BARBELITH underground
 

Subcultural engagement for the 21st Century...
Barbelith is a new kind of community (find out more)...
You can login or register.


Underground > Laboratory >

Passport Control - Microsoft Lied, Attacked, Caved

  
 
w1rebaby
09:47 / 09.08.02
Yahoo News: U.S., Microsoft Settle Privacy Charges

WASHINGTON (Reuters) - Microsoft Corp. agreed on Thursday to submit to 20 years of U.S. government oversight of its online identity service in order to settle charges that it misled consumers about security and privacy standards...

..."They were saying that they had reasonable and appropriate security procedures. We thought those promises were deceptive," FTC Chairman Timothy Muris told reporters, adding that he was unaware of any breaches to the system.

Microsoft agreed to stop making false claims about Passport's data-collection practices and security protections, and agreed to set up an enhanced computer-security system that must pass independent review every two years, for a period of 20 years.

Microsoft paid no fines, but would face fines of $11,000 per count if it does not maintain the security program, an amount that could add up quickly given the service's 200-plus million users.

---

NY Times: Settling With F.T.C., Microsoft Agrees to Privacy Safeguards

The [Electronic Privacy Information Center] spearheaded a coalition of groups that filed a complaint in July 2001 contending that Microsoft's privacy practices, and especially the new Windows XP operating system and services like Passport, "are designed to obtain personal information from consumers in the United States unfairly and deceptively."

The commission focused on four problems with Passport. Microsoft, it said, lied about the effectiveness of its measures to protect users' personal information...

...falsely asserted that purchases made with Passport Wallet were "safer or more secure" than purchases made at the same site without Passport...

...did not tell the truth when it said that it did not collect any personally identifiable information beyond that described in its privacy policy... Microsoft's technical support staff would routinely tie personally identifiable information to the user's sign-in history...

...the special version of Passport for young people... was falsely described as giving parents control over the information that Web sites collected on their children...

---

Jason Catlett, president of privacy consulting firm Junkbusters Corp., said the most significant aspect was that the FTC decided to investigate in the first place.

"Finding that Microsoft has bad security is like shooting at a sitting duck," Catlett said. "What is significant is not that they hit the duck, but that they took the shot."

Okay, the idea that Passport might just possibly be a way of collecting personal information on you for the usual reasons had crossed my mind. But it seems a politically significant move for the government to actually act against Microsoft in this obvious way - not of course that they're being penalised for lying to and deliberately misleading the public (that would obviously be far too severe).

I thought that the result might be linked to a "tough on corporations" political strategy, but given that the case was filed in July 2001 it seems unlikely that the entire decision could have been modified so quickly, and the fact that it was begun at all means something.

Like I say, this is really a wrist-slapping rather than a hand being cut off. It is, however, a wrist-slapping in front of the whole class.
 
 
Tom Coates
09:56 / 09.08.02
Rather than posting full articles, could you link to them and summarise them - particularly with a view to what you think are the salient points and issues to debate.
 
 
w1rebaby
10:00 / 09.08.02
Those aren't the full articles, but I'll edit it down if you think it's too long.
 
 
Tom Coates
10:02 / 09.08.02
Personally I think summaries are better than edited transcripts - I mean, people can read the articles in full if you link to them, and it gives you more space to talk about what you think the articles are for. But let's not rot the thread too much - maybe we should start a topic about this stuff in the Policy - or take this to private messages?
 
 
Lurid Archive
11:41 / 09.08.02
But Microsoft still monopolises the computer industry and it looks like it will continue to do so. The only thing likely to change that, in my view, is if there is a serious technology shift.
 
 
w1rebaby
12:34 / 09.08.02
It does, and I don't think this is an anti-monopoly victory. I think it's more a good thing for data protection rights, and indicates that there is at least some will to prosecute large corporations - even if the only real penalty they're paying here for effectively lying to the public is legal fees. (I also didn't note any mention that all the personal data that had been collected under false pretences would now have to be deleted or unlinked.)

In terms of monopolies, though, one of the aspects of making XP net-enabled was apparently to push Passport and MS online services at every opportunity, using one monopoly to try to create another. Attacking Passport, even to this small extent, could be seen as a challenge.
 
 
Irony of Ironies
17:35 / 11.08.02
The problem isn't just that Microsoft monopolises the computer industry, it's that every company in the computer industry aims at being a monopoly. Would Apple be any different, in Microsoft's shoes? The recent screwing of Mac users over upgrades for iTools would suggest not.
Of course, there's a difference between doing what Microsoft did (illegal) and what Apple does (objectionable). But the question that intrigues me is whether Microsoft's corporate culture pushes them into doing things, or whether it's endemic in all large capitalist organisations.
 
  
Add Your Reply