Microsoft Admits to Privacy Errors With Passport | AccountingWEB

Microsoft Admits to Privacy Errors With Passport

Microsoft has admitted that it has not properly protected the privacy and security of people who provided personal information through Passport as it settled with the Federal Trade Commission (FTC).

The company agreed to beef up the security of Passport and be more open with customers about what it does with their personal data. The company also agreed to allow an outside audit of its practices every two years. In a significant concession, Microsoft agreed to be monitored for 20 years.

The FTC admitted that it had found no actual security breaches, and agreed that Microsoft had not shared consumer data improperly with other companies. But FTC chairman Timothy J. Muris said Microsoft was not meeting the levels of privacy protection and security that it had promised users of Passport.

Microsoft was deemed to have lied about the effectiveness of its measures to protect users' personal information — including credit card numbers collected for the Passport Wallet shopping service. It also said Microsoft had falsely claimed that purchases made with Passport Wallet were "safer or more secure" than purchases made at the same site without Passport. But the FTC ruled: "In fact most consumers received identical security at those sites, regardless of whether they used Passport Wallet to complete their transactions.”

The software company was also found to have lied when it said that it did not collect any personally identifiable information beyond that described in its privacy policy when in practice Microsoft's technical support staff would routinely tie personally identifiable information to the user's sign-in history, and hold on to that data for months.

"Good security is fundamental to protecting consumer privacy," said Muris. "We’ll take action against companies that don't keep their promises. Companies that promise to keep personal information secure must follow reasonable and appropriate measures to do so. It's not only good business, it's the law."

The FTC ruling came out of a complaint in July 2001 contending that Microsoft's privacy practices, and especially the new Windows XP operating system and services like Passport, "are designed to obtain personal information from consumers in the United States unfairly and deceptively."

Wait, there's more!
There's always more at AccountingWEB. We're an active community of financial professionals and journalists who strive to bring you valuable content every day. If you'd like, let us know your interests and we'll send you a few articles every week either in taxation, practice excellence, or just our most popular stories from that week. It's free to sign up and to be a part of our community.
Premium content is currently locked

Editor's Choice

WHAT KIND OF FIRM ARE YOU?
As part of our continued effort to provide valuable resources and insight to our subscribers, we're conducting this brief survey to learn more about your personal experiences in the accounting profession. We will be giving away five $50 Amazon gift cards, and a $250 Amazon gift card to one lucky participant.
This is strictly for internal use and data will not be sold
or shared with any third parties.