Microsoft Admits to Privacy Errors With Passport

Microsoft has admitted that it has not properly protected the privacy and security of people who provided personal information through Passport as it settled with the Federal Trade Commission (FTC).

The company agreed to beef up the security of Passport and be more open with customers about what it does with their personal data. The company also agreed to allow an outside audit of its practices every two years. In a significant concession, Microsoft agreed to be monitored for 20 years.

The FTC admitted that it had found no actual security breaches, and agreed that Microsoft had not shared consumer data improperly with other companies. But FTC chairman Timothy J. Muris said Microsoft was not meeting the levels of privacy protection and security that it had promised users of Passport.

Microsoft was deemed to have lied about the effectiveness of its measures to protect users' personal information — including credit card numbers collected for the Passport Wallet shopping service. It also said Microsoft had falsely claimed that purchases made with Passport Wallet were "safer or more secure" than purchases made at the same site without Passport. But the FTC ruled: "In fact most consumers received identical security at those sites, regardless of whether they used Passport Wallet to complete their transactions.”

The software company was also found to have lied when it said that it did not collect any personally identifiable information beyond that described in its privacy policy when in practice Microsoft's technical support staff would routinely tie personally identifiable information to the user's sign-in history, and hold on to that data for months.

"Good security is fundamental to protecting consumer privacy," said Muris. "We’ll take action against companies that don't keep their promises. Companies that promise to keep personal information secure must follow reasonable and appropriate measures to do so. It's not only good business, it's the law."

The FTC ruling came out of a complaint in July 2001 contending that Microsoft's privacy practices, and especially the new Windows XP operating system and services like Passport, "are designed to obtain personal information from consumers in the United States unfairly and deceptively."

You may like these other stories...

No field likes its buzzwords more than technology, and one of today's leading terms is "the cloud." But it's not just a matter of knowing what's fashionable. Accounting professionals who know how to use...
There is a growing trend of accountants moving away from traditional compliance work to more advisory work. Client demand is there, but it is up to the accountants to capitalize on that. What should accountants' roles be...
 Event Date: April 24, 2014 In this session Excel expert David Ringstrom, CPA introduces you to a powerful but underutilized macro feature in Excel. David will introduce the Macro Recorder, which transforms actions...

Upcoming CPE Webinars

Apr 17
In this exciting presentation Excel expert David H. Ringstrom, CPA shares tricks that you can use with pivot tables every day. Remember, either you work Excel, or it works you!
Apr 22
Is everyone at your organization meeting your client service expectations? Let client service expert, Kristen Rampe, CPA help you establish a reputation of top-tier service in every facet of your firm during this one hour webinar.
Apr 24
In this session Excel expert David Ringstrom, CPA introduces you to a powerful but underutilized macro feature in Excel.
Apr 25
This material focuses on the principles of accounting for non-profit organizations' revenues. It will include discussions of revenue recognition for cash and non-cash contributions as well as other revenues commonly received by non-profit organizations.