Privacy

Privacy involves the control and choice people have over the collection, use, and distribution of personally identifiable information (PII), such as their name, physical and e-mail addresses, and credit card, Social Security, or other government ID numbers. Privacy also includes the right to be left alone, which is why spam or unsolicited e-mail is a privacy issue, and the desire to be free from monitoring, which makes spyware a privacy concern. Although an important pillar of Trustworthy Computing, privacy (like reliability) has taken a back seat to security in terms of public visibility since the inception of the Trustworthy Computing initiative.

Because of people’s high expectations for the privacy of their PII, regulatory requirements often conflict with business and institutional desires. For example, new patient data privacy regulations that were part of the Health Insurance Portability and Accountability Act tighten restrictions on PII, but businesses and institutions would prefer greater openness so that they can suggest additional products and services that might be of value to a customer. In this environment, Microsoft has two goals with regards to privacy: it must ensure the privacy of PII that it collects as part of its own businesses, and its products must allow others to extend the same privacy protections to their customers or enable customers to protect their own PII.