Microsoft Makes Federal Privacy Push

Microsoft has begun advocating for privacy legislation at the federal level. In a speech to the Congressional Internet Caucus, Microsoft general counsel Brad Smith argued that such legislation was needed to protect consumers and provide businesses with clear guidelines on how to protect sensitive data.

Three factors have contributed to Microsoft's decision to get behind federal legislation. A mish-mash of laws at the state, federal and international levels creates confusion, Smith explained. While the laws mean well, they can overlap or be inconsistent from state to state, and, in some cases, not be strong enough.

"A single federal approach will create a common standard for protection that consumers and businesses can understand and count on," said Smith.

Furthermore, Microsoft sees the increasing wariness of online commerce among Internet users as a threat to the success of the industry overall. With several high-profile cases of misplaced or lost information, as well as identity theft occurring in recent months, consumers need assurances that their data will not fall into the wrong hands.

"Individuals will not take full advantage of the Internet or any commercial medium if they believe that their information or data could be compromised or disclosed in unexpected ways," Smith said.

Such a concern leads into the Redmond company's third reason behind the push for privacy laws: consumers wanting more control over who has their personal information.

Smith said that laws must be put into place that makes this gathering process more transparent to consumers. That way, individuals know who can access their personal information and to whom it is being disclosed.

"We've seen a spate of legislative activity in the aftermath of several highly publicized data breaches, but for consumers, the reality is still pretty daunting," he explained.

Microsoft will call for four principles to be part of any legislative package: a standard for data collection, increased transparency in collection and disclosure practices, more control for consumers as to who may see or use their personal information, and assurances as to a minimum level of security required when data is being stored or in transit.

According to Peter Cullen, Microsoft's privacy strategist, such procedures are already being woven into the company's line of products. Microsoft has long been criticized for its lax security, which in recent years it has gone to great lengths to fix.

"We have woven privacy into the DNA of Microsoft, from product development to deployment, and decisions are made with privacy in mind," Cullen said.

"A comprehensive legislative approach to privacy that applies across the country would be part of the solution to give all consumers strong privacy and security protection, and allow everyone to realize the full potential that the Internet and technology can provide."