Commitment to consumer privacy in Windows Phone 7


Posted by Andy Lees
President, Mobile Communications Business, Microsoft

Many consumers and policymakers are asking important questions about how today’s phones are collecting and using information about a phone user’s location. The discussion has intensified over the past few weeks when the practices of two other companies in the mobile market were called into question. As a result, several members of the House of Representatives sent a letter to a number of companies that provide mobile phone services seeking clarity on this issue.

We at Microsoft believe this is an important discussion to have. To that end, below, I’ve included what we’ve shared with Congress about the ways Microsoft has taken privacy into account proactively with Windows Phone 7. (You can also find a copy of our response here.)

In just a few short years, the smartphone has become indispensible for many consumers, who use it for any number of feature-rich services. Some of those services rely on location. Location data can lead to better search results, provide useful information like local movie options and directions to the nearest coffee shop, and help you find nearby friends for an impromptu get together. This means that companies have the ability to gather a lot of data about users. 

At Microsoft, we believe that consumers should have control over the location information they share, and that the information collected should be narrowly tailored to support specific experiences on Windows Phone 7 devices. We believe that our careful and deliberate approach to user privacy in the development of the Windows Phone 7 operating system reflects Microsoft’s commitment to give users informed choices about the collection and use of location information and reflects our intent to facilitate the delivery of device location information solely at the user’s request and solely for the user’s benefit.

We believe that, when designed, deployed and managed responsibly, the location-based features of a mobile operating system should function as a tool for the user and the applications he or she elects to use, and not as a means to generate a database of sensitive information that can enable a party to surreptitiously “track” a user.

As a result of these commitments, Microsoft designed the location-based services on Windows Phone 7 with the following principles in mind:

1. User Choice and Control. Microsoft does not collect information to determine the approximate location of a device unless a user has expressly allowed an application to collect location information. Users that have allowed an application to access location data always have the option to disable access to location data at an application level, or they can disable location collection altogether for all applications by disabling the location service feature on their phone.

2. Observing Location Only When the User Needs It. Microsoft only collects information to help determine a phone’s approximate location if (a) the user has allowed an application to access and use location data, and (b) that application actually requests the location data. If an application does not request location, Microsoft will not collect location data.

3. Collecting Information About Landmarks, Not About Users. Microsoft’s collection of location data is focused squarely on finding landmarks that help determine a phone’s location more quickly and effectively. In our case, the landmarks we use are nearby Wi-Fi access points and cell towers. The information we collect and store helps us determine where those landmarks are, not where device users are located. In fact, we’ve recently taken specific steps to eliminate the use and storage of unique device identifiers by our location service when collecting information about these landmarks. Without a unique identifier or some other significant change to our operating system or practices, we cannot track an individual device.

4. Transparency About Microsoft’s Practices. Microsoft gives consumers opportunities to learn more about its location data collection practices. When the user makes a decision to allow an application to access and use location data, Microsoft provides a link to the Windows Phone Privacy Statement, which includes its own section on location services with information describing the data Windows Phone 7 collects or stores to determine location, how that data is used and how consumers can enable or disable location-based features. Additionally, at the time that Windows Phone 7 launched last November, Microsoft published a consumer-friendly Q&A in the “Help and How-To” section of its Windows Phone website to address commonly-asked questions about location services and consumer privacy. This Q&A provides detailed information on how location services work for Windows Phone 7, the data Microsoft collects to provide location services, and step-by-step instructions (as well as diagrams) on how to enable and disable location services on Windows Phone 7, and the methods Microsoft uses to assemble and maintain its location database. Prior to launch of Windows Phone 7, Microsoft proactively engaged with various government and consumer organizations to start constructive dialogues regarding our location data collection and use practices.

Microsoft’s commitment to ensuring protection of consumer privacy is long-standing across all our products. Throughout the process from development to the store shelves, we seek to provide a clear understanding of our practices and simple effective tools to help consumers protect their data. It’s a commitment that we stand by with Windows Phone 7.

 

Comments (6)

  1. Allen says:

    My privacy has been compromised over the fact that your groups in your organisation are asking for passport information over the net… and visa information student ID info.. too much request of my privacy…

    Here is my story about this.

    I need an email or CSR to helpl me resolve some issues.

    I am hoping you can help me resolve a VERY BIG BIG BIG  problem with the rest of the App_hub(create.msdn.com); Geotrust(Cs-

    orders@geotrust.com); Maria Veronica Perez(MariaVeronica_Perez@symantec.com)… These people have brought so much frustration

    into my life, and the word 'hate microsoft' is putting it mildly…  The story would take hours and hours to write, so if I give

    you the case #, now there are two..   and the issue has yet to be anywhere near solved, although I have fullfilled the request,

    even above my requirements in submitting my passport and visa information, Student ID, to these people which ended up in

    nothing…  If you are limited as to what you can do, i extremely would be grateful if you could provide me some really really

    important people who is way above these guys because i don't want to give my story to people who won't do anything.. I have been

    an extremely loyal customer ever since I was a kid, with my first being my hotmail account in 1998(allent99@hotmail.com) and as

    you can see i have 3 just because they tell me to make a new one because they cert or key is not good on the other ones..  

    i am soooooo really tired of these emails, no results, invasion of privacy, lack of response,  lack of a real solution as

    Support is suppose to give as Prakash did in my behalf… Prakesh is a support engineer for Dream Spark who apphub uses as a

    education verification for this program as I am applying for. they had a problem this past weekend and he quickly help me fix my

    problem, but apphub still has a problem, AND I AM SO TIRED OF REDOING, RESUBMITTING DOCUMENTATION, OPENING EMAIL ACCOUNTS,

    EDUCATION EMAIL ACCOUNTS, BUILDING MORE DUMMY APPS… SOOOO TIRED! So I just hope there are two people in microsoft as he was,

    and i hope you can, to help me provide a solution..  This problem is over 2 months old now.

    I think why, do I now want to help develope software for the better ment of MS and us, because i feel sooo exhausted, the

    Windows 7 phone is a lemon, with the hopes of becoming a peach, but the people in those departments are totally and extremely

    useless people… i wouldn't hesitate to fire all of them..  

    I worked as a 4th level support Engineer at Cisco, and an intern for MS and Sony, Apple.. now i am doing my thesis in China to

    examine the why techonology here is copy and the inventives are other countries.. it is my opinion unless these two giants merge

    to gether, technogology is going to crash…  (my opinonated with proof THesis for my Masters Degree)… so you can see, as I am

    american, my own country has pounded me with red tape over a simple matter.. wore me down, beat me up and contiinue to chew me

    up and spit me out and give me a lot of grief..  So anyway, if you can read my case or if you need it, i can email all the

    documentation that i have had to write, come up with, or if you want to provide me some really reactive people in the

    organization that can be on the side of the consumer so they can clean house..  i am very grateful…  

    Case #1: MSFT App. Hub Order #: 7577186 (#8083-234931834-7281) Apphub to  cs-geotrust to Maria Veronica Perez(symantec)

    unresolved and order cancelled(not me, them).

    Case #2: SRX1157379843ID – ID Validation – Dev key (MSFT App. Hub Order #: 7577186 (#8083-234931834-7281));SRX1157379843ID…

    Per Maria Veronica Perez because Case #1 was a cross-border racism issue….so case #2 was just to put my american address, but

    it turns out they want everything all over again, and the website is bad and refers me to xbox.. and then they don't reply me

    until *** at them… and then they blame your group as to why I can't.. today, do as Prakash told me to do, but their website

    still repeats itself… I don't want to do anymore, i am finished, i cant do more of this crap…  

    thank you very kindly, and I hope i can count on your support.

    Allen, Donald, D, (as i have to register on app_hub so many times because their stupid website stalls and kicks you out to

    repeat repeat…

  2. Allen says:

    I think I am glad I found this place… finally get to heart of the issues that i an the others bring up that 1) could save millions in lawsuits, government inquiries, and 2) restore confidence to the developers, purchasers of the product that MS has said that it "REALLY REALLY works"…

    hmm… so I hope you have my email and you can present a solution and not more stuff that people worried say… never shut up and go in a circle and a circle.. and never get to the point..

    I will leave now on the good faith, i can get a LOT OF satisfaction back not just a Dev key but more.. for all the H-E-double toothpick I have been through on this nightmare… an email from my favorite man in the world, Mr. Bill Gates, with his authentic handwritten sig would be awesome..

    i wish he was back.. MS has never been the same without him!

  3. rose love /sakuna@live.com/facebook says:

    thanks somuch

  4. annaliza says:

    help me suport all and i want to privacy

  5. Jorcileide Novais Ferreira says:

    Gostei demais, o que mais precisamos é de privacidade e segurança.Obrigada

  6. Martha Grootveld says:

    Ik weet niet of ik altijd alles goed doe om te beveiligen,ben 66 jaar

    en ben niet zo,n ster op de PC.Dank U mevr. M.G