This morning at the Family Online Safety Institute Conference in Washington, D.C., Peter Cullen, GM Trustworthy Computing Group and Chief Privacy Strategist for Microsoft delivered the following keynote address:


Good morning.  Thank you for having me.  It is a privilege to be among such an impressive collection of worldwide experts in cutting-edge fields.


The world is a complicated place, and companies need to think about the complex issues of Internet freedom, safety and citizenship.  In our view Companies need to think differently about these issues and consider making investments in perhaps different ways to help address these complex issues – both internally and how they partner with governments, law enforcement agencies, industry and civil society.  It is fitting that the title of this conference is “Internet Freedom, Safety and Citizenship.” But it is even more fitting that your theme is what “action” is required.


What I wanted to do today is share a bit about why Microsoft thinks these issues are so key to our business and to the successful growth of our internet economy and a bit about how we think about investments to help deal with the myriad of issues that exist today.  The “how” we do it is less about Microsoft but more about sharing our experience in the hopes that it may give other organizations some ideas that will work for them.


You may have noticed I have the title of Chief Privacy Strategist,  but I also have responsibility for what we call Online Trust and Safety along with Freedom and Expression as well as Accessibility and GeoPolitical.


As more of the world’s information, commerce, and communications move to digital form, doors are being opened to a new world of connected experiences where we are able to create and share information quickly and seamlessly.   At the same time, concerns about the collection and use of personal data, security and data breaches, and online fraud and identity theft, children’s online safety threaten to erode public confidence in the computing ecosystem and slow the advance of digital commerce. 


At Microsoft, we look at privacy and “online trust and safety” as separate but inter-related disciplines – one of the reasons these core strategic areas are anchored together.  People have high expectations about how we and other Internet companies collect, use, and store their information.   People must trust that their privacy and safety will be protected. This means that Microsoft, and all companies operating online, must adopt strong privacy practices that build trust with its customers. Microsoft has a deep and long-standing commitment to consumer privacy.  They also expect us to help provide a safer online experience for themselves and their families.  Do this and we earn “Trust” – this one reason is why these core areas are of such importance to Microsoft.  As the world’s largest software company, we believe that technology has the capacity to help improve the lives of people everywhere. But without trust, this vision will not be realized.


The enormous benefits and opportunities the Internet enables require a strong commitment to privacy & safety.  We address these issues via a four-part strategy: providing and investing in technology, partnerships with others, and by offering guidance and education to consumers. Core to all of this is an internal foundation of policies and practices that help us meet our commitments.  We understand shared goals are achieved by working with an ecosystem of committed partners, including governments, non-governmental organizations (NGOs), international organizations, other businesses, academics, and citizens.   We are strong advocates for:  using technology to strengthen economies and address problems faced by society; the benefits of an open, fair, and safe Internet; and the responsibilities we have to operate our business in a responsible and sustainable manner.


We have been working in the privacy and online safety space for more than 15 years. In fact, one of the first major events we joined with a number of you here on in 1997 was the “Online Summit for Children.”  We continue to enjoy rich partnerships with many of you as we help educate consumers.  We offer guidance to help people maintain online safety and privacy; we provide guidance to help partners develop software with privacy and safety in mind. Our consumer site, Protect site, which focuses on safety and privacy content, gets 1 million hits per month.


We are committed to building trust with our customers and in our brand by maintaining the integrity of our services and helping prevent online harms through proactive education and the active protection of users from exploitation, abuse, criminal activity or exposure to objectionable content enabled by computing systems, online services, or other users. 


An example of privacy and safety in action is our newest gaming device called the Kinect for X-Box that launched last week.   The Kinect experience was also integrated into Xbox’s overall Family Settings, putting parents in control of their family’s safety. Fifteen controls allow parents to decide, among other things, what games their children can play and whether they can play online. Children are required to get parents’ permission to use Kinect online, and parents can set restrictions on online play. Sharing of videos, voice, chat, and personal information can be controlled through Family Settings.  There’s a special setting called Kinect Sharing that allows parents to determine whether photographs taken by certain games can be shared online to social media sites.  We have a Kinect here at the conference, I hope you will take a minute to visit the Microsoft table in the lobby to experience the Kinect; it’s a blast! 


But none of these areas will work unless we have an ability to live up to our promises. We call this internal Governance. While our governance infrastructure around privacy is more mature, the same model for privacy is being adopted for Online Trust and Safety.    Today, we have more than 35 full-time employees and over 400 part-time employees that help us meet our overall commitments to privacy and OLTS in all of our product, service and process designs.  Products simply can’t ship before they have gone through and assessment against our goals.  This is, of course, supplemented by policies, standards, tools, training and internal community-building efforts.


Our efforts are aimed at meeting our commitments to provide people greater control over how their personal information is collected, shared and used and helping protect people from threats like identity theft.  Through parental control tools on a wide range of our products, including Windows Live Family Safety – all of which are available for free – we also strive to give parents, teachers and caregivers more control over the content and contacts.


Lastly, I want to touch on our approach freedom of expression.       One of the things we have heard loud and clear is that there are international expectations of companies to both help address online safety, public safety and child protection concerns.  We're proud of the voluntary steps we've taken in this regard and we think strong governance is essential.  Equally, we hear the international expectations that companies take steps to ensure due respect for fundamental rights to freedom of expression. We think investing in this area is key to advancing a safer and more free internet economy.       Microsoft is committed to protecting and advancing human rights throughout the world.  Along with Google, Yahoo!, academics, investors and human rights advocates, we helped form the Global Network Initiative to provide a systematic way to collaborate and develop guidance on the steps we take to integrate the principles of freedom of expression into every aspect of our business. 


As part of Microsoft’s internal effort to tackle all of these issues – privacy, safety and freedom of expression – we tried to remove the silos and figure out the best way to integrate all of these issues into our operating procedures.  So too,  we had to do a great deal of thinking about how we balanced compliance without stifling innovation and how we would marry high ethical standards with effective governance structures.     In this way we are approaching our commitment to Freedom of expression is the same building block way as we have invested in privacy and OLTS


Privacy, safety and freedom of expression issues are all critical imperatives for a balanced corporate citizenship program.  They are also complex, nuanced and dynamic issues that will continue to evolve as new technologies and services present both new benefits and risks.   While there are no concrete answers with respect to addressing these issues, there are two clear imperatives.


The first is that these issues need to be addressed in a holistic fashion – partnership; education & awareness, technology tools and effective public policy will all play a role.  Industry, governments, consumer groups, law enforcement, NGOs and technology users themselves all have a role to play in helping build a safer, more trustworthy online ecosystem.


The second imperative is that companies need to invest more in this space. They need to develop and implement more “accountable” governance structures that ensure their commitments are backed up with actions.              For Microsoft, this level of investment is simply part of the way we do business – there is no question of the ROI.


I suggest that we all need to think more deeply about our level of investment.          I look forward to furthering all of these goals as we work together to raise and discuss these issues in the context of this very important conference – and beyond.  I hope this brief tour of how Microsoft thinks about these issues will provide with some action oriented opportunities.


Thank you.