Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Wolfie Christl Profile picture
@WolfieChristl
Nov 24, 2020 31 tweets 16 min read Read on X
Scrolly
Esoteric metrics based on analyzing extensive data about employee activities has been mostly the domain of fringe software vendors. Now it's built into MS 365.

A new feature to calculate 'productivity scores' turns Microsoft 365 into an full-fledged workplace surveillance tool: Image
Employers/managers can analyze employee activities at the individual level (!), for example, the number of days an employee has been sending emails, using the chat, using 'mentions' in emails etc.

Microsoft promo video:


Via Heise:
heise.de/news/Anwenderu… Image
Showing data on individuals can be turned off, but it's activated *by default*. This normalizes extensive workplace surveillance in a way not seen before.

I don't think employers can legally use it in most EU countries. I'm sure they cannot legally use it in Austria and Germany. Image
In addition, Microsoft lures companies into sharing employee data with Microsoft in order to show them how their numbers compare to the numbers of other organizations.

As a result, Microsoft gets access to a massive stack of employee data across many organizations. Image
This is so problematic at many levels:

- Managers evaluating individual-level employee data is a no go
- Any evaluation of group 'productivity' data can also shift power from employees to organizations
- Employee self control via MyAnalytics is the first step to normalization
- Not least, Microsoft gets the power to define highly arbitrary metrics that will potentially affect the daily lives of millions of employees and even shape how organizations function
MS has been selling services that involve the analysis of data on employees for a few years.

In 2015, they introduced Delve, which 'map[s] the connections between people, content and interactions' across Office 365 to provide personalized recommendations.
microsoft.com/en-us/microsof… Image
Personalized recommendations and knowledge management, why not?

In the same year, MS also announced 'Delve Organizational Analytics', which did not just provide recommendations, but insights into behaviors and interactions to employees, and to managers.
venturebeat.com/2015/05/04/mic… Image
Subsequently, MS introduced MyAnalytics, a kind of 'self tracking' dashboard for employees, and Workplace Analytics, its top-down counterpart for managers.

The latter provides all kinds of odd metrics based on extensive data.
techcommunity.microsoft.com/t5/workplace-a…
docs.microsoft.com/en-us/workplac…
Everything is based on the so-called 'Microsoft Graph' formed by 'hundreds of millions of users of Microsoft 365 cloud services', including data on 'social interactions'.

Employers and others can use the 'people API' to develop custom software:
docs.microsoft.com/en-us/graph/so… Image
"The people API returns data of a single entity, person, which includes typical data of an individual in today's business world"

"Relevance is noted in a relevance score of each person ... based on the user's communication and collaboration patterns and business relationships" Image
From the Microsoft Graph API docs:

The 'activityStatistics' object represents 'time spent by a user on various work activities during and outside of working hours, for the specified time range in the request', from calls to chats to email to calendar'.
docs.microsoft.com/en-us/graph/ap… Image
Or. The 'usedInsight' object lists 'documents that a user has viewed or modified', including data from OneDrive and SharePoint.

Of course, this data is available. But in this case, it's part of 'people and workplace intelligence'.
docs.microsoft.com/en-us/graph/ap…
docs.microsoft.com/en-us/graph/ap… Image
Employers are increasingly exploiting metadata logged by software and devices for performance analytics and algorithmic control.

MS is providing the tools for it. Practices we know from software development (and factories and call centers) are expanded to all white-collar work.
Some reading stuff:

'The datafication of the workplace', 2019
datajusticeproject.net/wp-content/upl…

Data & Society papers, 2019
datasociety.net/wp-content/upl…
datasociety.net/wp-content/upl…

'The Datafication of Employment', 2018
tcf.org/content/report…

'Algorithms at work', 2020
angelechristin.com/wp-content/upl…
Oh, and in Workplace Analytics, Microsoft assigns every employee an 'influence score', a 'numeric score that indicates how well connected a person is within the company' based on extensive email, calendar, call and chat data.
docs.microsoft.com/en-us/workplac… Image
Articles:

"Microsoft 365 is going full cop on employees with constant monitoring" inputmag.com/culture/micros…

"Microsoft tool lets employers watch staff and award 'productivity scores' based on how many emails they send" independent.co.uk/life-style/gad…

Best piece: newrepublic.com/article/160388…
"With Productivity Score, Microsoft is joining a lucrative industry of startups selling worker tracking software ... There’s 73 pieces of granular data about worker behavior employers have access to, all associated with employees by name"
forbes.com/sites/rachelsa…
According to Forbes, Microsoft stated:

"We make all of these choices available to customers"

Translation:

"We are neither responsible for the tech we create and provide to tens of thousands of employers nor for the ways it may affect millions of workers"
According to The Register, MS stated "There is no PII data in there" #wtf

Productivity Score clearly processes personal data as defined in the GDPR, and it can even show personal data in reports, including names (=PII, which is a distracting term anyway)
theregister.com/2020/11/26/pro…
The US industry has long been pushing a misleading definition of 'personally identifiable information' (PII) that declared most data linked to personal identifiers as 'non-PII'.

It's annoying that MS uses the term 'PII' in this context, but it's clear why
MS claims: "Productivity Score is not designed as a tool for monitoring employee work output and activities"

1) Yes, it doesn't monitor work output. That's why calling it 'Productivity Score' is flawed
2) It DOES monitor employee activities
3) It will be used in problematic ways Image
Here are some examples of employee activities 'Productivity Score' is not just recording, but also reporting at the individual employee level, according to Microsoft's own docs:
docs.microsoft.com/en-us/microsof…
docs.microsoft.com/en-us/microsof…
docs.microsoft.com/en-us/microsof…
docs.microsoft.com/en-us/microsof… ImageImageImageImage
But as I stated above, whether individual-level or 'only' group/org-level reporting, monitoring+evaluating employee activities (in Word, Excel, PowerPoint, OneNote, Outlook, OneDrive, Sharepoint, Skype, Teams and Yammer) at this scale and depth is very problematic in either case.
For example, every time an employee accesses, creates, modifies, syncs, copies or moves a file using OneDrive or SharePoint, this is being tracked; and data is flowing into 'Productivity Score' and other useless and irresponsible reporting systems.
docs.microsoft.com/en-us/microsof… Image
Such log data should ONLY EVER be used under very strict conditions, for a *very* limited set of purposes, e.g. security and technical operations, but neither for actual performance rating stuff nor for random bs metrics invented by stupid 'employee experience' propagandists.
While Productivity Score is quite new, MS Workplace Analytics has been around for years.

It allows employers to run all kinds of queries based on the same kind of log data on employee activities, and it deserves much more scrutiny.
docs.microsoft.com/en-us/workplac…
Image
If employers and vendors such as Microsoft keep going down the path of limitless data solutionism, often as an end to itself, they will help to destroy any remaining trust into meaningful data processing.

What can knowledge workers do?

- Learn & discuss
- Organize & fight back
Some more articles:
theguardian.com/technology/202…
businessinsider.com/microsofts-pro…
zdnet.com/article/micros…
gizmodo.com/microsofts-cre…

Btw. I cannot take any responsibility for skyrocketing productivity scores on 'communication' and 'meetings' for Microsoft's PR dept.
As pointed out by several people, this is really a perfect fit 🤖

@nealstephenson wrote about Microsoft's knowledge worker monitoring tool 'Productivity Score' nearly 30 years ago, in his novel 'Snow Crash' (1992). Image
Update, Microsoft makes changes to its 'productivity score' tool:

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Wolfie Christl

Wolfie Christl Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @WolfieChristl

Wolfie Christl Profile picture
Sep 5
I took another look at Snowden docs that mention browser/cookie IDs.

It's breathtaking how the surveillance marketing industry has still managed to claim for many years that unique personal IDs processed in the web browser are somehow 'anonymous', and sometimes still does.
Another 2011 doc indicates that the GCHQ operated a kind of probabilistic ID graph that aims to link cookie/browser IDs, device IDs, email addresses and other 'target detection identifiers' (TDIs) based on communication, timing and geolocation behavior:
Btw. What inspired me to revisit these docs is @ByronTau's book Means of Control, which not only details how US agencies buy commercial data from digital marketing but also provides deep historical context, tracing back to early-2000s debates on Total Information Awareness (TIA).
Read 19 tweets
Wolfie Christl Profile picture
Jul 16
Die digitale Werbeindustrie verkauft Smartphone-Standortdaten und Bewegungsprofile von Millionen Menschen in Deutschland, darunter Privatpersonen und sensibles Personal.

Große Recherche von und BR, die einen riesigen Datensatz als "Muster" erhalten haben. netzpolitik.org


Image
Image
Image
Sie haben Menschen identifiziert, die Entzugskliniken, Swinger-Clubs oder Bordelle besucht haben, aber auch Personal von Ministerien, Bundeswehr, BND, Polizei.

Die Recherche auf netzpolitik (7 Artikel):


Visuell aufbereitet vom BR:
netzpolitik.org/tag/databroker…
interaktiv.br.de/ausspioniert-m…
Image
Fast alle Smartphone-Apps sind heute mit zwielichtigen Datensammeltechnologien "verwanzt".

Völlig unkontrollierte Datenmarktplätze, u.a. die Firma Datarade mit Sitz in Berlin, bieten Standort- und andere Verhaltensdaten über ganze Bevölkerungen aus vielen Ländern zum Verkauf an.
Image
Image
Read 12 tweets
Wolfie Christl Profile picture
May 30
So, Microsoft exploits activity data from Outlook, Teams, Word etc across customers for its own promotional purposes, including on meetings, file usage and the seconds until emails are read.

Aggregate analysis but based on massive personal data processing
microsoft.com/en-us/worklab/…

Image
Image
Microsoft states that the analysis on the seconds until emails were read excludes EU data. Activity data from Outlook, Teams, Word etc, however, seems to include EU data.

What's their legal basis? This is also personal data on employees. And, are business customers fine with it?
Should cloud-based software vendors exploit personal data on users of their services, including private persons and employees of business customers, how they see fit?

I don't think so.

Not even for public-interest research, at least not without academic process and IRB review.
Read 4 tweets
Wolfie Christl Profile picture
Feb 29
Some more findings from our investigation of LiveRamp's ID graph system (), which maintains identity records about entire populations in many countries, including name, address, email and phone, and aims to link these records with all kinds of digital IDs:crackedlabs.org/en/identity-su…
Identity data might seem boring, but if a company knows all kinds of identifying info about everyone, from home address to email to device IDs, it is in a powerful position to recognize persons and link profile data scattered across many databases, and this is what LiveRamp does.
LiveRamp aims to provide clients with the ability to recognize a person who left some digital trace in one context as the same person who later left some trace elsewhere.

It has built a sophisticated system to do this, no matter how comprehensive it can recognize the person.
Read 12 tweets
Wolfie Christl Profile picture
Nov 14, 2023
As part of our new report on RTB as a security threat and previously unreported, we reveal 'Patternz', a private mass surveillance system that harvests digital advertising data on behalf of 'national security agencies'.

5 billion user profiles, data from 87 adtech firms. Thread: Image
'Patternz' in the report by @johnnyryan and me published today:


Patternz is operated by a company based in Israel and/or Singapore. I came across it some time ago, received internal docs. Two docs are available online.

Some more details in this thread. iccl.ie/wp-content/upl…
Image
Here's how Patternz can be used to track and profile individuals, their location history, home address, interests, information about 'people nearby', 'co-workers' and even 'family members', according to information available online:

isasecurity.org/patternz
web.archive.org/web/2021062210…
Image
Read 30 tweets
Wolfie Christl Profile picture
Nov 6, 2023
, a 'social risk intelligence platform' that provides digital profiles about named individuals regarding financial strain, food insecurity, housing instability etc for healthcare purposes.

Incredibly intrusive, horrifying that this can exist in the US. sociallydetermined.com
Image
"It calculates risk scores for each risk domain for each person", according to the promotional video, and offers "clarity and granularity for the entire US".

Not redlining, though. They color it green. Image
Making decisions based on these metrics about individuals and groups seems to be highly questionable and irresponsible bs.

Safegraph, a shady location data firm, is among the data providers:
safegraph.com/customers/soci…
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(