Privacy Groups Not Satisfied with MS Passport Fixes

A group of privacy and consumer organizations plans to file an amended complaint with the Federal Trade Commission (FTC) regarding concerns they have that Microsoft Corp.’s collection of personal information from users of its services constitutes “unfair and deceptive trade practice.”

The group, which is more than a dozen organizations strong and includes the
Electronic Privacy Information Center (EPIC), Junkbusters, and the Center
for Media Education, among others, first filed a formal complaint with the FTC on July 26. At that time they alleged that Microsoft’s Windows XP operating system, scheduled to ship on
Oct. 25, steers users to sign up for Microsoft’s Passport authentication
system. The group maintains that is an unfair and deceptive practice.

The organizations plan to amend that complaint with more information on Wednesday.
The group is calling on the FTC to open an investigation, and has also
called for an injunction preventing Microsoft from shipping Windows XP until
regulators conclude that investigation.

“We’ll be adding a lot of supplemental material to the complaint that has
already been filed,” said Jason Catlett, president of Junkbusters Corp.
“We’ll also be talking about the responses from the FTC and the responses
from Microsoft.”

Last Friday reports indicated that Microsoft was trying to settle the
privacy issues surrounding Passport by requiring merchants to support
privacy technology and gather less personal information.

But Catlett, giving a taste of what is sure to come tomorrow, told, “We think that they are completely non-responsive to our

Firing back, a Microsoft spokesperson told, “”Microsoft is committed to delivering Windows XP on October 25th. Microsoft places the highest priority on consumer privacy. EPIC’s unfounded claims have been based on speculation and misinformation.
Microsoft has not seen any “amended” claim information and thus cannot comment on any additional filings at this point.”

The group’s original complaint claimed that the way Passport has been bundled with
Windows XP is designed to goad people into signing up for the service. When
computers running Windows XP first log onto the Internet, XP tells users
that they need a Passport to utilize some of XP’s new Internet communication
features like Windows Messenger.

Passport is a ‘sign-in once and go’ system, which gives a user a single
log-in and password which can be used to enter a host of Microsoft and
Microsoft partner sites. The system stores user information, including
credit card and other personal data, allowing a user to utilize features
like the Digital Wallet, which automatically enters that information into an
e-commerce form when the user goes shopping on the Internet.

The system has been in use for some time by the 100+ million subscribers to
Microsoft’s Web-based Hotmail e-mail service. But the company is hoping its
importance will skyrocket next year when it rolls out its Hailstorm
services. Hailstorm is an integral component of the company’s guiding .NET
strategy, designed to free users from reliance solely on the PC as a way to
access the Internet. Hailstorm’s part on the .NET stage is that of an
enabler. It allows users to access their information in the same way through
a PC, a PDA or a smart phone.

All the information gathered through Passport (and presumably Hailstorm,
when it’s launched) is stored on a Microsoft database, which the group
argues puts Microsoft at the center of a great deal of e-commerce and other
online activity. Even if Microsoft does not use that information itself or
share it with third-parties, as the company claims, the group said privacy
is still a major concern because Microsoft has been hacked a number of

News Around the Web