Dean Hachamovitch, Peter Cullen: Internet Explorer 9 and Privacy

FRANK SHAW: Good morning, and welcome to our webcast. I’m Frank Shaw. I lead communications for Microsoft, and for the next 40 minutes or so we’ll be talking about some new privacy features that we’ll be showing off in the next version of Internet Explorer 9.

I’m joined here by Dean Hachamovitch, who’s lead engineer for the IE team, and by Peter Cullen, our chief privacy strategy officer.

Let me sort of walk through what we’re going to do, and then we’ll get to it.

Both Dean and Peter will make some remarks. Dean will show you a little bit about what this product looks like, and then we will open it up to questions. You’ll have the ability to submit questions via the tool that you have, and I’ll answer them or direct them to either Peter or Dean as they come in.

You might want to keep an eye on some of the related blogs, as well, as we go along, the IE blog, Microsoft on the Issues and the Microsoft Advertising Community site, where there will be information posted as well.

So, without further ado, I’ll turn it over to Dean.


Privacy and tracking on the Web are increasingly important topics. Consumers today have very little awareness of, or control over, who can track their online activity.

At Microsoft we’ve been working on privacy for some time, and with Internet Explorer 9 we’re taking an important next step.

Today, we’re going to talk about a future that you’ll see in the release candidate of IE9 early next year.

The IE9 development process has been far more open and transparent than ever before, with several platform previews for developers, clearer communications about our plans, and lots and lots of listening to feedback. Today’s discussion of this new privacy feature, Tracking Protection, continues that pattern of transparency and openness.

The news in a nutshell: First, IE9 will offer consumers a new feature, Tracking Protection, to protect against many forms of online tracking. This feature empowers consumers to begin addressing their concerns about being tracked on the Web.

Second, Tracking Protection lists enable people to control what third-party sites can track then when they’re online. These lists extend the protection of third-party cookie blockers to other third-party Web content that can be used to track and profile consumers.

Third, we believe that the combination of consumer opt-in and open platform for the publishing of Tracking Protection lists, and the underlying technology mechanism together, offer new options and a good balance between empowering consumers and the online industry’s needs.

This approach empowers consumers and complements many of the other ideas under discussion.

Now, here are some details and specifics of how these lists work, followed by a demo.

Consumers can add Tracking Protection lists to IE at any time. The lists contain Web addresses, and indicate browser do not call or visit these sites, unless the consumer browses to them directly. These lists can also identify sites that are OK to call at all times.

After the user has added a list, then the browser, in addition to blocking third-party cookies, will block all the third-party content that the list specifies.

By default, this new mechanism is off. Consumers may choose to opt into it.

Tracking Protection persists across browsing sessions, so users don’t have to remember to turn it on each time they browse.

Anyone on the Web, individuals, organizations, anyone can author and publish these lists.

Tracking Protection in IE9 puts people in control of what sites can get their data as they move around the Web. It does this by enabling consumers to indicate what websites they prefer to not exchange information with. You can see how it might work in this video.

(Begin video segment.)

This is a demonstration of Tracking Protection, the next set of privacy features in IE9, to help keep third-party websites from tracking your Web behavior.

With Tracking Protection consumers can filter content in a page that may have an impact on privacy.

Let’s look at how it works.

Here’s an example Web page from the IE Test Drive site. Like many pages on the Web, this one includes content from other websites. These elements often look like they’re just part of the site.

Here you see a stock ticker, links for social sharing, videos, advertisements in single-pixel images that are used for tracking by third parties.

Everyone has different privacy preferences. What may be seen as value to some customers can be privacy issues for others.

On this page some of the content comes from site A. These elements are shown with green boxes around them. Some of the content comes from yet another site, site B. These elements are shown with red boxes around them.

With Tracking Protection in IE9 you can choose which third-party sites can receive your information and track you online. You can add Tracking Protection lists to block and allow elements on the page coming from third-party sites.

Adding a Tracking Protection list is as simple as clicking a link on a page. Here, clicking on the list for site A brings up a dialogue to add a Tracking Protection list. The publisher of the list specifies the sites and the types of content to allow or block, and a description of the list here.

IE9 checks for updates to the list once a week. When the page is refreshed, after the Tracking Protection list is added, you’ll see that all the content inside the green boxes coming from site A is blocked, and cannot be used to track.

In real-world browsing this lets you view the content from a site you navigate to, like, while blocking some or all of the content on the page coming from other sites that might track you.

Here’s another Tracking Protection list. This list blocks the content coming from site B. The list also allows the content coming from site A.

Now, when the page is refreshed, you’ll see that the content inside the red boxes coming from site B is blocked, and the content in the green boxes coming from site A is allowed.

When I close the browser and open it back up, you’ll see that the content coming from site B in the red boxes is still blocked.

These lists apply across all the pages you visit, not just the page you get the list from. Once you’ve opted into Tracking Protection, it stays on across all browsing sessions until you decide to turn it off.

With Internet Explorer 9 and Tracking Protection you stay in control of your private data as you browse the Web.

(End video segment.)

DEAN HACHAMOVITCH: Interoperability has been an important theme throughout IE9. We want to make it easier for developers to be able to use the same markup, the same HTML, CSS and script across different browsers.

Because we believe so strongly in interoperability and privacy, we want to encourage the development of interoperable privacy tools, and will make the format of Tracking Protection lists available under a creative commons attribution license, and the Microsoft Open Specification Promise.

You can find more details at the IE blog at

We want your feedback and encourage the community to start building lists.

I’d like to hand it over to Peter Cullen, Microsoft’s chief privacy strategist.

PETER CULLEN: Thanks, Dean. Thanks, Frank.

I think as most of you have either observed or written about, we’re at a really interesting discussion point, and to me this seems to be about the right balance, how can we provide meaningful controls and choice for a consumer.

I think this requires investments by both companies and by industry together. Collectively this is about how do we provide more control, more transparency, more choice about consumers’ online activities.

At MS this has really been about our cornerstone of how we’ve thought about Trustworthy Computing for the past decade. Building our technology, building our business process around this fundamental premise has been the way we’ve thought about privacy by design.

I think what Dean’s talked about with the extension of IE9 is just a natural progression of this. It also builds on many of the investments that we’ve made in our ads platform about providing more choice around perhaps preferences for many of our consumers.

But I think it also builds on what the industry has been working on for the past two years, whether it be the self-regulatory guidelines or the ad notices campaign which provides transparency in now hundreds of thousands of ads about where the information has come from and how it’s being used. These are just examples of the many investments that all of us collectively are making.

But I think now we’re at a point where there’s an opportunity to build further on these investments to really advance trust for consumers.

As Dean notes, one of the really powerful things about IE9 is the concept of allow lists — in other words, not just block lists.

If we could conceptualize how these allow lists might be built together to provide increased trust, increased confidence, increased control for consumers, we might all advance this discussion.

We have some 1 billion Windows customers, thousands of advertisers and platforms, so we represent a broad range of not just industry but of consumers and stakeholders. We think we’re in a very unique position to help advance that, and look forward to working with all of you and many other stakeholders to further all of these goals.

FRANK SHAW: Great, thanks, Dean. Thanks, Peter.

We’re going to go ahead and open it up to questions now. Go ahead and type your question into the tool, and then I’ll direct them here.

We’ve got the first question, and I think this is most appropriate for Peter. Is this in response to the FTC, and does it meet with what the FTC laid out in their hearings and statements last week?

PETER CULLEN: So, the FTC framework is really a broad framework, one that invited discussion. We think that the browser is an important part of providing control for consumers, consistent with this framework. We also think that investments in our advertising platform are equally important, and part of a longstanding tradition, a longstanding commitment.

But we’ve got to be really, really clear with our intent, and I think this is really the timing of what Dean has outlined today. But we look forward to reviewing, getting feedback from others, and working with all of the stakeholders in this space as we advance this discussion.


Next question, and, Dean, why don’t you take this one. How will Web pages change in terms of consumer experiences?

DEAN HACHAMOVITCH: Well, you know, Frank, we have beta tests for a reason. We put out pre-release products in order to get feedback. Classically we get feedback from developers and consumers. In this case we’ll be getting feedback from a lot more folks, and we’ll welcome that feedback.

As the video showed, the changes that consumers will experience in Web pages depend on what Web pages they visit, and what Tracking Protection lists they had installed.


Peter, what is the impact of this potentially on advertisers?

PETER CULLEN: I think this is part of our longstanding commitment to transparency and control. This is really unwavering , whether it be investments that Dean has outlined in Internet Explorer or whether it be commitments, investments we’ve made in our advertising. These are just absolutely kind of cornerstone parts about the way we think about things.

We also think we’ve got this unwavering commitment to a viable advertising business, and think this is a logical collective building spot that all of us can move forward on.

FRANK SHAW: OK, great.

Dean, is this just about cookie blocking?

DEAN HACHAMOVITCH: Frank, it’s about a lot more than cooking blocking. Cookies are just one technology or just one way that websites, that some websites, are capable of tracking consumers. There are a lot of other mechanisms out there. We had a blog post, we’ve had several blog posts about them, and we’ll make those links available.

For example, folks who are listening can go and look up articles about Web beacons or Web trackers. And so tracking is not just cookies, and this feature is about more than just cookies.

FRANK SHAW: OK, so it’s more broad.

Dean, where will lists live?

DEAN HACHAMOVITCH: Well, the lists will start on people’s websites. So, as I said, it’s anyone, any organization, any individual can author a list. And after they’ve authored the list, they just put it up on any website at all. It doesn’t have to be on a special central website of any kind. They start up there.

Consumers then find those lists, and then when a consumer clicks on a link on that page and then says “add,” the list then lives on the consumer’s machine, is essentially copied down to the machine.

There is one other subtlety here. The Web changes and evolves over time. So, once the user has added that list, they get the content of the list at that moment, and there’s an ongoing subscription. So, there is an update process and an update mechanism, basically a lot like an RSS feed, for folks who are familiar with that.

FRANK SHAW: Great. And I think, you know, we’ve said this before, and it’s worth noting again that anybody can build the list, an organization, an individual, a media company can put a list together.


FRANK SHAW: Dean — well, actually Peter, can you give a specific example of what kind of problem the new blocking lists will protect people from, as you sort of think about privacy in general?

PETER CULLEN: Well, what we’ve come to understand is that there’s a wide range of concern and a wide range of controls that consumers are looking for. What we want to build is that ability or that capacity for choice for those people that perhaps want to exercise more control over who is using their information and who is collecting it. So, that’s an example of what I’ll call the perceived negative side of tracking.


PETER CULLEN: But I want to contrast this to the other side of tracking, which is if you can imagine a world where we’ve got trusted, allowed lists, which really are about a transparency level that consumers are engaged in. That’s kind of the yin and the yang of what the opportunity is here.


Two questions that will go to Dean. Does this replace in-private filtering, which is a feature in IE8?

DEAN HACHAMOVITCH: Right. This is a complement to in-private filtering. Briefly, Tracking Protection involves lists, and the consumer has a clear decision and opts in and says, yes, it’s exactly this list that I want to use to protect me from tracking.

In-private filtering involves an algorithm or heuristics, and is a much more dynamic way where the computer tries to determine which sites to block.


DEAN HACHAMOVITCH: So, they are complements.

FRANK SHAW: OK. And then, you know, sort of a follow-on question is, you know, why not make in-private browsing, another IE8 feature, the default?

DEAN HACHAMOVITCH: Right. So, for context in-private browsing is the over-the-shoulder privacy feature in IE8, and when you go into in-private, where you go on the Web is not saved on the machine in any way.

The reason that that is not the default configuration is that most consumers want to make it easier to get back to the sites they’ve already been to. And so when you type in an address in the address bar, it remembers where you’ve been. That’s a very good thing.

The new tab page remembers the sites that you’ve been to quite often.

By turning in-private browsing on by default, you just make it very hard for consumers to get back to the sites they go to all the time.


Who do you anticipate will build lists? And why don’t we both — Peter, why don’t you start with that one, and then we’ll see what else we can —

PETER CULLEN: Well, this is the really I’ll call it progressive solution that Dean has outlined is that whether it be Joe in his garage building a list or whether it be an industry association building a list, anyone can build those lists.

And I want to come back to the question around, well, what are we trying to protect, but I think that it’s not just protect, it’s enable.

So, many consumers want a much richer experience on the Web, much more personalized. So, therefore information that helps enrich that personalization is super important.

But they also want it to be super transparent, and this is where I think this huge opportunity for I’ll call it the trusted allow lists really come into play.

DEAN HACHAMOVITCH: Well, this is, you know, again pre-release software, and as with most beta software I think the first movers are the technical enthusiasts. The first few lists will come from people who are enthusiastic about technology, and are either enthusiastic around some aspect of privacy or at least curious.

Over time, I think we’ll see a very broad spectrum of organizations, whether they’re consumer advocates or industries, as well as individuals who are just enthusiastic on the topic, provide lists to the public at large.

It’s also the first W in World Wide Web. It’s very easy to be very fixated on where we live on the West Coast of the United States. This is an issue that crosses many boundaries, and so we need to remember that there’s a world opportunity here as well.


And I think on your blog you have an example of what a list could look like or some of the technical code that we’re looking to use, so people can take a look at that.

Peter, I think I’ll let you tackle this one. How do you think advertisers will respond, and will they, should they, build lists?

PETER CULLEN: Yeah, I think whether they should build lists I think is something we’re going to learn about. Consumers are going to want to play with this, not all but some, as Dean has talked about.

I think there’s just an enormous opportunity for the industry, of which we’re obviously a huge part of, to help think about what would these lists look like, how would they develop, what are the requirements that would be built into them, how do we make those even more transparent. You know, I think this is just kind of I’ll call it the really good side of what the opportunity is for us.


Does Tracking Protection require website developers to make changes, or is this all on the client side?

DEAN HACHAMOVITCH: So, the protection itself is all on the client side, and so websites can remain unchanged.

It’s important to remember that this functionality is off by default, and so by default with IE9 websites don’t need to do anything at all differently.

Over time, as different lists are published and we see how consumers use lists, website developers may choose to make some changes.


And then does this work with Flash cookies?

DEAN HACHAMOVITCH: Right. So, this is somewhat separate from anything with Flash cookies. The Adobe Flash plug-in, as well as Silverlight and other plug-ins, really are almost their own programs that run inside of the browser. And so they are under their own control.

FRANK SHAW: How do consumers find the lists, and are there any checks on them, for example, ways to prevent malicious sites doing the tracking from building lists that allow their work to continue unimpeded?

PETER CULLEN: No, I want you to do it.


So, how do consumers find lists? Well, it’s the Web, I think that they’re going to start by, you know, here are the sites that I read all the time or here are the Twitter feeds I follow. If someone links to a Tracking Protection list, they’ll go and look at it, and read the claims, and maybe they’ll try it out. It’s very easy to remove a list once you’ve tried it, for example. So, I think it’s the way folks find anything on the Web: what your friends e-mail you, search engines, social media.

In terms of checks on the lists, it’s interesting, the list itself is literally just the collection of addresses: here are the ones that are OK to call and here are the ones that the browser should not call. There’s no software installation, there’s no program, there’s no script, there’s no executable. So, this is not, to use the technical phrase, a vector for malware.

In terms of malicious sites who are actively tracking and what controls are there on them building lists, there are no technical blocks on them doing that. As I said, anyone can build a list. Much in the same way if there are no technical blocks on who can build a website, I can put up a website and claim to be Citibank. So, there will be a need for consumers to be thoughtful and wary as they think about which sites they go to and get lists from.

PETER CULLEN: But I think what we’re learning is increasingly in addition to finding things on the Web, as Dean has outlined, that consumers are increasingly looking for trusted sources to get this.


PETER CULLEN: So, whether that’s, for example, if you’re a privacy advocate you might look to a privacy technical advocate to help that. I think if you have a relationship with an organization, it might be very appropriate that you’d look to them to provide you with a trusted list.

FRANK SHAW: Is this similar to what Firefox says they’re doing or what they talked about last week?

DEAN HACHAMOVITCH: Right. So, there is another design that came from some researchers at Stanford and some other people as well. And this is a complementary way to try to get to the same outcome. Everyone is trying to get to the outcome of how do we protect consumers from being tracked.

The other proposal that was in public discussion involved essentially sending a signal. So, you can imagine that a consumer, as they browse the Web, can send a signal saying do not track me, and the question refers to how consumers can send that signal. And that’s in discussion.

What’s interesting about that, about that proposed solution, is that it sends a signal, and right now it’s all to be determined what websites do, like how do they define tracking, what actual response do they take, is it verifiable, is it enforceable.

This path is a bit different. Again it’s a complement. They can happily both coexist. This path is different in that it actually blocks the tracking now. To be fair to both sides of this, the other folks will say, well, what’s great about the other solution is that there is no need to update it, and that’s true, lists require updating.

So, you can see that there’s a lot of technical innovation in this space as we work through the best way to help consumers.

FRANK SHAW: I think the one thing I want to add is that we’re using this terminology, and you just sort of made a key point, which is that there isn’t a universal definition of what it means to be tracked. And so some people would say, as Peter said, if I have a trusted relationship with a site, I want it to remember me across the things that are associated with it, I want it to make suggestions if I go to a site that says, if you like this you might like that. You know, some people would look at that and say that is a form of tracking that has been official. Some people would look at it and say, you know, any tracking is not. So, it’s important to understand that we’re working not just on the technical levels but actually on the understanding, the deeper level of what it means and what people are looking for there.

PETER CULLEN: You know, what I think, whether it be consumers’ advocates, the FTC are really looking for is a multiple series of investments, and the do-not-track header is a really interesting one, as I’ll call it, very consistent with the company’s promises.

What consumers are also saying is I also want to have more control, and a more meaningful choice over what happens.

So, as Dean said, these two ideas are not mutually exclusive. In fact, they’re really quite complementary.

FRANK SHAW: Great. Wouldn’t consumers always be chasing the latest opt-out list under this scheme, and wouldn’t that time spent defeat this effort?

DEAN HACHAMOVITCH: So, I’ll take that. I think the answer is no, consumers wouldn’t always be chasing it, essentially because once the consumer adds a list, that list updates over time.

In some ways, I hesitate to make this parallel. There are a lot of trust issues on the Web, and what we’re used to doing here is accepting that it’s an ongoing process. You can look at unsolicited e-mail as an example that you gave. And it’s not that consumers will chase the latest list, that list will be updated over time, and it reflects how the Web continues to change and grow.


When will Microsoft include the Tracking Protection lists in IE9, in the release candidate, and when will the release candidate be published?

DEAN HACHAMOVITCH: We plan to not include any Tracking Protection lists with IE9 in its release candidate. Essentially choosing a Tracking Protection list is a statement around what the consumer wants out of the box, and in some ways that is completely up to the consumer. And the release candidate will be available early next year.

FRANK SHAW: Yeah, and I’m just going to reinforce that what we’ve said, and what you can see on the blogs about it is that, you know, IE9, the release candidate, will ship with this off by default, and the Tracking Protection lists empty. So, people will have to choose to turn it on, will have to choose to subscribe to a list. We’re not going to be shipping any lists that are pre-populated.

How will multiple mutually contradictory TPLs be handled? Will there be any clear mechanism for users to learn what a list is actually doing other than reading XML?

DEAN HACHAMOVITCH: Right, so this is our first three-letter acronym of the QA session.

FRANK SHAW: That’s right.

DEAN HACHAMOVITCH: That’s progress.

By definition lists can contradict each other. That’s part of the Web. There are always contradictions as you go around to different websites.

We sought out the simplest, most consumer-understandable way of dealing with these contradictions, and it runs something like this. If any list at all that you subscribe to says that a site is OK to call, that a Web address is OK to call, then it’s OK to call. If other lists say do not call, do not call, do not call, multiple do not calls are fine, but a single OK to call will override the do not calls.

I think it’s a good moment to say, you know, here’s everyone who browses, and here are the number of people who — not drawn to scale, but I’ll just say it’s small who are very engaged in privacy and very concerned, and getting to the notion of having one list, which will be a non-default option, much less multiple installed, I think is now going out way, way to the right side of the bell curve.

In terms of a mechanism to learn what a list is actually doing, I think it’s a great opportunity for the community. I can imagine going to a website and it giving me the opportunity to see what items are on the list, and parsing that XML and explaining it to me, and it’s a great idea.

FRANK SHAW: That’s good.

And then what are the other things that IE9 will deliver from a privacy standpoint?

DEAN HACHAMOVITCH: Well, there’s in-private browsing from IE8, there’s in-private filtering as well. There are a variety of other features that we’ve detailed on the blog, and just given the other questions that are queued up around what’s new today, I’m going to defer to the blog, and we’ll have an explicit list out for the folks.

FRANK SHAW: Can a website detect if a user is using a list, or is it invisible to servers?

DEAN HACHAMOVITCH: Yes, a website can detect if a user has this functionality turned on. There is actually a JavaScript API that we included in IE8. And so sites have a definitive way to really test for it.

You can imagine a lot of scenarios where that’s absolutely crucial. Try to imagine I’m going to a medical imaging site, and that site uses lots of interesting third-party content to deliver that image. They might want to make sure that I know that I need to have all the content to get the full experience of the site that I need. So, it is visible to servers, and it’s documented, and it’s a great opportunity for more conversation with developers.

FRANK SHAW: Peter, why don’t you see if we can clarify a little bit about when you talk about a trusted allow list. I think Dean touched on that a little bit ago. Would this be a list of things that would always be unblocked, whether they show up on a blocked list?

PETER CULLEN: Well, Dean has touched on the allowed trumps block, but here’s kind of an opportunity that the industry, of which obviously we’re a large player and has done just a tremendous amount of work to develop self-regulatory guidelines, there’s efforts in the U.S., there’s efforts underway in Europe, there’s efforts underway in parts of Europe. I think what we’ve got is this interesting kind of nexus of now how do we make this perhaps more consistent, and how might this then aid the development of what we’ve called trusted allow lists.

FRANK SHAW: Well, we’ve got a natural follow-in question is, are you as plugged in with the EU as you are with the FTC on this issue?

PETER CULLEN: Yeah, we have been having regular dialogues with our counterparts in the European Union from the European Commission-level to the various data protection, to the various advocacy organizations. So, yeah, the simple answer is yes.


You said something about making this interoperable. What will that look like?

DEAN HACHAMOVITCH: Well, I said that we’re making the file format for Tracking Protection lists available with some very specific licenses, in order to make sure that anyone who wants to author these lists or write tools that use these lists can.

By interoperable I think it’s very important that the folks engaging in privacy have a universal or an interoperable way to take the work they’re doing and have it apply no matter how folks are browsing the Web.

FRANK SHAW: So, another browser conceivably could implement this as a way of doing something similar.

DEAN HACHAMOVITCH: Yeah, another browser could. You could imagine that I guess it would be a fourth party could implement an add-in for another browser as well, if they chose to.


Will this have implications for third-party analytics platforms?

DEAN HACHAMOVITCH: Again, it comes down to what lists, what Tracking Protection lists, the consumer has installed and what sites the consumer visits. So, I think the answer is maybe, depending on a lot of different factors.

PETER CULLEN: And one of the things that Dean highlighted is that we’re learning, and I think the experience that the consumer will have access to, as portrayed in the video, shows a little bit more about what happens on the Web, and also kind of what will happen if you use one of these lists.

It seems pretty clear that as we kind of learn about these lists, they will improve and they’ll get richer and more precise and more attuned to what an individual consumer wants.

FRANK SHAW: And then what is the process to provide feedback, both on the privacy front and on the technical front?

DEAN HACHAMOVITCH: Well, at the broadest level the key way to provide feedback is through Microsoft Connect. There is a database and we read it very regularly, and we go through it, and we’re committed to providing feedback and closing off all the issues that come in through there.

There are a variety of other I’ll argue less technical mechanisms as well. There are a lot of folks in the industry who have contacts at Microsoft. I think there will be a lot of conversation on that front. And, of course, like everything else on the Web, there are comments enabled on the IE blog, and I can tell you that I read every single comment that’s posted there.


And Peter?

PETER CULLEN: Yeah, I think the relationships that we have with everybody from regulators around the world will likely get feedback, relationships with the privacy advocacy community is a really important part of the way that we think about evolving these things, and then just as importantly the relationship with our advertising and publishing platform clients will be super important, the feedback there.


How much do you think this feature will be used?

DEAN HACHAMOVITCH: OK, so this is one where we actually have some data to operate from, and I can say with great confidence that there is no feature in IE with 100 percent usage, and there is no feature in IE with zero percent usage.

Even things — and this surprises people, whether it’s, you know, using the Favorites bar, it’s somewhere in the middle, it’s actually less than 50 percent. Opening links in new tabs, not 100 percent. You know, just the number, the hundreds of millions of folks who use the product in different ways, the usage patterns are extraordinary.

So, in terms of how much do I think this feature in particular will be used, I expect it will be more than zero, I expect it will be far, far, far less than 100. And in general I don’t really speculate on that. We’ll be watching the telemetry data very closely.

PETER CULLEN: Yeah, I think what all of us have learned over time is that what consumers want is choice and control, but that doesn’t necessarily mean that they act on that choice and control. So, they really feel better about having that ability, not necessarily exercising on it.

FRANK SHAW: Or that it means the same thing to all the hundreds of millions —

PETER CULLEN: Absolutely correct.

FRANK SHAW: — of people who use the product.

All right, so our last question, do you feel like this is going to change the course of the privacy discussion introduced by the FTC? And Peter, why don’t you take that one?

PETER CULLEN: Boy, that would be great, but I think the way that we would think about it, this is the start of I’ll call it an ongoing discussion. And whether it’s the FTC that’s invited a broad discussion on the framework, whether it’s regular ongoing discussions with stakeholders in the industry, stakeholders in the advocacy community, we think this is much like a journey, not a destination.

FRANK SHAW: OK. Thank you, Peter. Thank you, Dean.

Thanks for those who joined us. We’re going to wrap up. If you submitted a question that we didn’t get a chance to, we’ll go ahead and respond to you offline.

I encourage you to take a look at the different blogs that are out on the issue today. You’ve got … Peter’s got a blog on the Microsoft on the Issues blog, Dean’s blog at the IE site, and then there’s perspective from our advertising team at the Microsoft Advertising Community site. You can take a look at those, and we will talk to you again soon. Thanks very much.