October, 2010

  • A Great First Step: The Gartner Cloud Computing Bill of Rights and Responsibilities

    Posted by Ted MacLean
    General Manager, Open Solutions Group


    Ted MacLean

    Last week, I took part in a Gartner Symposium panel discussion about rights and responsibilities of cloud computing customers, a panel that mirrored the analyst firm’s recently published report developed with their Gartner Global IT Council. It was a great discussion about IT governance and the nuances that cloud computing brings into the client relationship. There were representatives from Accenture, Salesforce.com and handful of enterprise companies, so it was a virtual guarantee that opinions would vary.


    But one thing stood out through all the discussion:  despite all the customer case studies, technical specifications and beta testing that vendors provide, there’s still a high level of uncertainty among customers. Specifically, companies want to ensure that any relationship with a cloud computing vendor is designed, first and foremost, to meet the needs of their business. They also want to make sure that any applications or data deployed on a public cloud are an extension of their IT network, rather than an “island” in the cloud.  As I heard I heard one CIO on the panel say, “The issue is to balance the compelling financial case with the risk of execution and what it means for your business.”

    For all the benefits of cloud computing, business and IT executives can’t let go of the fact that they’re giving up a certain amount of control of some of their business resources. To help address these concerns, Gartner convened representatives from more than 300 enterprise companies. Their goal was to develop a bill of rights and responsibilities for cloud services that could help “standardize” what customers should and shouldn’t expect from their cloud computing vendors. The expectation is that this list will expand as cloud computing continues to develop and mature.

    Microsoft was one of a handful of vendors that provided feedback in a resulting “Vendor Response to Bill of Rights” report and we applaud efforts like Gartner’s to help customers address their concerns and fully embrace the potential of cloud computing.  Finding the right balance in addressing customer as well as vendor concerns will be critical to the development of cloud computing.  And we look forward to continuing this dialogue with our customers.  Microsoft has also worked with the Business Software Alliance to develop the BSA Cloud Computing Guiding Principles which list factors and policies that are key to promote cloud computing.

  • Government Leaders Celebrate Imagine Cup Successes

    More and more government officials are recognizing that, for their country or region to thrive, they need to foster local innovation.  And to do so, they are increasingly looking to students – especially those studying science, technology, engineering and math (STEM) – as the key to success.  

    Over the past 4 months, Imagine Cup students from across the globe who won their regional competitions have been celebrated by their government leaders for their technological feats.  These leaders recognize that it’s not enough to just hope that students study STEM fields.  They acknowledge the importance of prestigious technology competitions such as the Imagine Cup in inspiring students to get excited about and pursue an education or career in science and technology.

    With more than 325,000 students registering worldwide last year, the Imagine Cup is now the world’s premier student technology competition – challenging students to use technology to solve the world’s toughest problems.   As you’ll see in the photos below, the finalists of last year’s competition have been hailed as national heroes because of their creative thinking and passion for designing solutions to solve real-world problems. 

    Last week, New York City mayor, Michael Bloomberg, literally brought the point home about the importance of innovation to drive growth when he announced the city’s partnership with Microsoft to host the Imagine Cup 2011 Worldwide Finals next July.

    Enjoy this celebration of the confluence of ingenuity and social consciousness!

    United States

    Christian Hood (hidden) and Wilson To (second row, far left) on stage with President Obama during his address to kick off the White House Science Fair.

    On October 18th, two Imagine Cup 2010 finalists were invited to participate in the first annual White House Science Fair. Wilson To from the Mobilife team and Christian Hood from BeastWare had the opportunity to meet President Obama, standing among 60 students from across the nation that were recognized for their creative thinking and innovations in science, technology, engineering and math. You can read more about the White House Science Fair on the Imagine Cup blog.

  • Shout from Cape Town: Microsoft Announces Global Technology Program for Teachers and Students to Address Environmental Issues

    Posted by Anthony Salcito
    Vice President for Worldwide Education

    This week I’m in Cape Town, South Africa and lucky enough to be surrounded by some of the most innovative education leaders, teachers and administrators in the world. We’re all gathered here for the sixth annual Worldwide Innovation Education Forum (IEF), the first time for the event ever to be held on African soil.

    Attendees of this event include more than 500 educators, school leaders and government officials representing over 60 countries that continue to creatively and effectively use technology in their curriculum to help improve the way students learn. This is the worldwide finale of a year’s worth of country and regional events, during which 200,000 participants were whittled down to 125 teacher finalists presenting at IEF this week.

  • New Paradigms for Scientific Discovery and Research Funding

    Posted by Dan Reed
    Corporate Vice President, eXtreme Computing Group and Technology Strategy & Policy

    Throughout the history of science, back to the days of the Renaissance, data has been scarce and precious.  But today, riding the same technological economics that have given us inexpensive computing and ubiquitous sensors, scientists have the ability to capture data at a previously unimaginable scale.  In all domains, scientists and researchers are drowning in data.  They've gone from scarcity to an incredible richness, necessitating a sea change in how they extract insight from all this data.  

    In a parallel shift, our scientific questions and problems increasingly lie at the intersections of traditional disciplines—for example, the recent U.S. oil spill in the Gulf.  Understanding the complexities of what it means for oil distribution in water is a problem related to computational fluid dynamics, but understanding the impact of that oil on the marine ecosystem is a biological problem.  To fully understand the issue, researchers from multiple disciplines—from different cultures, using different research tools—have to unite to build models and analyze data from diverse sources.  

    With this has come an insatiable demand for easy-to-use tools and computing support, unfortunately requiring many researchers to assume additional systems administrator roles. These researchers often spend inordinate amounts of time maintaining the computing systems they require to do their research rather than devoting their time and talents to the research itself.  The cost to maintain and refresh this computing infrastructure is becoming a larger and larger burden, and the economics are unsustainable.  As a result, much of our research funding climate has focused (because of the power of computing for scientific discovery) on refreshes and repeated deployments of infrastructures on research campuses and laboratories.  Yet at even the best funded research organizations, the majority of researchers do not have access to the computing resources they need. 

  • Organizational Accountability is Key to Protecting Users’ Privacy

    Posted by Peter Cullen
    Chief Privacy Strategist

    This week, more than 400 policymakers, privacy advocates and industry representatives will be converging in Israel for the 32nd International Conference of Data Protection and Privacy Commissioners.

    The conference has commenced this morning in Jerusalem, a city of both ancient traditions and thoroughly modern influences, and I was reminded of how that same dynamic is true of privacy in the Internet age.  Yesterday marked the 30th anniversary of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.  These privacy guidelines have served as the basis for numerous privacy laws in place across the globe.  Yet, even these privacy principles need to keep pace with the changing information environment.  In my remarks today at a panel discussion titled “Notice and Consent:  Illusion or Reality?”, I suggested that individual participation through mediums such as notice and consent remains important to safeguarding users’ privacy, but by itself does not afford enough protection.  This is particularly true given the explosion of information collection and use that is the fuel of today’s Internet economy. The same is true of the various legal frameworks that govern data collection, usage, and sharing.  Both are important, but neither is sufficient on its own.

    Alongside individual participation and regulatory oversight, another vital aspect of privacy protection is often overlooked: the role and responsibility of the organization in maintaining and protecting personal data.

    Microsoft’s view, as outlined in a new white paper released today at the conference, is that organizations’ privacy policies and data management practices most directly influence whether users’ personal information is kept safe or exposed to risk. Therefore, we believe that organizations—including Microsoft—must hold themselves accountable for acting to protect users’ interests and taking appropriate measures to safeguard privacy and personal data, even in the absence of specific regulatory mandates.

  • Responding to Shareholder Input on Executive Relocation Policy

    Posted by John Seethoff
    Vice President and Deputy General Counsel

    I’ve blogged in the past that we believe effective corporate governance should include regular, constructive conversations with shareholders and other stakeholders.  We have put this into practice by actively listening to our shareholders and seeking input several times each year. Shareholders regularly communicate with our board directly via email.  Additionally, this year as part of our annual shareholder meeting shareholders can submit questions in advance via our investor relations website.

    This ongoing exchange has provided insights that contributed to changes in our corporate governance framework, such as giving shareholders the right to call special shareholder meetings.  This ongoing dialogue also played an important role in our decision to hold an advisory vote on executive compensation (also referred to as “Say-on-Pay”).  The first vote took place last November at our annual meeting, where nearly 99 percent of the votes received supported our compensation policies. 

    While our shareholders strongly supported our overall compensation program, we continually consider input from shareholders and review our compensation and other corporate governance policies.  Last fall after filing our 2009 proxy statement, we announced an update to our policy on relocation benefits.  In a few instances in recent years the company had agreed to accept risk on the re-sale of an executive officer’s former home, but the collapse of the housing market led to unanticipated costs for Microsoft.  As a result, we announced that we were extending the period for repayment of certain relocation benefits, so that if an executive voluntarily leaves Microsoft within two years of joining the company we can recover amounts paid for relocation assistance.  Our previous policy had been to require reimbursement of relocation assistance only if an executive left Microsoft within one year.

    Based on additional input from several shareholders and our ongoing review of our policies, we are now taking additional steps to reduce the company’s exposure on relocation costs by including reasonable caps on the total relocation benefit that would be paid to an executive officer.  We also are lengthening the recovery period for any relocation payments to match any longer recovery period that would apply to a signing bonus paid to the executive.  For example, if the signing bonus recovery period established for an incoming executive is three years, then under our new policy the recovery period for relocation assistance would also be three years.

  • Microsoft Signs ABA’s Disability Diversity Pledge for Change

    Posted by Mary Snapp
    Corporate Vice President and Deputy General Counsel
    Executive Sponsor for LCA Diversity and Inclusion

    Microsoft’s Legal and Corporate Affairs department is very pleased to announce that it has signed the American Bar Association’s “Pledge for Change:  Disability Diversity in the Legal Profession. “  As a signatory to the Pledge, Microsoft affirms its commitment to the inclusion of people with disabilities as an integral part of its diversity efforts for the legal department and the legal profession.   Microsoft has also committed to encouraging other legal departments and law firms with whom it works to make similar commitments.  For more information from the ABA on the Pledge see http://new.abanet.org/disability/Pages/Pledge.aspx.

    National Disability Employment Awareness Month provides the perfect moment for Microsoft to reaffirm its view that people with disabilities are equal participants in this industry-wide dialogue and in Microsoft overall effort to promote inclusion and diversity in the legal profession.   

    Microsoft strives to promote diversity overall within the legal profession.  Microsoft is a founding member of the Leadership Council on Legal Diversity www.lcldnet.org and has long been a signatory to the Council’s Call to Action.  In addition, Microsoft has developed a Law Firm Diversity Program to encourage diversity within law firms representing Microsoft.

    Microsoft is also a proud sponsor of the National Association of Law Students with Disabilities (www.nalswd.com).  Disability issues are a regular part of many panels, programs and presentations on legal diversity at Microsoft and we are honored to be recognized for our work in the book Disability and Business:  Best Practices and Strategies for Inclusion, by author Charles Riley, who identified Microsoft as one of the top two U.S. employers for people with disabilities.

  • Making Washington State the Best Place to Live, Work and Raise a Family

    By Brad Smith
    Senior Vice President and General Counsel

    Today I had the opportunity to speak at the annual regional leadership conference sponsored by the Greater Seattle Chamber of Commerce.  Although the name might suggest that this is just about business issues, in fact the conference attendance extended far beyond the leadership of the business community.  It included leaders from organized labor, the environmental community, social service organizations, and many other stakeholder groups.

    As I had a chance to meet and chat with various conference attendees, I was struck not by our differences, but by what we all have in common.  While different individuals sometimes come from different political stripes and have different priorities, everyone shared a genuine desire to make our state the best possible place in which to live, work, and raise a family.  And, regardless of the election’s outcomes, it is more important than ever that we continue to come together to think and talk in the broadest possible terms about what is in the best interest of the state.

    Of course we’ll never agree on everything when it comes to a vision for what our state should be.  But if we can start by focusing on long-term goals and discuss each other’s perspectives, there is a real opportunity to develop a consensus vision that is more powerful than anything that any one constituency can advance by itself. 

  • Microsoft Donates $3 Million to Kids in Need of Legal Defense

    Posted by Brad Smith
    Senior Vice President and General Counsel

    Microsoft is very pleased to announce another $3 million, three-year donation to Kids in Need of Defense (KIND), just two years after we helped establish the organization with a similar investment.

    KIND is a pro bono organization dedicated to providing legal representation to the roughly 8,000 unaccompanied immigrant and refugee children in the U.S. who face deportation hearings. It is great to see the progress KIND has made since its launch. Up and running in seven cities throughout the U.S., KIND has helped nearly 2,000 children, ranging from 2 to 18 years old, from more than 35 countries. This has been possible through the training and support of lawyers from more than 60 law firms and corporate legal departments who have donated their time to represent these children in immigration court proceedings.

  • Working with Law Enforcement on the Cutting Edge of Cloud Security and Online Safety

    Posted by Richard Boscovich
    Sr. Attorney, Digital Crimes Unit

    Eighteen years ago, when I first joined the Department of Justice as an assistant U.S. attorney in the southern district of Florida, the concept of cybercrime wasn’t on anyone’s radar. People might have heard the term “hacker,” but with the Internet still in its infancy, the idea that criminals might one day exploit digital technology to commit fraud and theft and to victimize people, including children, on a global scale was more science fiction than looming threat.

    As I stated in a recent interview with the blog TechFlash, around 1995, the DOJ initiated a program to focus on computer and telecommunications crime and since that time, the need for law enforcement agencies, at every level and in every jurisdiction, to have the capacity to investigate and prosecute computer-enabled crime has only grown. That need is at the heart of Microsoft’s Digital Crimes Unit and it’s the sole purpose behind DCU’s annual conference, the Digital Crimes Consortium, being held this week in Montreal, Canada.

    The Digital Crimes Consortium is a unique gathering of more than 300 law enforcement officials and members of the technology security community from around the world; they convene each year for frank discussions about the evolving cybercrime threat landscape and to share the latest technologies, techniques and thinking on combating digital crime. The event also serves as an opportunity for technical experts to provide training and share information and available resources with law enforcement officers.

  • Microsoft's Commitment to Protecting Consumer Privacy Online

    Posted by Michael Hintze
    Associate General Counsel, Microsoft Corporation

    At Microsoft, we are committed to protecting consumers’ privacy online. There has been renewed public attention on online data collection practices and the use of that data to personalize the advertising and other content displayed online. Microsoft has been engaged and working on these important privacy issues for many years.

    For instance, we participated in a recent series of privacy roundtables conducted by the Federal Trade Commission (FTC) that addressed these very topics, and have worked with the Commission as it developed privacy guidelines covering this type of data collection and usage.  We have testified in a Congressional hearing on the topic of online behavioral advertising.  And we’ve worked with industry groups in developing new privacy protections designed to increase transparency and user control with regard to online targeted advertising.

  • Microsoft Supports Moving Forward on Privacy

    Posted by Frank Torres
    Director of Consumer Affairs, Microsoft

    Microsoft has long encouraged Congress to pass a robust law to protect consumers’ privacy. In a letter sent to Capitol Hill this week, Microsoft and other companies express support for a bill, HR 5777, proposed by Congressman Bobby Rush, which hits the mark, improving on earlier proposals.  HR 5777, the BEST PRACTICES Act, would require consumers be told in clear and simple terms about what information from them is being collected, how it is being used, and who gets to see it.  The bill also provides that consumers be given choices about the collection and use of their data and understandable and easy to use control options. The Rush Bill is a balanced approach that protects consumer privacy while allowing for continued innovation so companies can give consumers the online services and products they want.  That is why companies like Microsoft, eBay and Intel are supporting the approach taken by Congressman Rush.  While Microsoft and other companies already take measures to protect consumer privacy, from internal practices that govern how data is handled to providing consumers with privacy tools, HR 5777 improves consumer and business confidence in today’s technology driven environment. As Congress considers privacy legislation in the coming sessions, HR 5777 serves as a productive privacy model.

  • The Need for Global Collective Defense on the Internet

    Posted by Scott Charney
    Corporate Vice President, Trustworthy Computing
    For more than two decades, people have struggled to understand the cyber threat, evaluate the risks to individuals, organizations (including nation-states), and society at large, and craft appropriate responses. Although many organizations have invested significantly in information assurance, most computer security experts believe that a well-resourced and persistent adversary will more often than not be successful in attacking systems, especially if raising defenses is the only response to an attack. For this reason, increasing attention is being paid to deterring such attacks in the first instance, especially by governments that have the power to investigate criminal activity and use a wide range of tools to respond to other public safety and national security concerns.
    Notwithstanding this emerging discussion, it appears to many people that neither governments nor industry are well-positioned to respond to this highly complex threat and that, from a policy and tactical perspective, there is considerable paralysis. In my Rethinking Cyber Threats and Strategies paper I discuss a framework for categorizing and assessing cyber threats, the problem with attribution, and possible ways for society to prevent and respond to cyber threats.
    In my speech today at the International Security Solutions Europe (ISSE) Conference in Berlin, Germany, I proposed one possible approach to addressing botnets and other malware impacting consumer machines.  This approach involves implementing a global collective defense of Internet health much like what we see in place today in the world of public health. I outline my vision in a new position paper Microsoft is publishing today titled “Collective Defense: Applying Public Health Models to the Internet.”

  • Microsoft’s 2010 Citizenship Report Released

    Microsoft recently released its 2010 Annual Report, and this week, we also released our Microsoft 2010 Citizenship Report.

    The 2010 Microsoft Citizenship Report offers insight on Microsoft’s approach and outlook on economic, social, and environmental issues, as well as reporting on progress. How we conduct ourselves and our business is as important as delivering quality products and services. Our Citizenship goals and performance are a reflection of how we hold ourselves accountable as a global corporate citizen.

    For more information and to download the complete report, start by reading this intro letter from Steve Ballmer and visiting the Microsoft UP blog. You can also review the 2010 Citizenship report online or download a copy here.

  • Stop. Think. Connect: Microsoft, government and industry join forces to promote online safety

    Posted by Jacqueline Beauchere
    Director, Trustworthy Computing Communications – Privacy & Online Safety

    National Cyber Security Awareness Month in October is the designated time of year when individuals and organizations are encouraged to take stock of computing security and their online habits and practices, to help provide a safer, more secure and trusted experience – for themselves, their families, companies and businesses, even nation-states.

    This year, NCSAM is even more compelling than years past, as it marks the launch of Stop. Think. Connect., a messaging platform that several members of the high-tech industry, businesses, government agencies, and non-profits will use when communicating about computing security, privacy and online safety.  These organizations will also be touting the notion:  Safer for me, more secure for all, to demonstrate that taking steps to help ensure personal online safety and security can reap rewards across cyberspace.

    The messaging work started with a request from the White House; the President called for a national public awareness campaign for computing safety and security, similar to what Smokey Bear did for helping to prevent forest fires.   The White House and the Department of Homeland Security (DHS) jointly spearheaded the effort on the public side.  On the private side, it was the National Cyber Security Alliance (NCSA) and the Anti-Phishing Working Group (APWG) that led the Online Consumer Security and Safety Messaging Convention, now known as the “Stop.  Think.  Connect.” Messaging Convention.  

    Here’s a current list of members:  ADP, AT&T, AVG, Costco, ESET, Facebook, Google, Intel, Intuit, McAfee, PayPal, RSA, Science Applications International Corporation (SAIC), Symantec, Trend Micro, Microsoft, Verizon, VeriSign, Visa, Walmart, Yahoo!, and a number of federal agencies and departments, namely: the Departments of Commerce, Homeland Security, and Justice; the Federal Bureau of Investigation, the Federal Trade Commission, and the Internal Revenue Service.

  • Microsoft sues Motorola over Android patent infringements

    Posted by Horacio Gutierrez
    Corporate Vice President and Deputy General Counsel

    As many of you may have seen, Microsoft filed an action today in the International Trade Commission and in the U.S. District Court for the Western District of Washington against Motorola, Inc. for infringement of nine Microsoft patents by Motorola’s Android-based smartphones.  We have released a press statement about our suit, but I thought I would provide a bit more context here around the innovations infringed by Motorola’s Android-based smartphones and how our suit fits into ongoing developments in the smartphone space.

    As we all know, smartphones have become an integral part of people’s daily lives and are used for a variety of tasks beyond making phone calls; from watching video and listening to music to staying in touch with family and friends. The Microsoft innovations at issue in this case help make smartphones “smart.”  Indeed, our patents relate to key features that users have come to expect from every smartphone.  The ability to send and receive email on-the-go has driven smartphone adoption.  Nowadays, everyone expects to receive e-mail from multiple services in real time, to read it on their phones, and to reply or send new messages out – in continuous and seamless synchronization with their email services.  Microsoft’s Exchange ActiveSync, a proprietary technology that we developed, makes this possible. 

    But people manage more than email from their devices, they manage their lives.  Users can not only send and receive email from smartphones; they can also manage their calendars.  Their phones will remind them of appointments and allow them to schedule new ones.  Similarly, users maintain lists of contacts on their phones, so that they can easily stay connected – by phone, text message, or email – to the people they interact with most.  Again, our technology enables people to see their calendar and email contacts on their phone, and to manage their calendar and contacts from whatever device they are using.

    People use smartphones for much more as well:  they surf the web, play music and videos, and run apps.  Consumers expect more and more from their smartphones every day, making their phones resemble not so much a phone as a handheld computer.  Of course, for certain apps to run efficiently on handheld devices, they must be notified of changes in signal strength and battery power and the device must manage memory for storing data.  Given the wide range of functionality smartphones offer, they also need to be able to display relevant choices for users efficiently.  Microsoft’s patented technologies tackle all of these challenges.

  • Microsoft recognized for privacy-enhancing identity management technology

    Posted by Brendon Lynch
    Chief Privacy Officer and Senior Director, Trustworthy Computing

    Last night, Microsoft was honored to accept the 2010 HP-IAPP Privacy Innovation Award for Technology.  The award was presented by the International Association of Privacy Professionals (IAPP), the world’s largest association of privacy professionals, during the IAPP Privacy Academy conference in Baltimore, MD, USA.
    We won the award for U-Prove, a security and privacy-enhancing technology that helps people protect their identity-related information. U-Prove uses tokens that make it possible for people to protect their identities by enabling them to disclose only the minimum amount of information needed for a transaction – sometimes no personal information may be needed at all.
    We are delighted that our fellow privacy professionals have recognized the innovative nature of the U-Prove technology and Microsoft’s commitment to enable privacy in identity systems.  We have taken an initial step to make the U-Prove technology broadly available to software developers under an open source license.