Privacy Guidelines for Developers Posted

New guidelines from Microsoft will help developers of applications, Web sites, and services avoid the legal problems, negative publicity, and loss of customer trust that come from failing to protect users’ privacy. Originally developed by Microsoft for use by its own development teams, the guidelines define key privacy concepts and describe how to enforce privacy constraints in basic application scenarios (such as transferring personal information between the user and the application).

The guidelines are divided into two sections: a set of basic concepts and definitions regarding privacy and a set of best practices for developers.

The document defines important privacy concepts such as “personally identifiable information,” “prominent notice,” and “explicit opt-in consent.” In many cases, the definitions are not Microsoft’s but come from various industry groups. For example, Microsoft uses TRUSTe’s definition of personally identifiable information. (TRUSTe is an independent organization that monitors and certifies the privacy and e-mail policies of Web sites.)