoft as they had far more to gain from acquiring LinkedIn than Microsoft, a minor player in the CRM space.
Mark Benioff Calling Out Potential Espionage on the Part of Microsoft?
It is always amusing to see one monopolist call out another monopolist. However, Salesforce figured out what Microsoft did not: LinkedIn was not worth the purchase price — if the income sources were only legitimate. Yet Microsoft outbid Salesforce, which, due to its dominant CRM system and the overlap between LinkedIn and the Salesforce CRM contacts, had a far higher ability to monetize LinkedIn than Microsoft.
It is also amusing that having the world’s number one CRM system did not appear to be a conflict or anti-competitive to Marc Benioff, whose company, Salesforce, would have purchased LinkedIn if the price was right. This is the feature of executives: The only time they can see anti-trust implications is when a competitor is doing it.
However, Mark Benioff points out that another way to monetize LinkedIn is for Microsoft to run algorithms on LinkedIn data and essentially perform espionage on its users (who work for companies). Notice how quickly the interviewer seems to deflect from what Benioff is saying.
This brings up the question. What if part of Microsoft’s logic for purchasing LinkedIn was to receive a “dark money” ROI? The extra revenue that would justify the ROI is not the legal revenues they could obtain from LinkedIn but the espionage aspect.
Lawsuit Against LinkedIn Filed
The following lawsuit was filed against Microsoft, accusing them of using the LinkedIn app to grab other things from a phone or tablet.
Microsoft Corp.’s LinkedIn programmed its iPhone and iPad applications to divert sensitive information without users’ knowledge, according to a class-action lawsuit.
The apps use Apple’s Universal Clipboard to read and siphon the data, and can draw information from other Apple devices, according to the complaint filed Friday in San Francisco federal court. The privacy violations were exposed by Apple and independent program developers, according to the suit.
Developers and testers of Apple’s most recent mobile operating system, iOS 14, found LinkedIn’s application was secretly reading users’ clipboards “a lot,” according to the complaint. “Constantly, even.” Apple’s clipboard often contains sensitive information users cut or copy to paste.
“LinkedIn has not only been spying on its users, it has been spying on their nearby computers and other devices, and it has been circumventing” Apple’s clipboard timeout, which removes the information after 120 seconds, according to the suit. – The Print
This accusation is curious because it was not what we had first guessed when we thought about Microsoft using LinkedIn for espionage.
How Microsoft Could Perform Espionage Without Leaving the LinkedIn Database
Microsoft was caught because of a data transfer test between the LinkedIn app and other user phone applications. However, the espionage that LinkedIn could engage in would not allow it to be perceived or caught by a user. Only a whistleblower from Microsoft/LinkedIn could likely bring this to light.
There are enormous quantities of user-provided data that reside on LinkedIn. One of the most apparent sources is the messages sent between LinkedIn users, usually sent without considering that this is the same as sending an email to Microsoft. The temptation of Microsoft to, at the very least, spy on the employees of competitors like Oracle or Salesforce would be too great to resist and is one reason why the FTC should have never approved Microsoft’s acquisition of LinkedIn.
Microsoft could use its treasure trove of data in other ways. They could, for instance, spy on the employees of customers who are having what they think is a private discussion on LinkedIn messaging and then use this information in a Microsoft sales pursuit.
Spying Example #1: Microsoft’s Spying Through Office365
There is very little written about Microsoft using LinkedIn for spying. However, I was able to find that Microsoft enables employers to spy on employees through Office365 by providing them with an analytical dashboard that allows tracking. When logged into Office365, nothing tells the user they are being tracked.
Spying Example #2: Microsoft’s Spying Through Windows 10
Another area where Microsoft is spying on users is with Windows 10.
This video describes how spying occurs in Windows 10.
This video describes that Microsoft sees the content produced by Windows 10 as data that Microsoft can retain and view. And that this surveillance functionality from Windows 10 is being pushed to Windows 7 and up.
This spying is also explained in the following quotation.
Microsoft does whatever it needs from all this spying to make money, whether it’s advertising, selling the information or whatever else big corporations like Microsoft and Google do with your information to make money. Windows 8 was not like this, Windows 7 was not like this, Windows XP was not like this, even the much-maligned Windows ME was not like this.
The process list for Windows 10 is a multipage nightmare I can’t even count. (emphasis added) And a lot of the processes that you “turn off” in the control panel are still there, like the ever-present Antimalware Service Executable. It’s well-behaved now but at least once a day it will flare up and do its thing, even if you turned it off. It is the malware. It cannot be turned off. Like the majority of these processes. They just come to life on their own and eat up your CPU processes and memory for shits and giggles. It’s disgusting. That’s a no-no because I’m a gamer, I need every ounce of performance I can squeeze from my hardware. You can’t kill processes in Windows 10… they come back.
You could back in Win7 and Windows XP, and you can turn many services off in Services.msc. In Windows 10, you can’t, and many services you turn off and disable will turn themselves back on in a day or two.
Windows 10 is by far the worst OS Microsoft has ever put out, bar none. And it’s reflective of a fundamental change in design and philosophy. I will always curse the name of Satya Nadela, he is a blight on the tech world. – Erwin Anciano
What should also be observed is Microsoft is constantly engaged in controlling and unethical management of Windows users’ data, as the following quotations describe.
Microsoft has dropped support for Windows 7 and 8 on recent processors in a big hurry.
It makes no difference what legitimate reasons Microsoft might have for not doing work to support them. If it doesn’t want to do this work, it should let users do the work.
In its efforts to trick users of Windows 7 and 8 into installing all-spying Windows 10 against their will, Microsoft forced their computers to silently download… the whole of Windows 10! Apparently, this was done through a universal back door.
Microsoft has made Windows 7 and 8 cease to function on certain new computers, effectively forcing their owners to switch to Windows 10.
Windows 10 sends identifiable information to Microsoft, even if a user turns off its Bing search and Cortana features, and activates the privacy-protection settings.
Windows 10 ships with default settings that show no regard for the privacy of its users, giving Microsoft the “right” to snoop on the users’ files, text input, voice input, location info, contacts, calendar records and web browsing history, as well as automatically connecting the machines to open hotspots and showing targeted ads.
Once Microsoft has tricked a user into accepting installation of Windows 10, they find that they are denied the option to cancel or even postpone the imposed date of installation. This demonstrates what we’ve said for years: using proprietary software means letting someone have power over you, and you’re going to get screwed sooner or later. – GNU
Spying Example #3: Microsoft’s Spying Through Cortana
Microsoft is storing audio recordings. There is no technical reason for Microsoft to be doing this. Microsoft makes it appear that the only way to tune the AI of Cortana is to violate 100% of Cortana users’ privacy. And there is no reason Microsoft would restrict the use of the stored audio.
Microsoft may say that it is to help do this or that, but that would exclude Microsoft from using the recorded audio for something else, such as determining if there is actionable intelligence in the message’s content.
When you talk to Cortana or other apps that use Microsoft speech services, Microsoft stores a copy of your audio recordings (i.e., voice data) to help our speech-recognition engines understand you better and to enhance your experience with other personalized speech services that help you find what you’re looking for. This may include transcription of audio recordings by Microsoft employees and vendors, subject to procedures designed to prioritize users’ privacy, including taking steps to de-identify data, requiring non-disclosure agreements with vendors and their employees, and requiring that vendors meet the high privacy standards set out in European law and elsewhere.
Keep in mind that if you allow people other than yourself to interact with a voice-enabled product or service from Microsoft while signed in with your Microsoft account, you’re responsible for ensuring that they understand and consent to the fact that Microsoft will store their voice interactions, and that you can view and delete their voice data at any time. – Microsoft
Does the government have regulatory officers reviewing what Microsoft does with recorded audio? The answer is no. The US Government has no idea what Microsoft is doing with this stored data.
Spying Example #4: Microsoft’s Spying Through Skype
..we recently learned that Microsoft had been quietly letting human contractors listen to your Skype translations and Cortana voice recordings. That’s right: they’re not just AI.
But unlike Apple and Google, each of which halted listening to some of these recordings after the revelations, Microsoft appears to be merely updating its privacy policy to admit that yes, in fact, humans do review some of these recordings. One caveat here: Microsoft is only doing this for Skype’s translation feature, not Skype calls. The company is, however, analyzing voice snippets from Cortana requests and exchanges, presumably across all platforms including PC, where one might be more readily searching the web with more sensitive requests. – The Verge
This was a list of prominent Microsoft spying. However, this is not an exhaustive list. Another area that I did not delve into was Microsoft offering user data to the government for surveillance purposes.
Conclusion
Microsoft has established an undeniable pattern of spying on users.
Furthermore, spying on users is part of Microsoft’s business model now. They plan to monetize information about users as a significant part of their revenue stream. This is consistent with other companies like Facebook and Google that profit from monetizing their users’ data while not charging them to access services. In most cases, Microsoft customers pay for Microsoft products and are then surveilled. In each case of its surveillance of its various products, Microsoft does as little as possible to inform its users about the nature of its spying.
There is much going on regarding Microsoft’s surveillance, which we do not know, as whistleblowers have not come forward, and Microsoft has not been investigated. The German, French, and Dutch governments have informed Microsoft that they oppose the surveillance that is part of their various products and have gone so far as to consider dropping things like Office365 for public schools in Germany. Microsoft has answered these concerns with a bunch of corporate doubletalk.
Up to this point in time of this article’s publication, most of Microsoft’s spying has been with other Microsoft products. However, this may be because it is more difficult to observe LinkedIn as Microsoft can do whatever it wants to the LinkedIn data unless a whistleblower comes forward. This should be a concern because it means that Microsoft has already been caught violating the users’ privacy. Furthermore, Microsoft does not appear to agree that users deserve any privacy. To Microsoft, the right to violate privacy and surveillance begins with using a Microsoft product. And Microsoft benefits enormously from the fact that being surveilled is not what users of these products think of when they buy and use Microsoft products. The person buying Windows 10 does not realize that Windows 10 is not just an operations system but is specifically designed to surveil them.
All of this background naturally impacts the primary question of this article, which is how Microsoft is using LinkedIn. Still, as the same corporation owns GitHub, it isn’t easy to believe that they are not surveilling GitHub.
The Reality of Microsoft’s Surveillance of Users
The fact that Microsoft surveils its users through a broad number of products is firmly established and is corroborated in Microsoft’s policy documentation. Surveillance is more accessible to prove as it simply records user information. The question of espionage is much more difficult to prove. Under the most optimistic scenario, all of Microsoft’s surveillance is only used to serve advertisements. However, there is no reason to assume that Microsoft’s treatment of user data is so innocuous. As just one example, Microsoft is lying about why they need to retain copies of saved audio in Cortana’s case. I won’t go through all of Microsoft’s lies about what it does with user data, as that would be a different article. However, Microsoft has already offered user data to the NSA to get into the US government’s good graces. And when Microsoft offers user data to the US government, they offer people’s data in the US and Microsoft’s global user base. This means that users in Botswana, Italy, etc.. must realize that Microsoft uses their data and offers it to third parties. Their consent is their use of Microsoft products. And this is the concern, for example, that the government of Germany has with Microsoft. Germany does not want millions of its students surveilled by Microsoft for the privilege of using Office365. Germany is also concerned about Office365 being used in German government offices and captured and kept by Microsoft.
Project JEDI
In 2019, Microsoft’s Azure won the DOD’s $10 B JEDI contract, which surprised many, as Azure lags AWS in capabilities (the CIA already stores their data with AWS). However, a big part of winning the contract would have to do with “going along” with the DOD’s desires for “discretion,” as part of the contract would be cloud services for surveilling US citizens and the citizens of other countries. Microsoft may have offered the saved audio from Cortana and Windows 10 data from users to the DOD. “enemies of the state” could be identified through the data entered into Microsoft’s various consumer/surveillance products. AWS would not have been able to offer the comprehensive surveillance of users that Microsoft could.
Estimating What Microsoft is Doing with LinkedIn Data
The idea that Microsoft is not using LinkedIn for spying would mean assuming that Microsoft is using its spying products. Still, LinkedIn, which is probably the easiest product to spy on user’s data, is not used for spying. That is extremely unlikely. The lawsuit related to the LinkedIn app copying data from the clipboard on the phone is an example of Microsoft using LinkedIn to get data outside of LinkedIn for spying. LinkedIn and sending messages in LinkedIn are the same as sending messages to saytanadella@microsoft.com or billgates@microsoft.com. However, because LinkedIn appears to be a separate entity to the user, it does not seem like it.