microsoft

Subscribe to microsoft

Much ado has been made in recent weeks about the FTC’s Do Not Track proposal, the push from Congress to protect consumers, and the response from Google, Microsoft and Mozilla, as well as the online ad industry, about the risks and rewards of self-regulation. But what has seemed to be missing from the debate is the public’s own outcry. Amidst the churning discussions there has not been a sense that the general online population is overly concerned about whether an advertiser can track their preferences… at least until the information they share leads to a distinct invasion of privacy with repercussions.

All in all, this debate remains self-contained, and raises more questions than it answers.

From the political front, the Congressional proposals present an issue that is easy to support. Who is “against” privacy? Perhaps the same people who want to bring down apple pie and stop Veterans Day parade…

Technology executives and startups being buffeted about by the concern of over impending government regulation, agreeing on a self-implemented system, and monetizing so -called "privacy assets" for those opting to share more. But how much of the genie is already out of the bottle? Is it possible to truly claw back or sanitize people’s data that is already out there?

There is certainly cause for public concern, though it seems that is not the case until an actual situation occurs. If a website, social forum or third party advertiser holding your personal information is hacked or breached, the potential invasion of privacy on personal preferences could be huge. Finances, sexual preference, and many items that could lead to identity theft are all put at risk. Yet we continue to "like" and "share" and post pictures because living online has become an extension to daily life.

Is this public acceptance? Maybe we won’t know until there is a problem that draws attention on a national scale. The public has control over their own activity online, and the amount of information they wish to share.

If the public is truly concerned about online privacy, it is a matter of self-regulation on a personal level. In the meantime, the government and the industry will continue to swirl in a cycle that perhaps will only end with a set of regulations and authorizations that create more unenforceable layers than there were before. Data thieves will always find ways to game the system, there will always be a risk when sharing personal information online, and advertising will not stop being the fuel that runs much of the internet.

A study commissioned by Microsoft Corp. and RSA, the Security Division of EMC, alleges that companies place too much focus on securing personal data such as customer, medical and financial information versus corporate data (trade secrets and other proprietary information). According to the report, this can cause irreparable damage to a company’s competitive edge. The report offers recommendations for companies to consider in connection with their data security programs.

View more of the report’s findings and its recommendations.

Microsoft recently announced its new Trustworthy Computing: Data Governance web site at Tech•Ed.

According to Microsoft, it is promoting data governance because:

“Growing public concerns about abuses of consumers’ personal information threatens to curtail the growth of online commerce and services. Data Governance directly addresses these concerns.

Data Governance can reduce an organization’s IT costs and improve its control over its information, which increases data security and privacy and improves responses to changing compliance requirements.

Conversely, poor Data Governance raises the risks of data breaches, including identity theft and fraud, which can erode trust in an organization, trigger financial or legal penalties, or reduce confidence among employees, customers, and investors.”

Although the purpose of the Data Governance web site is to serve as a reference for software and application developers, it is also a good reference to any person involved in developing and maintaining data integrity, security, storage and sharing that contains personal information.

Among other things, the Data Governance web site is a resource for developing data policies, complying with regulatory and best practices requirements, and establishing length of storage issues.

As required by more and more state statutes, Microsoft is promoting the development and implementation of data policies and action plans.

Although the materials are helpful and directed as more of a what-to-do, not a how-to-do it, Microsoft does publish its own standard privacy guidelines, as well as an IT Compliance Management Guide. Although these materials are prepared for Microsoft, and are not applicable to very many businesses, they are good resources for anyone wanting to get a flavor for these types of documents.