Webtrends Tracking Code
 
UK Home >  OUT-LAW News >  News Archive >  2002 >  August 2002 >  FTC claims Microsoft misled consumers

FTC claims Microsoft misled consumers

OUT-LAW News, 08/09/2002

Microsoft has reached agreement with the US Federal Trade Commission (FTC) regarding its methods for collecting and protecting the personal data of subscribers to its Passport internet service. The FTC filed a complaint against Microsoft last year, following allegations by privacy groups that the company had excessive control over users’ personal data.

MS Passport is an on-line service which allows subscribers to use their e-mail address and a single password to sign in to any Passport-participating web site or service. The service currently has more than 200 million subscribers.

Microsoft retains users’ personal information, such as credit card details, and makes it available when required for on-line transactions. Microsoft uses Passport authentication for the MSN Messenger and HotMail services, for the Microsoft Developer Network on-line access and also for Microsoft Reader purchases.

Privacy groups, including EPIC and Junkbusters, accused Passport of collecting more information than it admitted to the consumer, and claimed that Microsoft was using the service to profile customers in an “unprecedented” way.

The groups also alleged that Microsoft’s trade practices were unfair and deceptive, as the company claimed to offer a higher standard of security to its customers than it actually could. A further complaint was that Microsoft Kids Passport did not comply with the Children’s Online Privacy Act.

The FTC investigation found that Microsoft had misled its subscribers over its security standards and so had misrepresented the company’s ability to protect the subscribers’ personal data. The FTC also determined that the MS Passport service was tracking subscribers’ web browsing habits without their knowledge.

As regards Kids Passport, the FTC asserted that the web materials were not as clear as they should have been in describing the capabilities and the limitations of the Kids Passport service. Of particular note was the fact that it only permitted users to control information provided to sites that are Kids Passport sites.

The FTC also discovered that it has been possible for some children to circumvent the parental controls that Kids Passport provides.

Microsoft has released a statement confirming that amendments have been made to its privacy statement and to Kids Passport in response to the points raised by the FTC. Under the settlement agreement between the parties, Microsoft is required to stop making false claims about its data collection practices and to fully disclose its privacy polices.

Microsoft is also under an obligation to tighten its security standards by setting up a security system which will have to pass an independent check every two years.

Microsoft will not have to pay a fine unless it fails to comply with the terms of the agreement, which will be binding on the company for 20 years.

 

 

OUT-LAW star: link to the home page
Disclaimer | Privacy | Site Map | Accessibility
Disclaimer: This was printed from OUT-LAW.COM, a service of international law firm Pinsent Masons. We hope you find this content useful. However, please note that nothing in this document constitutes specific legal advice. You should consult a suitably qualified lawyer on any specific legal problem or matter. Any questions, please email info@out-law.com.