TORONTO, Oct. 19, 2006 – As consumers increasingly rely on the Internet for shopping, banking, e-government and other activities, privacy has become both a major public concern and a barrier to the growth of Internet services and e-commerce. Widely publicized data breaches, alarming statistics about privacy incidents and fear of identity theft all threaten to erode public trust in the Internet – in fact, an RSA Security study found that nearly half of U.S. consumers have “little or no confidence” that organizations are taking sufficient steps to protect their personal data. At the same time, consumers are increasingly frustrated with software and Web sites that do not clearly communicate the potential impact to their privacy, or clearly and consistently offer them controls over how their personal information is used.
Peter Cullen, Chief Privacy Strategist, Microsoft
The software industry can help address this declining level of trust by establishing a high bar for respecting customer privacy. However, there are currently no industry-wide practices to help standardize the user experience for privacy-oriented software features, or to address privacy issues and concerns in the development process.
To help establish a starting point for these efforts and open an industry dialogue about privacy guidelines for development, Microsoft has released an extensive set of privacy guidelines for developing software products, web sites and services.
The Privacy Guidelines for Developing Software Products and Services, released at the annual International Association of Privacy Professionals (IAPP) Privacy Academy this week in Toronto, draw from the company’s experience incorporating privacy into its development processes and reflect customers’ expectations as well as privacy legislation in effect worldwide. For example, these guidelines reflect the core concepts of the Organization for Economic Cooperation and Development (OECD)’s Fair Information Practices and privacy laws such as the European Union Data Protection Directive, the Children’s Online Privacy Protection Act of 1998 (COPPA), and the Computer Fraud and Abuse Act.
The guidelines are available as a downloadable Word document (.doc file, 1.6 mb).
“Privacy concerns are easy to understand in principle, but challenging to address in practice, particularly in the development of software,” says Microsoft Chief Privacy Strategist Peter Cullen. “Similar guidelines have helped Microsoft’s developers better understand and address privacy issues, and we hope that by releasing a public version, we can promote an ongoing industry dialogue on protecting privacy through consistent development practices.”
The Privacy Guidelines for Developing Software Products and Services are based on the privacy practices incorporated in the Microsoft Security Development Lifecycle (SDL), a process that helps ensure that the company’s products and services are built from the ground up with security and privacy in mind. The SDL implements a rigorous process of secure design, coding, testing, review and response for all Microsoft products that are deployed in an enterprise, that are routinely used to handle sensitive or personal information or that regularly communicate via the Internet.
The guidelines cover a wide range of topics including:
Definitions of different types of customer data that include personally identifiable information (PII) such as the user’s name and e-mail address, sensitive PII such as credit card or Social Security numbers, anonymous and pseudonymous data
Guidelines and sample mechanisms for notifying users that their personal data may be collected, and offering them ways to consent (or not) to the collection of this data
Guidelines for making disclosures to the user about how their personal information may be used
Reasonable steps to protect PII from loss, misuse or unauthorized access, including access controls, encryption, physical security, disaster recovery and auditing
Control mechanisms for users to express their privacy preferences, taking into account the needs of system administrators, as well as special requirements for shared computers
Strategies to prevent data leakage by minimizing the amount of personal information that needs to be collected
To set the proper foundation, the first half of the guidelines document is devoted to general concepts and definitions. The second half lays out specific rules for common scenarios that can affect a customer’s privacy, such as transferring personally identifiable information (PII) to and from the customer’s system, installing and updating software on the customer’s system, storing and processing customer data over the Internet, and transferring customer data to third parties. The guidelines also provide additional requirements for deploying Web sites, software that is targeted or attractive to children, and server products within an enterprise (including measures to help system administrators protect the privacy of their end users).
For several years, a number of product groups at Microsoft have been following similar privacy guidelines as part of the SDL. “Having guidelines that help developers protect customer privacy has been invaluable,” says Jeffrey Friedberg, Microsoft’s Director of Windows Privacy. “The benefits have been felt across Microsoft products and services, from Office to Windows Live. Applying them during the design of Windows Vista has helped us reach new levels of transparency and control – something our customers have told us is very important to them. Our comprehensive privacy statement for Windows Vista documents the scope of this work.”
With the release of these guidelines, the company hopes to promote a broader industry discussion about development guidelines to help protect individual privacy and ensure appropriate data governance. The benefits of such guidelines are clear; not only do consistent user experiences and development standards help protect against misuse of data and other privacy violations, they also promote trust between customers and organizations. Additionally, a reputation for responsible privacy protection has become a market differentiator for companies, attracting and retaining customers based on clear standards and reliable experiences.
“Consistent software development practices are one of the many tools at our disposal to ensure the protection of individual privacy,” says Ari Schwartz, Deputy Director of the Center for Democracy and Technology. “Guidelines that help developers understand and address privacy concerns can play a significant role in ensuring consumer safety and confidence in the Internet.”
“No single company has all the answers when it comes to privacy,” says Microsoft’s Cullen. “Addressing these issues requires broad collaboration between software developers, governments and industry organizations. In releasing these guidelines, our hope is that we can further the discussion on how consistent software development practices can make a difference in protecting privacy and preserving public trust in computing.”