Posted by Michael Hintze Associate General Counsel, Microsoft Corporation
At Microsoft, we are committed to protecting consumers’ privacy online. There has been renewed public attention on online data collection practices and the use of that data to personalize the advertising and other content displayed online. Microsoft has been engaged and working on these important privacy issues for many years.
For instance, we participated in a recent series of privacy roundtables conducted by the Federal Trade Commission (FTC) that addressed these very topics, and have worked with the Commission as it developed privacy guidelines covering this type of data collection and usage. We have testified in a Congressional hearing on the topic of online behavioral advertising. And we’ve worked with industry groups in developing new privacy protections designed to increase transparency and user control with regard to online targeted advertising.
Posted by Frank TorresDirector of Consumer Affairs, Microsoft
Microsoft has long encouraged Congress to pass a robust law to protect consumers’ privacy. In a letter sent to Capitol Hill this week, Microsoft and other companies express support for a bill, HR 5777, proposed by Congressman Bobby Rush, which hits the mark, improving on earlier proposals. HR 5777, the BEST PRACTICES Act, would require consumers be told in clear and simple terms about what information from them is being collected, how it is being used, and who gets to see it. The bill also provides that consumers be given choices about the collection and use of their data and understandable and easy to use control options. The Rush Bill is a balanced approach that protects consumer privacy while allowing for continued innovation so companies can give consumers the online services and products they want. That is why companies like Microsoft, eBay and Intel are supporting the approach taken by Congressman Rush. While Microsoft and other companies already take measures to protect consumer privacy, from internal practices that govern how data is handled to providing consumers with privacy tools, HR 5777 improves consumer and business confidence in today’s technology driven environment. As Congress considers privacy legislation in the coming sessions, HR 5777 serves as a productive privacy model.
Posted by Scott CharneyCorporate Vice President, Trustworthy Computing For more than two decades, people have struggled to understand the cyber threat, evaluate the risks to individuals, organizations (including nation-states), and society at large, and craft appropriate responses. Although many organizations have invested significantly in information assurance, most computer security experts believe that a well-resourced and persistent adversary will more often than not be successful in attacking systems, especially if raising defenses is the only response to an attack. For this reason, increasing attention is being paid to deterring such attacks in the first instance, especially by governments that have the power to investigate criminal activity and use a wide range of tools to respond to other public safety and national security concerns. Notwithstanding this emerging discussion, it appears to many people that neither governments nor industry are well-positioned to respond to this highly complex threat and that, from a policy and tactical perspective, there is considerable paralysis. In my Rethinking Cyber Threats and Strategies paper I discuss a framework for categorizing and assessing cyber threats, the problem with attribution, and possible ways for society to prevent and respond to cyber threats. In my speech today at the International Security Solutions Europe (ISSE) Conference in Berlin, Germany, I proposed one possible approach to addressing botnets and other malware impacting consumer machines. This approach involves implementing a global collective defense of Internet health much like what we see in place today in the world of public health. I outline my vision in a new position paper Microsoft is publishing today titled “Collective Defense: Applying Public Health Models to the Internet.”
Microsoft recently released its 2010 Annual Report, and this week, we also released our Microsoft 2010 Citizenship Report.
The 2010 Microsoft Citizenship Report offers insight on Microsoft’s approach and outlook on economic, social, and environmental issues, as well as reporting on progress. How we conduct ourselves and our business is as important as delivering quality products and services. Our Citizenship goals and performance are a reflection of how we hold ourselves accountable as a global corporate citizen.
For more information and to download the complete report, start by reading this intro letter from Steve Ballmer and visiting the Microsoft UP blog. You can also review the 2010 Citizenship report online or download a copy here.
Posted by Jacqueline BeauchereDirector, Trustworthy Computing Communications – Privacy & Online Safety
National Cyber Security Awareness Month in October is the designated time of year when individuals and organizations are encouraged to take stock of computing security and their online habits and practices, to help provide a safer, more secure and trusted experience – for themselves, their families, companies and businesses, even nation-states.
This year, NCSAM is even more compelling than years past, as it marks the launch of Stop. Think. Connect., a messaging platform that several members of the high-tech industry, businesses, government agencies, and non-profits will use when communicating about computing security, privacy and online safety. These organizations will also be touting the notion: Safer for me, more secure for all, to demonstrate that taking steps to help ensure personal online safety and security can reap rewards across cyberspace.
The messaging work started with a request from the White House; the President called for a national public awareness campaign for computing safety and security, similar to what Smokey Bear did for helping to prevent forest fires. The White House and the Department of Homeland Security (DHS) jointly spearheaded the effort on the public side. On the private side, it was the National Cyber Security Alliance (NCSA) and the Anti-Phishing Working Group (APWG) that led the Online Consumer Security and Safety Messaging Convention, now known as the “Stop. Think. Connect.” Messaging Convention.
Here’s a current list of members: ADP, AT&T, AVG, Costco, ESET, Facebook, Google, Intel, Intuit, McAfee, PayPal, RSA, Science Applications International Corporation (SAIC), Symantec, Trend Micro, Microsoft, Verizon, VeriSign, Visa, Walmart, Yahoo!, and a number of federal agencies and departments, namely: the Departments of Commerce, Homeland Security, and Justice; the Federal Bureau of Investigation, the Federal Trade Commission, and the Internal Revenue Service.