Personal data might include location or GPS data, your name
and billing address, and if you have to provide your ISP with a copy of your photo ID to prove you are 18 in order to get unfiltered access in the future, it probably will include that.
Frustrating they turn this on by default without an email to announce it. Only recent email I have from Starlink is advertising the 50GB roam plan changing to 100GB.
Starlink by virtue of being your ISP would have access to any DNS queries you send over the Internet over UDP port 53 in plain text. Starlink is also able to redirect those queries to their own servers. Even if you manually specify 8.8.8.8 or 1.1.1.1 Starlink can redirect traffic to their own DNS servers and return responses as if they came from those servers.
By itself DNS can tell a pretty detailed picture about you and what you do on the Internet without the need for SSL inspection or other deep packet inspection techniques.
I assume the traffic over Starlink is encrypted, so what exactly do they mean with "personal information"? Like the very basic customer details and everything they can get from their analytics?
For my taste the sentences are over the top and full of weasel words. It's not even something I'd call legalese because it just sounds so insincere.
- "We may share your personal information with our affiliates, service providers, and third-party collaborators" or
- “Share personal data with Starlink’s trusted collaborators to train AI models."
Initially I was very critical of GDPR but when I see these kind of vague formulations I'm really happy that as a European I can expect companies to provide an itemized list of people and companies they will share the data with, and what kind of security measures these subprocessors are employing.
There's still a lot of wiggle room for lawyers to work around GDPR limitation, but at least you'd know if their "trusted collaborators" and "affiliates" are Google or Facebook, are domiciled in a foreign country, or if they are just to some small data science consultancy.
Personal data might include location or GPS data, your name and billing address, and if you have to provide your ISP with a copy of your photo ID to prove you are 18 in order to get unfiltered access in the future, it probably will include that.
Frustrating they turn this on by default without an email to announce it. Only recent email I have from Starlink is advertising the 50GB roam plan changing to 100GB.
This sounds bad. Does any other ISP do that? What sort of info could Starlink even see - the URLs?
Starlink by virtue of being your ISP would have access to any DNS queries you send over the Internet over UDP port 53 in plain text. Starlink is also able to redirect those queries to their own servers. Even if you manually specify 8.8.8.8 or 1.1.1.1 Starlink can redirect traffic to their own DNS servers and return responses as if they came from those servers.
By itself DNS can tell a pretty detailed picture about you and what you do on the Internet without the need for SSL inspection or other deep packet inspection techniques.
> the URLs
Only the domain ( https://en.wikipedia.org/wiki/Server_Name_Indication ).
I assume the traffic over Starlink is encrypted, so what exactly do they mean with "personal information"? Like the very basic customer details and everything they can get from their analytics?
For my taste the sentences are over the top and full of weasel words. It's not even something I'd call legalese because it just sounds so insincere.
Initially I was very critical of GDPR but when I see these kind of vague formulations I'm really happy that as a European I can expect companies to provide an itemized list of people and companies they will share the data with, and what kind of security measures these subprocessors are employing.There's still a lot of wiggle room for lawyers to work around GDPR limitation, but at least you'd know if their "trusted collaborators" and "affiliates" are Google or Facebook, are domiciled in a foreign country, or if they are just to some small data science consultancy.
https://starlink.com/legal/documents/DOC-1000-41799-67
Privacy policy here answers the question "What Personal Information Do We Collect? It's a lot.