Contracts are great, and may even provide for some type of compensation or remedy if you know and you could prove that Microsoft was using the data they collect against their own customers, but good luck knowing/proving that.
If Microsoft uses the data they have to come up with competing products, or to time the release of their competing products, or to decide which stocks to buy or short, or to decide which companies to partner with or avoid, or which of your employees they should try to attract, or even to sell or leak privileged information to your competitors you'd never know about any of that without a whistleblower at Microsoft saying something, and that person's income and very comfortable lifestyle depends on them keeping their mouth shut. A whistleblower may also risk legal consequences themself if they ever come forward. Risking themselves, their future, and their family is asking a lot which is why whistleblowers are extremely rare.
That's part of the problem with surveillance capitalism. All the spying being done is to collect massive amounts of extremely valuable data, but very little of that data is used transparently. You simply can never know how the data being collected about you will be used against you, you can just be sure that it will be.
The reason companies are investing huge amounts of resources into collecting, storing, and analyzing every single scrap of data they can get their hands on is because doing so is making them money hand over fist. I doesn't matter if it's your data, or your company's data, they'll be using it in any and every way possible if they even suspect that doing so will give them an advantage or make them more money and their gains will almost always be at your expense.
Let's say Boeing is a Microsoft customer. What is Microsoft going to do, read all of Boeing's emails and then start manufacturing airliners and spacecraft? I think for most companies it would not be that hard to tell if Microsoft stole their data and set up a directly competing line of business.
If you can see Boeing's emails to Slack / Salesforce / AWS / ..., you know exactly what new features to build into Teams / Azure / etc., and exactly when they might be most receptive to a sales pitch. MS may not be in the aeroplane business but they're in a lot of businesses.
So the idea is that MS would violate all their largest existing contracts, potentially committing criminal fraud along the way, in order to gain some marginal advantage in securing a few additional contracts later on? Does that sound like a sustainable business strategy?
Companies routinely break laws when they think they'll increase their profits. Companies will even knowingly and willingly kill people, commit mass poisonings, pollute the Earth, work with terrorists, or exploit children. Microsoft isn't any different when it comes to having a willingness to break the law whenever they think they will profit from it.
Just last year Microsoft was fined for illegally collecting children's personal data. Microsoft has also broken the law to sell software in violation of US sanctions. They've illegally bribed government officials. They've committed a number of anti-trust violations. In these cases breaking the law was probably still worth it for them even after the fines they were forced to pay and other slaps on the wrist they received. We have no idea how many other laws they've been breaking without being caught.
For a company willing to break laws in the US and around the globe, violating a contract with Boeing is nothing, especially when the risk that Microsoft would be discovered taking advantage of the data Boeing gave them is basically zero.
You could even argue that Microsoft owes it to their shareholders to exploit every possible advantage they have at their disposal to maximize profits, laws and contracts be damned. That seems to be the position many corporations take at least, and even the companies that have been caught committing the worst kinds of acts like Purdue Pharma, DuPont, or Philip Morris still exist today and seem to have no problems with sustainability. MS could even use the data they collect to help ensure that they maintain their relationship with Boeing for as long as it benefits them to.
Right, if they have the chance to utilize information they've already collected to their benefit in any way, it would be seen as a "dumb move" by many to not capitalize on it
You’re writing down things that everyone already knows. But you’re seeming to not take the next mental step, which is:
Given that I understand all the bad things that a business can do, how do I structure a relationship with a service provider such that I get the benefit of their service, and avoid the bad stuff? What tools can I use to ensure our interests remain aligned?
You’re writing like it’s not possible to do that. Even though we live in a highly specialized society that is chock full of examples.
A large enterprise may have the resources (time and money for corporate counsel) AND leverage (# licenses needed across many products) to negotiate privacy terms that align with their needs, or even pick another product.
A smaller firm is effectively stuck: they don’t have the resources or leverage, and sometimes must use the same products as large enterprises to do business with them.
In the case of Outlook specifically, if you do business with enterprises that use it, your meeting calendaring needs to work flawlessly with theirs. A missed or broken reschedule or repeating event can mean your teams sometimes don’t show up when expected. This really happens.
> Given that I understand all the bad things that a business can do, how do I structure a relationship with a service provider such that I get the benefit of their service, and avoid the bad stuff? What tools can I use to ensure our interests remain aligned?
Has any business really succeeded in keeping business information confidential while outsourcing operation of that information? It seems like at a minimum you'd need a PCI-DSS/HIPAA-style audit regime, which I haven't seen the likes of MS granting access for (why would they?); even then those schemes aren't great at protecting confidentiality. Core business trade secrets get leaked all the time; the idea that a company would manage to protect stuff that's proprietary but peripheral, like how they use their workflow tools, seems like wishful thinking.
I'm not suggesting it's a way to go but there might have been some reasons companies hosted their own infrastructure (even at the cost).
They controlled the upgrades, and Microsoft for a long time couldn't even count how many copies of office, etc were being used because the software didn't phone home. That software is probably still running until it's updated to have telemetry added.
What they can exploit depends on what's in Boeing's emails, and their existing relationship with MS. They might have seen internal communications about the problems Boeing had recently and used that information to guide investment decisions.
Maybe Microsoft used the information found in outlook to tailor their product offering and craft their sales pitch when convincing Boeing to buy into their cloud services and AI tech (https://news.microsoft.com/2022/04/06/boeing-and-microsoft-d...). Perhaps Microsoft found and leveraged detailed information on Boeing's finances and IT budget which allowed them to set a price much higher than they would have for those services. The more you know about a company and their situation the more leverage you'll have in a negotiation.
Just because MS isn't making airlines doesn't mean that they aren't able to abuse the data they collect for their own profit at Boeing's expense.
If Microsoft uses the data they have to come up with competing products, or to time the release of their competing products, or to decide which stocks to buy or short, or to decide which companies to partner with or avoid, or which of your employees they should try to attract, or even to sell or leak privileged information to your competitors you'd never know about any of that without a whistleblower at Microsoft saying something, and that person's income and very comfortable lifestyle depends on them keeping their mouth shut. A whistleblower may also risk legal consequences themself if they ever come forward. Risking themselves, their future, and their family is asking a lot which is why whistleblowers are extremely rare.
That's part of the problem with surveillance capitalism. All the spying being done is to collect massive amounts of extremely valuable data, but very little of that data is used transparently. You simply can never know how the data being collected about you will be used against you, you can just be sure that it will be.
The reason companies are investing huge amounts of resources into collecting, storing, and analyzing every single scrap of data they can get their hands on is because doing so is making them money hand over fist. I doesn't matter if it's your data, or your company's data, they'll be using it in any and every way possible if they even suspect that doing so will give them an advantage or make them more money and their gains will almost always be at your expense.