Microsoft and the FTC announced today that Microsoft has agreed to settle FTC charges related to “the privacy and security of personal information collected from consumers through its “Passport” web services.”
According to the Commission’s complaint, Microsoft falsely represented that:
- It employs reasonable and appropriate measures under the circumstances to maintain and protect the privacy and confidentiality of consumers’ personal information collected through its Passport and Passport Wallet services, including credit card numbers and billing information stored in Passport Wallet;
- Purchases made with Passport Wallet are generally safer or more secure than purchases made at the same site without Passport Wallet when, in fact, most consumers received identical security at those sites regardless of whether they used Passport Wallet to complete their transactions;
- Passport did not collect any personally identifiable information other than that described in its privacy policy when, in fact, Passport collected and held, for a limited time, a personally identifiable sign-in history for each user; and
- The Kids Passport program provided parents control over what information participating Web sites could collect from their children.
The FTC is accepting public comment on the proposed order for 30 days, until September 9, 2002, after which the Commission will determine whether to make it final. Comments should be sent to: FTC, Office of the Secretary, 600 Pennsylvania Ave., N.W., Washington, D.C. 20580.
The Seattle Times also reports on this story.
Microsoft‚s top lawyer, Brad Smith, said the agreement “puts specific processes in place to assure our customers that we are meeting a high bar for security and privacy protection.”
“We wish we had held ourselves to an even higher bar,” Smith said, adding that, “We accept responsibility for the past and will focus on living up to this high level of responsibility in the future.”
You must log in to post a comment.