Online privacy: a continuous innovation agenda
Innovation in the ICT sector has transformed how a large segment of the world's population works, communicates, learns, shops and plays. Today's online consumer benefits from unprecedented access to information and services - and most of it for free.
Thomas Myrup Kristensen, Director, EU Internet Policy, Microsoft
Online advertising is one of the main reasons why this is possible. Simply stated, the Internet would not be the extraordinarily diverse and useful medium it has become without advertising. This is because an important aspect of the Internet is the personalised experience it provides for users. To achieve this, businesses sometimes collect information relating to individual computers in order to provide Internet users with both free content and advertising tailored to their specific interests, particularly as expressed in the search terms they use to locate content. Although this enables great benefits, it may also cause consumer anxiety: many people feel uncomfortable that their online activities may be tracked and stored, including search terms and sometimes even the words they use in e-mails. This obviously undermines their confidence in the privacy of the wonderful new world of the Internet.
That is why Microsoft is working to create a ‘new climate of confidence' in the Internet by empowering consumers with the knowledge and tools they need to take privacy protection into their own hands; build privacy-consciousness into the very way it runs the business; taking the lead with industry and governments to create greater protections for internet privacy; and helping safeguard the Internet with innovative technologies.
Thomas Myrup Kristensen, Director, EU Internet Policy at Microsoft, explains what this means in practice. “Microsoft was one of the first companies to appoint a Chief Privacy Officer, an action taken nearly a decade ago, and currently employs over 40 people who focus on privacy full-time, and another 390 people who focus on it as a part of their jobs. They help to ensure that privacy policies and guidelines are adhered to, and that customer privacy and data protection are systematically incorporated into the development and deployment of Microsoft's products and services,” he says.
About six years ago, Microsoft launched the Trustworthy Computing Initiative, which made improving security, privacy, reliability and business practices a central focus when developing software and services at Microsoft. “A key element of this Initiative is a process called the Security Development Lifecycle, which is a rigorous development process that every piece of packaged and online software goes through to ensure that our products are ‘secure by design, secure by default and secure in deployment',” says Thomas Myrup Kristensen. This process includes the Microsoft Privacy Standards for Development, which establishes a set of rules and guidelines to help ensure that privacy considerations are dealt with from the outset of software development. (For further information see www.microsoft.com/twc.)
The principles outline Microsoft's worldwide policies on the retention of search data. An important part of this is the commitment to make all Live Search query data anonymous after 18 months. This is done by permanently removing all crosssession identifiers, including the entirety of a device's IP address (a number that is assigned to a computer when it accesses the Internet).
Microsoft's privacy principles also spell out how the company works to make sure that customers' information remains safe. “We have designed our online advertising platform to only use data for ad targeting that does not personally and directly identify individual users. For example, Microsoft does not scan e-mails for advertising purposes and we store search terms separately from account information – such as names and e-mail addresses that personally and directly identify an individual,” says Thomas Myrup Kristensen. The comprehensive list of Microsoft's principles can be found at http://www.microsoft.com/privacy.
The bottom line is this: data protection is a continuous journey, not a single destination. Protecting privacy is a core value of Microsoft's culture, and the company is committed to continuous innovation to bring the benefits of transparency, consent and security to the protection of consumers' data and privacy online.