Is Microsoft Becoming the 'Privacy Company'?

If you are a regular reader of FindLaw’s Technologist, you may have sensed our growing consternation with large tech companies’ attack on users’ privacy. Google scans emails and displays advertisements based on the content. Apple deletes emails with the phrase “barely legal teen” without user permission. And Facebook privacy? Don’t even get us started on Facebook.

It’s enough to (almost) make you want to burn your smartphone and move to a cabin in the woods - except, wait, yep, just got an email from a client. Going offline is not really an option, now is it?

A couple weeks ago, we took Microsoft's Scroogled challenge and analyzed their Terms of Service. It was pretty standard fare, though more protective of users than Apple and Google. Of course, like Google, the Terms of Service doesn't tell the whole tale -- there's also a separate privacy policy. The two documents control Microsoft's behavior in tandem, which is why it's so important to read and understand both.

Much like their TOS that we translated earlier, Microsoft's Privacy Policy is a beast - 4,000 words in all. The highlights, however, include the following points:

• Microsoft, like nearly every website, uses cookies and beacons to track your interaction with the site and to display targeted advertising. They do, however, allow you to opt out of targeted ads.
• Your information is shared within Microsoft (to improve services). The New York Times points out the pseudo-hypocrisy here, as Microsoft previously lambasted Google's move to share information across its services.
• Microsoft does not scan your emails for ads - only for spam and malware detection. This is the biggest point of their Scroogled campaign and the most significant difference between Microsoft and Google's treatment of your data.

There's a lot more, but we are constrained by our attention span and yours (it's a long document full of a mixture of tech and law speak). We recommend reading it thoroughly if you use Microsoft's services, such as Outlook.com email or Skydrive.

After reading that, you are probably unimpressed. Sure, they beat Google in privacy tactics, but that's not saying much - Google is being investigated by a handful of angry Europeans for their privacy policy after all.

No, Microsoft's biggest pro-privacy step, beyond any written policy, was their enabling by default of "Do Not Track" in Internet Explorer 10, which came with every copy of Windows 8. The feature was available in IE9, and on other competing browsers, but has to be enabled manually. It sends a signal to online advertisers not to track users' behavior for purposes of targeting ads.

The Association of National Advertisers stated that DNT could prevent them from collecting data from forty-three percent of browsers used by Americans. That's more privacy, yet less relevant ads. Of course, DNT isn't a mandatory policy. Yahoo! has already pledged to ignore it.

Still, any step towards privacy keeps us one step away from grabbing our flip phone and heading back to the wilderness.

Related Resources:

• Advancing Consumer Trust and Privacy: Internet Explorer in Windows 8 (Microsoft's Technet Blog)
• Microsoft's SkyDrive WILL Be Your Cloud Storage (FindLaw's Technologist)
• Microsoft's New Outlook.com is a Pretty Great Email Service (FindLaw's Technologist)