States urged to halt Microsoft's Passport

News

States urged to halt Microsoft's Passport

The Electronic Privacy Information Center (EPIC) has sent an open letter to the attorneys general in all 50 US states to stop what it claims are Microsoft's unfair and deceptive business practices surrounding the company's Passport service.

In the letter, the consumer privacy group said it chose to go to the states because of its frustration with the lack of action by the Federal Trade Commission (FTC). "We have repeatedly urged the FTC to investigate this matter in two separate filings, but the commission has failed to act," said the letter, which was signed by Marc Rotenberg, EPIC's executive director, Chris Hoofnagle, legislative counsel and Nathan Mitchler, law clerk.

Hoofnagle said the first time the FTC pursued a company for negligent privacy violations was this month. In contrast, the states have a long history of investigating and prosecuting privacy violations, he said.

Among EPIC's objections to Passport are:
  • It can be used to profile user's browsing and shopping behaviour

  • Microsoft has said it wants all Internet users to hold a Passport account

  • Passport's security flaws could expose subscribers' personal information, including credit card numbers


By tying Passport to other services, such as Hotmail and online customer support, Microsoft has already acquired more than 200 million Passport accounts.

In the past Microsoft has denied claims by EPIC and other groups that Passport engages in deceptive business practices and unfairly gathers personal information. In addition, Microsoft has said these groups, and specifically EPIC, are playing to the media rather than working with the company to resolve problems.

However, Hoofnagle said Microsoft has begun to push Passport on a variety of different fronts to gain subscribers. For instance, he said, some functions of Microsoft Money applications are only available now to Passport subscribers. An increasing number of Web sites that have partnerships with Microsoft have also stipulated Passport registration, thus removing consumer choice, he said.

Hoofnagle also said that because it has been shown that Passport has some security flaws, Microsoft's claim that all information is private and secure is a deceptive business practice and the company should stop making such claims.

While EPIC doesn't expect an immediate response to its letters, Hoofnagle said it was the best strategy the group could pursue. The states have much tougher privacy legislation, he said, pointing to a California law that bans unconstitutional seizures of private information by both governments and businesses as an example.

He also said that the state officials may be more willing to act because being seen as a protector of consumer rights is always a benefit at election time and most of the states attorneys general are elected.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy