Microsoft to publish its privacy rules

MOUNTAIN VIEW, Calif.--Microsoft plans in August to publicly release the privacy rules its employees have to follow when developing products.

The move, which offers a look behind the scenes at Microsoft, is meant to give the industry an example of what the software giant sees as best practices in customer privacy, said Peter Cullen, the chief privacy strategist at Microsoft.

"We think that this is information that partners and others could benefit from. Lots of people build and develop applications," Cullen said in an interview Thursday. "The privacy development standards will not only be made public, but we will actively be promoting their use so that others can benefit from what we've learned."

Related news
Fighting Microsoft's piracy check

Ways to avoid the WGA tool are appearing on the Net.

The privacy rules offer guidelines on providing people with proper notification and options in certain situations--for example, when a software application is about to send information via the Internet to its maker, Cullen said. Microsoft believes it is the first major software company to publish these guidelines.

"This is designed for an IT pro or a developer, in terms of: 'If you're building an application that does X, this is what we think should be built,'" he said. "The public document will use a lot of 'shoulds.' Inside Microsoft, those are 'musts.'"

While the release of the guidelines will likely not have any immediate effect on consumer privacy, it is a positive development, privacy watchers said.

"Microsoft is advancing the dialog about how privacy issues are addressed by the technology providers," said James Van Dyke, an analyst at Javelin Strategy & Research. "This will force other technology firms to similarly comply, rebut or propose alternative positions, all of which will move us closer to deciding acceptable use of private information through technology."

The company has a single, global privacy policy, Cullen said. This means that the same policy applies even in countries that have limited or no privacy regulation.

Microsoft's privacy reputation is not untarnished. Earlier this month, it faced criticism for not disclosing that one of its antipiracy tools, called Windows Genuine Advantage Notifications, pinged the company every time a PC was booted up. Microsoft has offered a public mea culpa and has said it will adjust the frequency of the calls home.

"We have a basic promise that we will be as transparent as possible," Cullen said. "We neglected the area of the notifications, so that's definitely going to be changed?It's just an oversight."

Some of Microsoft's practices are impressive and commendable, but others are badly bungled, said Ben Edelman, a spyware researcher and Harvard doctoral candidate. He supports Microsoft's plan to publish its privacy standards for developers.

"It's a fine idea," he said. "It would be easier to endorse if we could be more confident that Microsoft's own house is in order, which is suddenly a subject of some worry after the WGA issues."

(Return to CNET News.com next week for the full interview with Microsoft's Cullen.)

[bea944]

Spying or not?

I think its a shame that a handful of people steal to make us all suffer by having Microsoft scan each computer each and everytime we logged on is over kill. Once is enough but everytime is a complete distrust from a software giant make this a disgrace.

[Joe Bolt]

I think you'd have to define "scan"

"bea944" claims:

"make us all suffer by having Microsoft scan each computer each and everytime we logged on"

I went back and re-read the article and didn't see anything about MS "scanning" our computers. As anyone who's ever run an anti-spy program knows, this can take anywhere from 5 to 10 minutes of solid drive activity. Jeez, if MS did that, you'd think the complaints would just be rolling in!

Now "checking" something on our computers, like whether or not we've stolen their software, is a different matter, of course, and only takes a sec.

Perhaps you just got your terminology mixed up. I'm sure you weren't trying to use "scare tactics" to enforce your point. Certainly, the intelligent techies who use this forum are beyond such obvious ploys.

[goombah]

Don't Blame the Pirates

The "handful of people" who steal are not responsible for WGA and the like. It's the response of paranoid, greedy management at companies like Microsoft who choose to make criminals out of its customers instead of engaging the copying issue more constructively. BTW, Microsoft has not really issued a "mea culpa"--they're not removing the buggy software (which has been declared spyware) that they put on people's computers without people's knowledge or consent--just planning to check less frequently. Doesn't solve the problems where people are being daily accused of software piracy whose WinXP installs were the factory originals! What Microsoft doesn't pay attention to is that there are alternatives where one can be free of all that--I'm particularly speaking of Linux, which is what's running on my PC at present. There's also the Mac, which under OS X is running the way Windows SHOULD be. Don't let anybody snow you--Linux is getting more user-friendly by the day, and if one isn't too lazy to crack a couple of books or so, you can not only run the thing but be able to use it for most or all of the practical purposes that you're using your PC under Windows. A couple of good "distributions" are Ubuntu (http://www.ubuntu.org) and SimplyMEPIS (my favorite, at http://www.mepis.org). Those two (among many others) are available in a "LiveCD" form which allows you to boot up from a CD-ROM and run your computer without having to put the first byte on your hard drive--THEN you can decide whether to install it. You can download the LiveCD's as an image file (called an .iso) file and burn 'em to a CD. Ubuntu will even send you a pressed CD set (LiveCD and Install CD) for free. Try it--you may like it! And enjoy the freedom!

[kamwmail-cnet1]

MS definition of Privacy: As long as MS knows all your PC's info, its priv

MS definition of Privacy: As long as MS knows all your PC's info, its private.

[Joe Bolt]

I think you'd have to define "all"

"kamwmail" claims:

"MS definition of Privacy: As long as MS knows all your PC's info, its private."

You didn't quite define what you meant by "all", but here's a guess:

- What OS you're using
- Your IP address
- What country you're in
- What area of the country you're in
- Your screen's resolution
- What browser you're using

How's that? All of those could certainly be considered "private" information, right? Therefore, if a company learns those facts about your computer, then it's an "invasion of privacy", right?

Right?

Now, come on, I can hear you hesitiating. The above are the "vital stats" of your computer, and are therefore yours and yours alone, and therefore "private", right? And if some bad, evil company steals them, then it's an "invasion of privacy", right?

"Uh, right!!"

That's better. Shame on Microsoft for stealing your private info!

"Hang 'em all!!"

That's the spirit! If only there were more responsible, intelligent citizens like yourself, these evil companies would think twice before invading our privacy!

Of course, "these companies" means every web site on the Internet, all of which can suck every piece of the above list off your computer, firewall or not. Most ISPs run some kind of web stats program, and for a small extra fee a month, the webmaster can monitor all of the above stats, usually for demographic feedback (what to advertise on the site) and design issues. Like, when the vast majority of screen resolutions went from 640x480 to 800x600, and then to 1024x768, and so on. That makes a difference in how the site is designed.

And, unless you're running a firewall with some sort of "Privacy control", like Norton Firewall has, they can suck off even more of your info, like your email address.

Want to make a little test? Go to this site:

http://www.boatered.com/forum

Click on the 'Register' button on the upper-right. On the next page, click on the 'Agree' button at the bottom. If you're taken to the registration page, you do NOT have "privacy control" on your computer. If the same page just displays again, you do.

Of course, I admit I feel a little guilty spoiling the party like this. Without some large company to bash (Microsoft, Big Oil, etc), your lives would be seriously empty.

Let's just forget I said a thing.

[Joe Bolt]

Somebody call the Dept of Justice!

From the article:

"Earlier this month, it faced criticism for not disclosing that one of its antipiracy tools, called Windows Genuine Advantage Notifications, pinged the company every time a PC was booted up. Microsoft has offered a public mea culpa and has said it will adjust the frequency of the calls home."

That's just criminal, isn't it? Imagine, a company 'phoning home' every time you use the program! Somebody ought to call the Dept. of Justice and shut Microsoft down!

Of course, I suppose they'd also have to shut down a few other companies, as well. Off the top of my head:

- MusicMatch phones home every time you use the program.

- WinDVD phones home every time you use the program.

- AdAware, Pest Patrol, Spy Sweeper, Xoftspy, and pretty much ever other anti-spy program phones home every time you use the program.

- Quicktime phones home every time you use the program.

- Nero phones home every time you use the program.

- RealNetworks phones home every time you use the program.

- TrueImage phones home every time you use the program.

And those are just the programs on my computer. Imagine how many more programs do the same thing.

But forget all that. Let's just pick on Microsoft. They're a nice, big fat target. Besides, it's 'hip' and 'cool' to bash Microsoft.

Just ask anyone here.