Print this article  |  E-mail this article  |  Comment on this article

Microsoft Makes Federal Privacy Push

By Ed Oswald, BetaNews

November 3, 2005, 2:20 PM

Microsoft has begun advocating for privacy legislation at the federal level. In a speech to the Congressional Internet Caucus, Microsoft general counsel Brad Smith argued that such legislation was needed to protect consumers and provide businesses with clear guidelines on how to protect sensitive data.

Three factors have contributed to Microsoft's decision to get behind federal legislation. A mish-mash of laws at the state, federal and international levels creates confusion, Smith explained. While the laws mean well, they can overlap or be inconsistent from state to state, and, in some cases, not be strong enough.

"A single federal approach will create a common standard for protection that consumers and businesses can understand and count on," said Smith.

Furthermore, Microsoft sees the increasing wariness of online commerce among Internet users as a threat to the success of the industry overall. With several high-profile cases of misplaced or lost information, as well as identity theft occurring in recent months, consumers need assurances that their data will not fall into the wrong hands.

"Individuals will not take full advantage of the Internet or any commercial medium if they believe that their information or data could be compromised or disclosed in unexpected ways," Smith said.

Such a concern leads into the Redmond company's third reason behind the push for privacy laws: consumers wanting more control over who has their personal information.

Smith said that laws must be put into place that makes this gathering process more transparent to consumers. That way, individuals know who can access their personal information and to whom it is being disclosed.

"We've seen a spate of legislative activity in the aftermath of several highly publicized data breaches, but for consumers, the reality is still pretty daunting," he explained.

Microsoft will call for four principles to be part of any legislative package: a standard for data collection, increased transparency in collection and disclosure practices, more control for consumers as to who may see or use their personal information, and assurances as to a minimum level of security required when data is being stored or in transit.

According to Peter Cullen, Microsoft's privacy strategist, such procedures are already being woven into the company's line of products. Microsoft has long been criticized for its lax security, which in recent years it has gone to great lengths to fix.

"We have woven privacy into the DNA of Microsoft, from product development to deployment, and decisions are made with privacy in mind," Cullen said.

"A comprehensive legislative approach to privacy that applies across the country would be part of the solution to give all consumers strong privacy and security protection, and allow everyone to realize the full potential that the Internet and technology can provide."

Add a Comment (21 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By Neoprimal

edited Nov 3, 2005 - 9:45 PM

I don't think MS has ever really been the privacy fiends as ppl have made them out to be. Granted, many of the 'protection' tools that they make require exchange of some information - but, thats the same with alternatives. Why then, is there an outcry (and from exactly who) when MS tools do it? That's the question people should ask.
We don't know exactly who out there is so called 'representing' us as the public. For all we know it could be the owners of the spam and phishing sites....
In any case, I too trust MS. I've never been given a reason not to; and I'm not doing anything I'm afraid of being identified as doing. i find it's generally the perverts and evil-doers that are scared of these things.
Those who are trying to find kiddie porn and breaking into other people's computers are the ones deathly scared and paranoid of being identified. I mean, why else would someone be SO scared?
Me personally, as long as 1. Noone uses my credit card other than myself and 2. I dont start magically receiving email and postal mail from nowhere, then I'm OK.
They can have my name, address and phone numbers.

Score: 0

By pugsley42

edited Nov 4, 2005 - 11:35 AM

How about, we are granted our privacy as a basic right. That's it. Period. Privacy is an inalianable right granted to each and every citizen of this county. It's one of our basic principles. To state that we should only be concerned about our privacy if we have something to hide is wholly ignorant and laughable.

Score: 0

By JacenSolo

posted Nov 3, 2005 - 10:21 PM

A number of reasons.

I'm sure MS won't, but some companies are into the practice of handing out addresses and numbers to spammers.

And since you mentioned kiddie porn, some people would get addresses of people from public profiles(mostly young girls) just for that... I think you get the picture.

Plus, it's the prinipal of the whoe thing. My information, not theirs.

Score: 0

By fewt

edited Nov 4, 2005 - 7:39 AM

"some people would get addresses of people from public profiles"

That's why parents need to be aware of what their children are doing on the internet.

A pedophile can't get information about your kid if it's not out there.

If they argue, explain why it shouldn't be posted in plain english. They will get the point.

My son is allowed to use an instant messenger as long as it is configured to ignore people not on his buddy list. If he wants to add people he has to run it by us first, so far 100% of the time it's been OK because it's been school buddies and he's been ok with it because he knows why it must be that way.

Score: 0

By JacenSolo

posted Nov 4, 2005 - 9:19 AM

Yeah I know, but...

I'm 17 now, but I remember when we first got internet, I was... 10 or 11, I think. I used to do a lot of things on it my parents didn't know about.

Instant messengers are mainly safe anyway, Yahoo and MSN both have rules about deception, so you can report violators to them.

It's IRC thats a worry...

Score: 0

By Neoprimal

posted Nov 4, 2005 - 3:14 AM

That's just it. I wouldn't give my information to 'some company'....MS is a huge and reputable company. Not like a one month old startup asking for your information.

Score: 0

By cooldude7273

posted Nov 3, 2005 - 4:38 PM

In response to your first link, when you use IE7 with the filter, it prompts you if you want to use it. I dosn't assume you want it on, it asks you first - unlike many other companies. What Microsoft does with private info is great compared to many other companies, take ChoisePoint, maybe even Sony's DRM?

Score: 0

By wincement

posted Nov 3, 2005 - 3:08 PM

I guarantee this is directly related to their "Live" project. They're trying to eliminate people's privacy concerns about it.

Score: 0

By cooldude7273

posted Nov 3, 2005 - 4:39 PM

What potential privacy issues are there with the Live project? (This is a legit question, I havn't read of any.)

Score: 0

By wincement

posted Nov 3, 2005 - 6:37 PM

All of your data is stored on a web server. That means it is accessible from anywhere on the web 24/7. All it would take is a hacker with more time than the security team and whammo. No more privacy.

Score: 0

By JacenSolo

posted Nov 3, 2005 - 4:52 PM

Potentially, anything running through their service, could be read by them. I doubt MS would do that through.

Score: 0

By wincement

posted Nov 3, 2005 - 7:17 PM

Yeah. I wasn't talking about MS mis-using the information. Unlike most others, I trust that they won't do that.

Score: 0

By gawd21

posted Nov 3, 2005 - 7:21 PM

I know I may get flames for this, but I trust MS for the most part.

Score: 0

By fewt

posted Nov 4, 2005 - 7:40 AM

bleh, I don't.

Score: 0

By gawd21

posted Nov 4, 2005 - 10:25 AM

Not starting a fight, but Fewt, I know that you don't like MS and I understand why, but I would like to know why you don't trust them to at least not share your information. I am not being a arse I just want your opinion that is all.

Score: 0

By wincement

posted Nov 3, 2005 - 10:34 PM

W00t! I'm not the only one!

Score: 0

By gawd21

edited Nov 3, 2005 - 6:23 PM

Yes, MS might not read it, but maybe the millions of hackers that will use password crackers or some other flaw, will be. This is the same as anytime you store information, but when it is online where they have 100% easy access to it, you will see more people trying and as we all know MS is one of the most hated companies if not the most, in the world. I like MS, but I want everyone to think more than twice before they even think about using this.

As for the privacy, I am glad that someone is pushing for it. It's way past due. I have seen too many companies that have lost or given information out that should have been locked up tighter than the Whitehouse.

Score: 0

By gawd21

posted Nov 3, 2005 - 7:11 PM

I really think MS is trying to create a better and brighter future for us all. I really do. I don't think that they are thinking in realistic terms.

Score: 0

By JacenSolo

posted Nov 3, 2005 - 10:18 PM

For once, i agree.

And is any online service, "safe"? If I shop on Ebay, is that "safe"? If I use Yahoo Mail, is that "safe"? If I store personal information using my netbanking site, is that "safe"?

No. Any password can be cracked. You just have to use a very good combo of numbers, letters, upper case, lower case and symbols to protect your information. Live isn't an exception.

Score: 0

By gawd21

posted Nov 4, 2005 - 10:36 AM

No, they aren't safe, but they aren't MS and they (most of the time) don't have your personal records stored on them either. I understand that a good password can help to protect you, I am more worried about the billions of hours the hackers will have to crack them and find the security holes. If someone is to keep a copy of their financial records on this, and let say a small business uses it to store it's files that may have your ss# cc# and whatever else, wouldn't a hacker go out of his way to get it. Yahoo's web based mail is a little different in the fact that most people wouldn't store financial records there. With the computers today being able to run password crackers on top of each other how long do you think it would take them to crack your password of M3@jhRq23# or whatever.I don't think that it would them that long, they will have weeks and months to do it in. How many people change their passwords weekly, monthly, or even yearly? This is my concern. I don't want to do business with a company that will be storing my personal information on the web. I know that I won't be using it.

Score: 0

Dec 1 - 4:58 PM ET Blockbuster downloads headed for more devices via Live Mesh

Dec 1 - 4:55 PM ET AOL's PlaySavvy speaks to game-shy parental units

Dec 1 - 4:41 PM ET Less bad news than anticipated for the semiconductor industry in 2008

Dec 1 - 3:51 PM ET 'Xohm' makes way for 'Clear,' as Sprint/Clearwire merger moves ahead

Dec 1 - 2:01 PM ET Chasing down the latest Cyber Monday tech deals

Dec 1 - 12:50 PM ET Will 'Cyber Monday' fare better than a weak 'Black Friday?'

Dec 1 - 12:38 PM ET Microsoft Cashback goes offline to Black Friday shoppers

Dec 1 - 11:19 AM ET DTV broadcasters could make another transition to mobile next year

Nov 29 - 1:41 PM ET Teacher must still surrender license in bizarre 'exposure to porn' suit

Nov 26 - 9:19 PM ET Spambots edge back online post-McColo