Using Microsoft products may be unethical for universities

May 07, 2014 by Adam Fish, The Conversation
Microsoft has been at the forefront of allegations regarding the NSA. Credit: rhonogle, CC BY

Universities and researchers all over the world have a problem with Microsoft. It's not just that the company forces expensive and dated software on customers. Using products like Microsoft's email service Outlook is potentially in breach of the ethical contracts researchers sign when they promise to safeguard the privacy of their subjects.

The revelations about spying by the US National Security Agency and the UK's GCHQ have led people everywhere to ask whether their data is secure. But unlike many others, researchers face serious ethical implications if the answer is "no".

When a researcher wants to carry out a study, they have to run it past an ethics review committee. This committee does its best to ensure that scholarly practices protect the privacy and safety of research subjects.

Medical researchers gather sensitive information about our fragile bodies, psychologists about our minds, law scholars about our crimes, sociologists about our private lives.

In my research on media activists, I routinely write emails about hacking, counter-surveillance, revolution, and political protests. These emails contain suspicious keywords that could easily set off NSA computers. And even those that don't work in the same area can no longer be sure they are not being watched.

That Google, Apple, AOL, PayPal, Facebook and more handed information over to spy agencies was alarming but no company has allegedly done more to ensure that the NSA and GCHQ has access to private information than Microsoft – the company many universities including my own, hire for its document processing and email services.

Under the Prism programme, Microsoft is said to provide the NSA with "direct access" to personal metadata. Microsoft even helped the NSA circumvent encryption on Outlook and helped the FBI to "understand" how individuals remain anonymous on Outlook.

Microsoft also owns Skype and tripled the number of calls collected when it linked up with the NSA under Prism.

I'm using Microsoft Word on my university computer to write this article and when it's finished, I will send it for editing using Microsoft Outlook. I use both these programs to write about and discuss private issues regarding my research subject's political convictions.

I have responsibilities towards them but can no longer guarantee that the content of my communications with them or about them is confidential.

If they are serious about ethical research, universities should consider abandoning the Microsoft suite of programs. They should instead use not-for-profit, transparent and highly encrypted that do not hand data and metadata over to governments.

This ethical dilemma goes beyond ditching the Microsoft Office suite. It should cause us to completely reconsider the way information technology is set up in universities. That includes the programs used to construct arguments to the networked systems used to distribute research findings to the for-profit cloud services used for data retention.

Knowing how committed universities are to Microsoft, I appreciate that this is a Swiftian modest proposal. The software represents years of investment in training, skill development, and licensing deals. Many of my colleagues struggle with Microsoft software as it is so any new software would almost undoubtedly cause rigor mortis in the university.

But practical or not, the NSA leaks should force universities to do something to ensure that we are not compromising .

Silicon Valley is currently in a state of remorse about its complicity in this global scandal but it is too little, too late. Scholars need to follow India's government in attempting to cease the use of Microsoft's hotmail and Google's gmail for official communications.

Life after Outlook

Thankfully, network activists are developing encrypted, not-for-profit, transparent and technologically robust information systems.

The idea is already catching on. At Goldsmiths University in London, more than 250 people signed a petition earlier this year opposing what they saw as forced migration to Microsoft's cloud and email service. And IT professor Andrew Clement organised a teach-in at the University of Toronto, challenging his own institution to use encrypted alternatives to Microsoft.

Universities should leverage their trend-setting capacity to instigate a wholesale transition from compromised private systems to encrypted not-for-profit services.

This would have reverberations over the long term. Students would get used to these systems during their studies and continue to use them in their subsequent professional lives. As a lecturer who teaches about the potentials and pitfalls of our networked lives, I would welcome such an approach.

And if the ethical argument doesn't appeal, our university leaders might warm to the idea of dumping Microsoft by making a cost-benefit analysis.

Never mind the money saved on software and support, can you imagine the free publicity a university would get from the media if it led the charge? I can see the headlines now: "University drops commercial software platforms until government surveillance stops". Free press like that might just help us meet our enrollment quotas.

It's time to end our addiction to surveillance software.

Explore further: Outages hit some users of Microsoft's Outlook.com

add to favorites email to friend print save as pdf

Related Stories

Syrian group hacks Skype

Jan 02, 2014

The Syrian Electronic Army hacker group set its sights on Skype's social media accounts Wednesday to accuse Microsoft of spying on user data.

Microsoft says it snooped on Hotmail to track leak

Mar 21, 2014

Microsoft Corp., which has skewered rival Google Inc. for going through customer emails to deliver ads, acknowledged Thursday it had searched emails in a blogger's Hotmail account to track down who was leaking ...

Recommended for you

Google worker shows early-draft glimpse of Chrome OS

Jul 20, 2014

The Chrome OS is in for a future look. Athena, a Chromium OS project, will bring forth the new Chrome OS user experience. Google's François Beaufort on Friday, referring to the screenshot he posted, said," ...

Google eyes Chrome on Windows laptop battery drain

Jul 19, 2014

Google Chrome on Microsoft Windows has been said to have a problem for some time but this week comes news that Google will give it the attention others think the problem quite deserves. Namely, Google is to ...

Mental-health monitoring goes mobile

Jul 16, 2014

Behavioral health analytics startup Ginger.io sees smartphones as "automated diaries" containing valuable insight into the mental well-being of people with mental illnesses.

User comments : 10

Adjust slider to filter visible comments by rank

Display comments: newest first

Expiorer
not rated yet May 07, 2014
That would be the biggest event in last 20 years in IT.
Jumbybird
5 / 5 (1) May 07, 2014
Under this reasoning Google should never ever ever ever be ever used ever again, based on the amounts of data they collect so they can target you with advertising for crap?
RandallKing
not rated yet May 07, 2014
lets not vilify Microsoft or Google just yet....pretty sure the gov't will argue that it has security clearance/eminent domain regarding all such metadata and as an audience/recipient of the data, it intends no harm
Lex Talonis
not rated yet May 07, 2014

Of course Microsoft did...

"Under the Prism programme, Microsoft is said to provide the NSA with "direct access" to personal metadata. Microsoft even helped the NSA circumvent encryption on Outlook and helped the FBI to "understand" how individuals remain anonymous on Outlook."

Their software is FILLED with spyware for the NSA and DRM tracking / monitoring etc.

Microsoft Corp is one of the sleaziest companies to EVER do business with - it's the GLOBAL defacto spyware system - every computer that has ever hooked up to the net, has all of it's contents shared with the world.

The pricks running Microsoft built it to be that way.

danatuw
1 / 5 (1) May 07, 2014
When has Microsoft ever forced anyone to use expensive and dated software. Companies all over the world choose Microsoft because their range of services is just far better than the competition in regards to enterprise. The problem is not with Microsoft it is with the NSA. Is it really a coincidence that every major tech company also cooperated with PRISM? This is an anti-Microsoft article based on nothing but the author's personal sentiments. If you are so concerned, tell your university to destroy their SharePoint portal, disconnect from the internet and do things by pen and paper. They won't because they need it, and they chose Microsoft because they are better than the competition. I would also guess that you use an iPhone or Android and not a BlackBerry. BB didn't give any information to the NSA but you aren't clamouring that every university in the world protect their communications by deploying BBs.
Pejico
May 07, 2014
This comment has been removed by a moderator.
Pejico
May 07, 2014
This comment has been removed by a moderator.
Nik_2213
not rated yet May 07, 2014
'Open Source', any-one ?

Hard to hide a 'back door' in public code...
winthrom
not rated yet May 08, 2014
I think we should all realize that the government and its' contractors all use M$ software also. Open source is virtually "Un-American" to the US Government. This means that "Bad Guys" world-wide get to poke around not only in everyone's personal stuff but also any stuff they can collect from our defence folks. M$ knows that exposing holes in their products is bad for business. NSA knows that the unexposed holes in M$ are targets are bad for the US. We all saw what happened to the Iranian Uranium purifying system when it was "virused' by "someone". These are some very scarey forms of international warfare. (Consider China's operations as a more frightening deal than NSA's.) Our Internet is world-wide, so we are as vulnerable to other nations spying on us as they are from us on them. If NSA spied on Americans in America, shame on them. If we destroy NSA's ability to protect us, shame on us. This rhubarb is a "Lose - Lose" game. Think more before we throw the baby out with the bath wate
Rick150
not rated yet May 08, 2014
All comments valid but who decides which is the truth? I run scripts, modify cookies, generate bullshit emails but somewhere is the truth but who decides what I am thinking? Greatest thing about all this is the more information gathered the more fuzzy is the truth. False information has been the greatest weapon in many wars and the ones watching us used it to win but forget they are now the recipients, bring it on NSA, just how smart are you? They are actually making the world less safe but it's difficult to be up to you chin in crap when it's in everybody's interest around you tell it's raining when your actually being pissed on. What a waste of money and talent to give the illusion of keeping us safe. Don't buy into it.
antialias_physorg
not rated yet May 08, 2014
'Open Source', any-one ?

Hard to hide a 'back door' in public code...

The heartbleed bug was in open source code.

Open source is not a guarantee for safety if there isn't sufficient code review. Some big name companies have recently offered support for open source code review - which I think is a step in the right direction, as they have the manpower on hand to do this on a regular basis.
Anda
not rated yet May 08, 2014
Security apart I'm surprised to learn that US universities work with microsoft OS.
I don't know in the rest of Europe but here in Spain all the universities use open source soft.