Privacy

The French government has come up with an innovative way of financing a program of mass social media, surveillance, to use it to detect tax fraud.

The self financing surveillance scheme has now been given the go the constitutional court. Customs and tax officials will be allowed to review users' profiles, posts and pictures for evidence of undisclosed income.

In its ruling, the court acknowledged that users' privacy and freedom of expression could be compromised, but its applied caveats to the legislation. It said authorities would have to ensure that password-protected content was off limits and that they would only be able to use public information pertaining to the person divulging it online. However the wording suggests that the non public data is available and can be used for other more covert reasons.

The mass collection of data is part of a three-year online monitoring experiment by the French government and greatly increases the state's online surveillance powers.

The European Commission is struggling to agree how to extend internet censorship and control to US messaging apps such as Facebook's WhatsApp and Microsoft's Skype.

These services are run from the US and it is not so easy for European police to obtain say tracking or user information as it is for more traditional telecoms services.

The Commission has been angling towards applying the rules controlling national telecoms companies to these US 'OTT' messaging services. Extended ePrivacy regulation was the chosen vehicle for new censorship laws.

But now it is reported that the EU countries have yet to find agreement on such issues as tracking users' online activities, provisions on detecting and deleting child pornography and of course how to further the EU's silly game of trying to see how many times a day EU internet users are willing to click consent boxes without reading reams of terms and conditions.

EU ambassadors meeting in Brussels on Friday again reached an impasse, EU officials said. Tech companies and some EU countries have criticized the ePrivacy proposal for being too restrictive, putting them at loggerheads with privacy activists who back the plan.

Now doubt the censorship plans will be resuming soon.

Windows will improve user privacy with DNS over HTTPS

Here in Windows Core Networking, we're interested in keeping your traffic as private as possible, as well as fast and reliable. While there are many ways we can and do approach user privacy on the wire, today we'd like to talk about encrypted DNS. Why? Basically, because supporting encrypted DNS queries in Windows will close one of the last remaining plain-text domain name transmissions in common web traffic.

Providing encrypted DNS support without breaking existing Windows device admin configuration won't be easy. However, at Microsoft we believe that "we have to treat privacy as a human right. We have to have end-to-end cybersecurity built into technology."

We also believe Windows adoption of encrypted DNS will help make the overall Internet ecosystem healthier. There is an assumption by many that DNS encryption requires DNS centralization. This is only true if encrypted DNS adoption isn't universal. To keep the DNS decentralized, it will be important for client operating systems (such as Windows) and Internet service providers alike to widely adopt encrypted DNS .

With the decision made to build support for encrypted DNS, the next step is to figure out what kind of DNS encryption Windows will support and how it will be configured. Here are our team's guiding principles on making those decisions:

• Windows DNS needs to be as private and functional as possible by default without the need for user or admin configuration because Windows DNS traffic represents a snapshot of the user's browsing history. To Windows users, this means their experience will be made as private as possible by Windows out of the box. For Microsoft, this means we will look for opportunities to encrypt Windows DNS traffic without changing the configured DNS resolvers set by users and system administrators.

• Privacy-minded Windows users and administrators need to be guided to DNS settings even if they don't know what DNS is yet. Many users are interested in controlling their privacy and go looking for privacy-centric settings such as app permissions to camera and location but may not be aware of or know about DNS settings or understand why they matter and may not look for them in the device settings.

• Windows users and administrators need to be able to improve their DNS configuration with as few simple actions as possible. We must ensure we don't require specialized knowledge or effort on the part of Windows users to benefit from encrypted DNS. Enterprise policies and UI actions alike should be something you only have to do once rather than need to maintain.

• Windows users and administrators need to explicitly allow fallback from encrypted DNS once configured. Once Windows has been configured to use encrypted DNS, if it gets no other instructions from Windows users or administrators, it should assume falling back to unencrypted DNS is forbidden.

Based on these principles, we are making plans to adopt DNS over HTTPS (or DoH) in the Windows DNS client. As a platform, Windows Core Networking seeks to enable users to use whatever protocols they need, so we're open to having other options such as DNS over TLS (DoT) in the future. For now, we're prioritizing DoH support as the most likely to provide immediate value to everyone. For example, DoH allows us to reuse our existing HTTPS infrastructure.

...

Why announce our intentions in advance of DoH being available to Windows Insiders? With encrypted DNS gaining more attention, we felt it was important to make our intentions clear as early as possible. We don't want our customers wondering if their trusted platform will adopt modern privacy standards or not.