Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Microsoft releases guidelines for customer privacy

By Elizabeth Montalbano , IDG News Service , 10/17/2006

Criticized in the past for an initiative that would require the company to collect and catalog personal information about its customers, Microsoft on Wednesday released an internal document about how it protects customers' privacy in the hopes other companies will adopt similar practices.

The company publicly published a 49-page document, called Microsoft’s Privacy Guidelines for Developing Software Products and Services, at the International Association of Privacy Professionals Privacy Academy 2006 in Toronto. The document can be found here.

The document outlines recommendations for software developers that will help them protect customer privacy when building applications that deal with sensitive information, such as Web sites or Web-based features that send personal information over the Internet, said Peter Cullen, Microsoft's chief privacy strategist. He will speak on a panel at the show on Friday, sharing and discussing the document with attendees there.

For example, Cullen said Microsoft implemented a way to erase personal information in the new phishing filter it has built for its Internet Explorer browser. The filter, designed to protect users when they surf to online sites that could use phishing to steal personal information, compares sites that users visit to known phishing sites. However, before going to any site to do this verification, the filter erases any personal information that would identify which user visited, he said.

Microsoft has not always been seen as sensitive to customer privacy. Five years ago, the company tried to implement a project code-named Hailstorm, which theoretically would store personal and credit-card information and passwords so users could easily sign on to various sites. Customers balked at the idea of Microsoft controlling their personal information, and the project never lived up to its hype.

Cullen said Microsoft has learned a lot from such experiences and wants other companies to implement the practices it has developed to protect customer privacy.

"Certainly that and other things have contributed to us thinking deeply with how we provide security and privacy, as well as respect and control with how their information is used," he said. "We think others should join in this discussion."

Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.

Download the white paper.

Unauthorized applications: Taking back control

Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?

Download the white paper.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Save The Date!
What They Are Saying

DLP solutions are the first-last opportunity to correct a policy problem...and do so at the last frontier...- Schratboy

Join the Discussion