As Microsoft's chief privacy strategist, Cullen is a proponent of trust playing a big role in helping customers realize the potential of technology.
For a high-profile company like Microsoft, that means ensuring confidential user information is well-protected, and giving customers the ability to control the data they provide.
In an interview with CNETAsia, Cullen discussed how the software giant is helping to block more than 3 billion spam messages a day and explains why the company chopped its 13-page privacy notice to a single page.
Q: When Singapore first established a credit bureau, it sparked a heated debate about the loss of privacy. Before your current role as Microsoft's privacy officer, you held a similar role at the Royal Bank of Canada. Based on your experience, how do you balance a company's need for information and a customer's need for privacy?
Cullen: In many different scenarios, customers are looking to capitalize on the benefits that information flow creates for them, while at the same time to minimize their risk (exposure). So in a credit exchange, they want to know their information is being protected and used appropriately, and they have control over it.
When our customers interact with our products, it's exactly the same. They want to know their information is protected, that the product does a great job of protecting the information, that they have control over how their information is used (in terms of what information is given to Microsoft) and they have some choices over what information gets collected.
We do that through a number of different ways. One is (to provide) very clear and prominent notices that explain to our customers exactly what happens to their information, how it's collected and what it's used for.
But do people really read privacy notices?
Cullen: What's happened with a number of companies over the past several years is that in a desire to become transparent and accountable, privacy notes have become very long. So we recently made some changes in MSN, where the privacy note was once 13 pages long. That's great for users because there's a lot of information, but it's very difficult to read.
So we created "short notices," which present privacy notices in layers. All the key information that customers want is on a one-page screen, and they always have the option to look at the longer form. By the end of this month, all MSN sites worldwide will have short notices.
Is this the best way to increase awareness about the need to read privacy notes?
Cullen: We think about it on two different levels. Anytime you want to see the privacy statement, you can click on it at the bottom of the page.
We also make it very obvious through that, which we call first-run experience. The best example is the Windows Media Player where even before you install it, the very first screen you get is a privacy note. It talks about what the product does, how it connects to the Internet, what information it exchanges with the Internet, and what choices the user has. In that case, some of the options are pretagged and the users can untag them. And in other cases, users have to physically opt into the services they want.
We think it's important to be very upfront and also to put it into context for the user, which is why the first-run experience is so important.
When we launched Windows Service Pack 2 last September, we became the first operating system to have a privacy statement in there. To date, over a million people have clicked on that privacy statements. So I think there's a growing awareness that users are interested in their privacy.
Data privacy, however, hasn't really been a priority for many governments in Asia. Do you think this could get in the way of e-commerce adoption, for example?
Cullen: Asia is a diverse region. The penetration of broadband and Internet use is high in countries like Singapore and Korea, whereas in other emerging economies in Asia, PC use and Internet use are not as predominant. That's perhaps one reason why privacy legislation has been slow to pick up in this region.
What I think you'll see, as evident in the establishment of the Asia-Pacific Privacy Framework that all countries in this region
See more CNET content tagged:
privacy, notice, MSN, Microsoft Corp., Microsoft Windows
Reading this text I can see MS is still using 20-century solution.....My system doesnt block spam,it eliminates it completly.
I've never heard of such a preposterous job title. Is it along the same lines as those with "Digital Samurai" as their title over at Google?
The term "strategist" seems to imply there's some sort-of WAR going on. Zhuge Liang would be quite disappointed to find that somehow there's a WAR on SPAMMERS... "FIGHTING THE INVISIBLE ENEMY" would be the title.
- Doesn't Even Understand The Problem
- by Stating June 13, 2005 11:12 PM PDT
- This MS guy has got to be kidding. MSN and Outlook are the solutions? What is he smoking? Today alone I was spammed two dozen times by a computer that was infected by Win32.mytob. This spamming zombie computer's intent was to infect my system too. It wasn't to sell me discount Viagra. The infected system's ISP (Birch.net) didn't detect or stop the aberrant activity, and neither did my email provider (Yahoo). My ZoneAlarm software protected me. Microsoft, you get a big fat zero!!!
- Like this Reply to this comment
-
(4 Comments)As long as Microsoft continues to be run by wingtips instead of tennis shoes, the problem will continue. Those guys don't know **** from shineola.