April 4, 2001 7:20 PM PDT
Privacy terms revised for Microsoft Passport
- Related Stories
With HailStorm, think fee, not freeMarch 22, 2001
The company is facing scrutiny of a major new software initiative dubbed "HailStorm" that will build on the 2-year-old Passport and other Microsoft technologies to create a new method of delivering software applications over the Internet.
Passport is a single sign-in service that gives consumers a key for multiple Web sites. Among other things, HailStorm has been billed as a way to widely manage personal data as consumers operate computer applications.
The new, much stricter agreement clarifies that Microsoft's right to use customer communications is only in the case of an exchange with the company.
"By submitting any feedback or suggestions to Microsoft concerning the Passport Web Site or the Passport Service, you warrant and represent that you...are granting Microsoft and its affiliated companies permission to use, modify, copy, distribute, transmit, publicly display, publicly perform, reproduce, publish, sublicense, create derivative works from, transfer, or sell any such feedback or suggestions."
The agreement is also careful to point out that the terms don't apply to "documents, information, or other data that you upload, transmit or otherwise submit to or through any Passport-enabled Properties."
HailStorm itself has become a lightning rod for criticism from privacy advocates, since the plan would, in essence, make Microsoft the keeper of a wide range of personal data, such as credit card numbers and banking information. Critics argue that Microsoft's single repository of user data would be vulnerable to hacker attacks, and that the company might be tempted to sell or otherwise use the data inappropriately.
Microsoft executives argue that people will own their data, which will be maintained in a secure repository under supervision of a third-party hosting company. Charles Fitzgerald, Microsoft's director of business development, said another plan under discussion would let people "own" their data locally on smart cards to increase security. Fitzgerald also said Microsoft has no plans to mine, sell, target or publish user data stored in HailStorm.
"Why should I trust this company with managing all of my personal data? When I see terms of service that basically gives them control over my personal information and potentially the content of messages, that doesn't instill confidence or trust in me for their new service," she said.
Often, Web visitors simply don't notice or fear site policies that in theory are designed to protect consumers as well as companies.
HailStorm is expected to enter testing later this year and become available next year through Microsoft's products, including its Windows operating system, Office business software and Xbox gaming console. HailStorm will also become a component of the company's Web sites, such as MSN and bCentral.
News.com's Mike Ricciuti contributed to this report.