[German]Microsoft's developers have implemented a feature called "Super Resolution" in the Edge browser, which is supposed to improve the quality of the images displayed in the browser. The horse's foot, which in my eyes is a GAU in terms of data protection: The URLs of the images in question are transferred to Microsoft servers in order to execute the function. The case shows that the topic of data protection is not (anymore) present in the Microsoft universe.
Advertising
I had once postulated in my German blog that China's developers will running into data protection issues with their software development, because "data privacy" is a foreign word in this Asian country. Regarding the USA I start guessing the same. Just now the news went through the press (see) that US authorities bought masses of cell phone data from data brokers for surveillance of Americans.
And in my German blog post Sicherheitsvorfälle (13. Juni 2023) I had reported on the discovery of a file from Microsoft's data marketplace Xandr. This file shows how data brokers like Microsoft's purchased data marketplace Xandr categorize Internet users for the advertising industry. The Markup has (beside my German source netzpolitik.org) the original story covered in English.
Now another case came to my view, that shows how carelessly Microsoft's developers handle data in the meantime. In the blog post Edge, a Malware from Microsoft! I picked up on a comment by Rafael Rivera. Rivera wrote that Edge now exhibits the behavior of malware and grabs users' personal data wherever it can. His recommendation was to avoid this browser if you care about privacy.
Edge Super Resolution sends image URLs
As part of the post Edge, a Malware from Microsoft!, a user reached out with this German comment, pointing out that Edge sends image URLs to Microsoft when the browser's Enhance Images feature is active. In doing so, he referenced the following tweet where a user reported his discovery.
Advertising
The tweet states that Edge now offers the ability to specify certain websites where images should not be enhanced. The description of this feature has been updated to clarify that "image URLs are sent to Microsoft to ensure optimal resolution." The option has been included in the stable build of the Edge browser for quite some time, he said. Now, however, Microsoft is beginning to roll out these features in waves ("controlled feature rollouts"), he said.
The image enhancement feature is enabled by default, but can be disabled in the Edge settings, it says. Martin Brinkmann had taken up the topic in the article Microsoft Edge's enhance image feature is sending image URLs to Microsoft on gehacks.net.
Martin Brinkmann points out that this is a big privacy issue, because images can reveal a lot about a user. Brinkmann also mentions that this is not the first time Edge has sent information to Microsoft. In April 2023, it was become public that Microsoft Edge transmits almost any page to Bing, as long as the browser's "Follow Creator" feature is enabled (see my blog post Microsoft Edge feature "Follow creators" sends nerly all visited website URLs to Bing API).
So another case of Microsoft's absolute encroachment with the Edge browser. No one can say exactly what happens to the images – it's quite possible that they will be scanned for content at some point (keyword porn scan). I wonder how anyone in a corporate environment can use Edge in good conscience? As an administrator, do you always have on your radar which GPOs and options to set so that privacy is maintained and data stays within the company? My impression: Edge is a complete mess from that view and need to be banned.
Advertising
