Yes the fact that Microsoft shares this information is concerning. But Microsoft only provides the information to Canonical (according to the ToS) for technical assistance and product support, but not for Marketing purposes.
Canonical is the one who violates trust here. Because they are using this information for marketing purposes, which they are not allowed to do under the information sharing agreement that they have with Microsoft.
So yes, we could argue whether Microsoft should be providing the installation information in the first place. It should at the very least be opt-out (on by default with the ability to not share), and preferably it should actually be opt-in (off by default, check a box to allow). So there is a violation of trust going on here, but this isn't any different than every other major tech company is guilty of right now (not that it makes it right).
But Canonical is the one that took the information and used it in a way that was never agreed to by either the person sharing the information (Microsoft) or by the user via the ToS (the ToS says that it is strictly for tech support, not for marketing). Canonical is the one that really overreached here.
You're obviously correct in the de jure sense, here. But there is also a matter of relationship expectation.
An unstated assumption of using any "free" product is that it's not actually free. Canonical screwed up, to be sure, but I do think many of us just expect getting harassed by salespeople to be the cost of using a "free" product.
Microsoft, on the other hand, charges me by the hour for using Azure. They've taken their pound of flesh, so my business expectation is that I'm going to be left the hell alone for anything other than billing matters. Them sharing the data in the first place, for something I've paid money for, FEELS like the bigger violation to me.
For a linux distro, my expectations are that it's "free" but support will cost you money. My expectation is not that it's "free" and the OS will spy on you and report back to HQ so sales can make more sales.
If I don't give personal information on installation my expectation is the product is not harvesting or forwarding that information (For example, I expect that with Facebook, I don't expect that with GIMP).
Both are certainly wrong IMO. MS for giving personal info to a 3rd party and Canonical for bundling spyware with their OS. Both are super icky.
Well, in the case it's not from the OS, but purely from Azure.
And you're selling the information in order to get tech support from Canonical, otherwise you can get it without selling your info (but won't really receive tech support).
As an aside, "pound of flesh" doesn't mean "payment", it means "something that is one's legal right but is an unreasonable demand (esp in the phrase to have one's pound of flesh)", both in Shakespeare and in current usage.
Unless you feel Microsoft's price is unreasonable and you have no other option, "pound of flesh" isn't the right expression.
Something like "they've taken their cut" is more accurate.
Its an example of a risk with cloud providers that isn't talked about often or is ignored. For example, why doesn't WalMart use AWS?
Companies now leak alot of metadata about what they are doing. If a teeny company like Canonical is mining stuff like this, consider what Microsoft knows about how you use their products, and I'm sure your EA negotiation as a big company is at some level driven by what they know.
And Canonical decided to take that data, search him on Linkedin and contact him. Seems reasonable to see that as a reason to loose respect for Canonical over.
Don't get me wrong, what Canonical has done here also isn't good. But what they've done shouldn't have been possible because Microsoft shouldn't have given Canonical the information in the first place.
The question I have is what's in it for Microsoft, why did they even bother to do this in the first place? I can't believe there would be that big of a cash incentive.
If this were Windows, I would expect Microsoft to pass it to an internal department that sells higher service contracts and then off to 3rd parties that provide the same for up to a week after you find the "don't share my data" checkbox.
That (enterprise support) is a very important side business. Whether they got cash from other OSes or just set it up the same to fight an eventual Anti-Trust Case is anyone's guess.
Well, what should we be more angry about? That Canonicals sales rep is using data in their CMS, or that Microsoft is selling data to third parties. The root cause seems to be Microsoft, not Canonical and (at least in my eye) the conclusion is not "don't trust Ubuntu", but "don't trust Azure".
Someone giving you a gun doesn't absolve you of the crime of shooting someone with it or of keeping the gun.
edit: The data doesn't just magically show up in Canonical's CRM. They spent time and effort establish an integration with Microsoft and then building processes on top of that data.
As stated above, MS isn't selling this information. They are providing it for customer support purposes.
In the business world, having data marked "customer support only" is pretty common. There are quite a few laws acknowledging the difference. Importantly, the data is supposed to be kept separate and it sounds like Canonical screwed up here.
It’s like if you tell a friend that there's a key to your back door under the mat but to keep it a secret and instead of keeping the secret they tell a mutual friend about it and that mutual friend robs you since they know where the key is.
You shouldn’t trust the friend that told the your mutual friend where the key was and you shouldn’t trust the mutual friend who robbed you.
The friend who told your mutual friend may have done so for what they thought were useful reasons, like letting the mutual friend know so they could fix something for you while you’re out, but they still violated your trust non matter what their intent was.
Canonical is the one who violates trust here. Because they are using this information for marketing purposes, which they are not allowed to do under the information sharing agreement that they have with Microsoft.
So yes, we could argue whether Microsoft should be providing the installation information in the first place. It should at the very least be opt-out (on by default with the ability to not share), and preferably it should actually be opt-in (off by default, check a box to allow). So there is a violation of trust going on here, but this isn't any different than every other major tech company is guilty of right now (not that it makes it right).
But Canonical is the one that took the information and used it in a way that was never agreed to by either the person sharing the information (Microsoft) or by the user via the ToS (the ToS says that it is strictly for tech support, not for marketing). Canonical is the one that really overreached here.