Dissecting Case 01438 Exhibit B, Part 5

Back in September, Microsoft finished their investigation and issued a statement regarding the location issue. It comes as no surprise that the plaintiff updated the class action complaint to address these statements. (You can read the entire amended complaint (Document 19) for yourself, if you wish.)

Ignoring the grammar changes peppered throughout, two major changes were made:

1. The plaintiff added a new claim, alleging Microsoft violated the Washington Privacy Act (with emphasis mine):

Washington’s Privacy Act, RCW §§ 9.73, et seq. (“Privacy Act”) prohibits companies from intercepting private communications without the consent of all parties involved. The Privacy Act is one of the most restrictive privacy statutes in the United States.

Microsoft does not qualify as an entity exempted from liability under the Privacy Act as defined by RCW § 9.73.070.

Defendant’s conduct violated RCW § 9.73.030(a) because Defendant intentionally intercepted and/or recorded, by device or otherwise, private communications from mobile devices, as described more fully herein, without first obtaining the consent of Plaintiff or the Class.

Defendant’s conduct also violated RCW § 9.73.030(b) because Defendant intentionally intercepted and/or recorded, by device or otherwise, private conversation(s) from mobile devices, as described more fully herein, without first obtaining the consent of Plaintiff or the Class.

Plaintiff and the Class suffered harm as a result of Defendant’s violations of the Privacy Act, and therefore seek liquidated damages computed at the rate of one hundred dollars a day for each day of violation, or one thousand dollars, whichever is greater, and reasonable costs and attorneys’ fees. RCW § 9.73.060

2. The plaintiff added additional details to their Factual Background write up (with emphasis mine):

IV. Microsoft Admits To Unlawful Tracking

In September of 2011, shortly after this lawsuit was filed, Microsoft issued a press release indicating that it had discovered a “bug” in its Windows Phone OS that caused mobile devices running the software to transmit location information to Microsoft’s servers through its camera application—without user consent.

Specifically, Microsoft’s press release stated, in relevant part, that:

We have identified an unintended behavior in the Windows Phone 7 software that results in information about nearby Wi-Fi access points and cell towers being periodically sent to Microsoft when using the Camera application … the software bug results in the behavior even where you have disabled geotagging photos in the Camera application.

Although Microsoft attempts to blame its unauthorized tracking scheme on a software “bug,” the true facts show otherwise. Microsoft is one of the largest and most renowned software developers in the world, with a highly sophisticated staff of engineers. The idea that, during the programming process, these software engineers simply “overlooked” the fact that their own code was designed to ignore users’ refusal to consent to be tracked is untenable.

Furthermore, as described above, Microsoft made very specific representations to U.S. Congress members about the very functionality of its Windows Phone 7 OS that the Company now claims is flawed. Even assuming, arguendo, that Microsoft’s initial oversight led to the unlawful transmission of its users’ geolocation data, surely Microsoft’s engineering team conducted further investigation into the software before submitting to Congress that its software never transmits geolocation data without express permission of the user.

In truth, this was no coding error. Microsoft intentionally programmed its software to send its users’ geolocation information to its servers without consent because it wanted to maximize the amount of data it receives for use in its database. Now that it has been exposed, Microsoft is attempting to cover-up its malfeasance.

Whoa. Those are quite the punches! Unfortunately, they don’t land anywhere.

I won’t dispute the fact that Microsoft is one of the largest software shops in the world, but I don’t feel this directly correlates to software quality within individual product groups. If anything, it catalyzes the “oops rate”. Take Adobe, for example. They’re huge, right? So with this line of thinking, Acrobat Reader and Flash should be amazing. But they’re not even close. Recently released Microsoft Security Intelligence Report 11 shows that “Adobe Acrobat and Adobe Reader [exploits] accounted for most document format exploits detected in [1H] 2011.” And look at Skype for Windows software. 31% of its issues reported as Critical remain unresolved to date. (Any real user will tell you it’s one of the worst necessary evils on PC today.) Finally, let’s not forget this team was responsible for some high visibility blunders, such as the February and March update and the still-online illegal Nintendo ROMs on the marketplace. Point is: Nobody’s perfect. Not even Microsoft.

Untouched was the original research provided by Samy Kamkar, which is interesting given the research doesn’t hold water due to the use of a AT&T bound Samsung Omnia 7 – a combination that isn’t legitimately available to consumers in the US. But with Microsoft’s validation of the bug, I suppose the research’s value isn’t very high anymore.

What are your thoughts?