The catch, say critics, is that because these sites
are among the 10 most visited on the Web, this will lead to the largest
invasion of online privacy ever seen.
In a lawsuit accusing Microsoft with unfair and deceptive trade
practices now before the Federal Trade Commission, more than a dozen
privacy groups led by the Electronic Privacy Information Center, (or
EPIC, at http://www.epic.org) have
charged that the Passport service is designed to compile a colossal
database of users’ personal information. Microsoft, they contend, will
be able to use the data entered during the Windows XP installation
process to track and profile Web surfers, and then do with the
information as it pleases-including selling it to the highest bidder.
Before you’re tempted to upgrade to XP when it comes out the end of
September, you should know what these watchdog groups are saying about
it, and how Microsoft is dealing with the flak.
With 165 million people already registered, the Passport service is the
largest online repository of personal information (to put this figure in
perspective, consider that there are now an estimated 300 million
computers on the Internet). Even though Passport is an optional feature
of XP, the suit accuses Microsoft of not making that clear to the user
at the time of installation. Instead, users are led to believe that
signing up for Passport is simply part of the process.
When privacy groups first filed the lawsuit asking to delay XP’s
release, Passport was designed to ask for 13 items of personal
information, including users’ “real name,” email address, street
address, home phone number, credit card information, gender, age, and
occupation. Photos of users were also welcomed.
And in a glaring example of Micosoft’s greed, a posting on
slashdot.com quoted one of Passport’s original terms of use as
stipulating that “by inputting data ... or engaging in any other form
of communication with or through the Passport Web Site" – or any
of its "associated services" -- users would grant Microsoft
the right to "use, modify, copy, distribute, transmit, publicly
display, publicly perform, reproduce, publish, sublicense, create
derivative works from, transfer, or sell any such communication"
and “exploit any proprietary rights in such communication, including
but not limited to rights under copyright, trademark, service mark or
patent laws.” In other words, if you installed XP, got suckered into
signing up for Passport and then used Hotmail to email your latest short
story to your literary agent or a new schematic diagram to your patent
lawyer, Bill Gates would devour the rights to your work like a
blood-crazed shark.
After privacy groups made headlines in July by filing suit, an
embarrassed Microsoft tried to backpedal. The company announced Passport
would only require users’ email addresses, but that their affiliates
would still be free to ask for all the other information. The clause
granting Microsoft the rights to users’ intellectual property was
“an oversight,” according to a company spokesman and dropped.
Microsoft also disavowed any intention to make commercial use of its
trove of user information.
Unimpressed by the company’s response, the privacy groups announced on
August 15th that they would file an expanded lawsuit
maintaining that Passport’s requirement of users’ email addresses
was still unacceptable - more spam in users’ inboxes would still be
the inevitable result. The second suit also asks the FTC to order
Microsoft to alter the XP registration process to allow users to opt out
of the Passport system more easily, and permit them to surf the Web
anonymously.
And according to Jason Catlett of Junkbusters (http://www.junkbusters.com),
one the complaining parties, Passport’s requirements also violate a
2000 law protecting the online privacy of children. Tonya Klause, a
Microsoft spokeswoman, attempted to rebut the charge by saying that all
Passport-affiliated Web sites require parental consent before children
can provide information to those sites. But how easily a child could
pose as his own parent and give himself permission to disclose personal
information remains unanswered here.
Meanwhile, the Justice Department, still in antitrust litigation with
Microsoft, has yet to issue an injunction against the release of XP. On
August 17th, a federal appellate court turned down the
company's request to delay further proceedings in the four-year case
pending Microsoft’s request for a Supreme Court review, which some
experts think may increase the likelihood of such an injunction.
A possible indication of what Justice’s position on XP might be,
though, lies in Attorney General John Ashcroft’s current budget for
the agency, which in spite of it’s stated willingness to pursue the
Microsoft anti-trust suit, allots no funding whatsoever to it. However,
according to CNN, a number of state attorneys general are currently
weighing legal challenges to XP, and the Senate Judiciary Committee also
plans to hold hearings on the new operating system.
The only response from the FTC so far has been a letter to EPIC saying,
``We will evaluate your complaint to determine what action, if any would
be appropriate in this case. Please be advised that any Commission
investigation is non-public until the Commission decides to issue a
formal complaint. As a result, we will not be able to advise EPIC or the
other complainants of our decision as to whether to investigate the
matter.''
With an overwhelmingly pro-business Bush administration possibly ready
to look the other way on this assault on online privacy, and help from
other quarters uncertain, all that remains to be said is this: surfer,
beware – you don’t want Microsoft to know you in the Biblical sense.
List of Metroland Stories by Glenn Weiser
©2001 by Glenn Weiser. All rights reserved.
|