Peter Cullen keynote address at today's FOSI Conference

This morning at the Family Online
Safety Institute Conference
in Washington, D.C., Peter Cullen, GM
Trustworthy Computing Group and Chief Privacy Strategist for Microsoft
delivered the following keynote address:

 

Good
morning. Thank you for having me. It is a privilege to be among such an impressive
collection of worldwide experts in cutting-edge fields.

The
world is a complicated place, and companies need to think about the complex
issues of Internet freedom, safety and citizenship. In our view Companies need to think
differently about these issues and consider making investments in perhaps
different ways to help address these complex issues – both internally and how
they partner with governments, law enforcement agencies, industry and civil
society. It is fitting that the title of
this conference is “Internet Freedom, Safety and Citizenship.” But it is even
more fitting that your theme is what “action” is required.

What
I wanted to do today is share a bit about why Microsoft thinks these issues are
so key to our business and to the successful growth of our internet economy and
a bit about how we think about investments to help deal with the myriad of
issues that exist today. The “how” we do
it is less about Microsoft but more about sharing our experience in the hopes
that it may give other organizations some ideas that will work for them.

You
may have noticed I have the title of Chief Privacy Strategist, but I also have responsibility for what we
call Online Trust and Safety along with Freedom and Expression as well as
Accessibility and GeoPolitical.

As
more of the world’s information, commerce, and communications move to digital
form, doors are being opened to a new world of connected experiences where we
are able to create and share information quickly and seamlessly. At the same time, concerns about the
collection and use of personal data, security and data breaches, and online
fraud and identity theft, children’s online safety threaten to erode public
confidence in the computing ecosystem and slow the advance of digital commerce.

At
Microsoft, we look at privacy and “online trust and safety” as separate but
inter-related disciplines – one of the reasons these core strategic areas are
anchored together. People have high
expectations about how we and other Internet companies collect, use, and store
their information. People must trust that their privacy and
safety will be protected. This means that Microsoft, and all companies
operating online, must adopt strong privacy practices that build trust with its
customers. Microsoft has a deep and long-standing commitment to consumer
privacy. They also expect us to help
provide a safer online experience for themselves and their families. Do this and we earn “Trust” – this one reason
is why these core areas are of such importance to Microsoft. As the world’s largest software company, we
believe that technology has the capacity to help improve the lives of people
everywhere. But without trust, this vision will not be realized.

The
enormous benefits and opportunities the Internet enables require a strong
commitment to privacy & safety. We
address these issues via a four-part strategy: providing and investing in
technology, partnerships with others, and by offering guidance and education to
consumers. Core to all of this is an internal foundation of policies and
practices that help us meet our commitments. We understand shared goals are achieved by working with an ecosystem of
committed partners, including governments, non-governmental organizations
(NGOs), international organizations, other businesses, academics, and citizens. We are
strong advocates for: using technology
to strengthen economies and address problems faced by society; the benefits of
an open, fair, and safe Internet; and the responsibilities we have to operate
our business in a responsible and sustainable manner.

We
have been working in the privacy and online safety space for more than 15
years. In fact, one of the first major events we joined with a number of you
here on in 1997 was the “Online Summit for Children.” We continue to enjoy rich partnerships with
many of you as we help educate consumers. We offer guidance to help people maintain online safety and privacy; we
provide guidance to help partners develop software with privacy and safety in
mind. Our consumer site, Protect site, which focuses on safety and privacy
content, gets 1 million hits per month.

We
are committed to building trust with our customers and in our brand by
maintaining the integrity of our services and helping prevent online harms through
proactive education and the active protection of users from exploitation,
abuse, criminal activity or exposure to objectionable content enabled by
computing systems, online services, or other users.

An
example of privacy and safety in action is our newest gaming device called the
Kinect for X-Box that launched last week. The Kinect experience was also integrated into Xbox’s overall Family
Settings, putting parents in control of their family’s safety. Fifteen controls
allow parents to decide, among other things, what games their children can play
and whether they can play online. Children are required to get parents’
permission to use Kinect online, and parents can set restrictions on online
play. Sharing of videos, voice, chat, and personal information can be
controlled through Family Settings. There’s a special setting called Kinect Sharing that allows parents to
determine whether photographs taken by certain games can be shared online to
social media sites. We have a Kinect
here at the conference, I hope you will take a minute to visit the Microsoft
table in the lobby to experience the Kinect; it’s a blast!

But
none of these areas will work unless we have an ability to live up to our
promises. We call this internal Governance. While our governance infrastructure
around privacy is more mature, the same model for privacy is being adopted for
Online Trust and Safety. Today, we have
more than 35 full-time employees and over 400 part-time employees that help us
meet our overall commitments to privacy and OLTS in all of our product, service
and process designs. Products simply
can’t ship before they have gone through and assessment against our goals. This is, of course, supplemented by policies,
standards, tools, training and internal community-building efforts.

Our
efforts are aimed at meeting our commitments to provide people greater control
over how their personal information is collected, shared and used and helping
protect people from threats like identity theft. Through parental control tools on a wide
range of our products, including Windows Live Family Safety – all of which are
available for free – we also strive to give parents, teachers and caregivers
more control over the content and contacts.

Lastly,
I want to touch on our approach freedom of expression. One of the things we have heard loud and clear is that there
are international expectations of companies to both help address online safety,
public safety and child protection concerns. We're proud of the voluntary steps we've taken in this regard and we
think strong governance is essential. Equally, we hear the international expectations that companies take
steps to ensure due respect for fundamental rights to freedom of expression. We think investing in this area is key to
advancing a safer and more free internet economy. Microsoft is committed to protecting and advancing human
rights throughout the world. Along with
Google, Yahoo!, academics, investors and human rights advocates, we helped form
the Global Network Initiative to provide a systematic way to collaborate and
develop guidance on the steps we take to integrate the principles of freedom of
expression into every aspect of our business.

As
part of Microsoft’s internal effort to tackle all of these issues – privacy,
safety and freedom of expression – we tried to remove the silos and figure out
the best way to integrate all of these issues into our operating
procedures. So too, we had to do a great deal of thinking about
how we balanced compliance without stifling innovation and how we would marry high
ethical standards with effective governance structures. In this way we are approaching our commitment to Freedom of
expression is the same building block way as we have invested in privacy and
OLTS

Privacy,
safety and freedom of expression issues are all critical imperatives for a
balanced corporate citizenship program. They are also complex, nuanced and dynamic issues that will continue to
evolve as new technologies and services present both new benefits and
risks. While there are no concrete answers with
respect to addressing these issues, there are two clear imperatives.

The
first is that these issues need to be addressed in a holistic fashion –
partnership; education & awareness, technology tools and effective public
policy will all play a role. Industry,
governments, consumer groups, law enforcement, NGOs and technology users
themselves all have a role to play in helping build a safer, more trustworthy
online ecosystem.

The
second imperative is that companies need to invest more in this space. They
need to develop and implement more “accountable” governance structures that
ensure their commitments are backed up with actions. For Microsoft, this level of investment is simply part
of the way we do business – there is no question of the ROI.

I
suggest that we all need to think more deeply about our level of investment. I look forward to furthering all of
these goals as we work together to raise and discuss these issues in the
context of this very important conference – and beyond. I hope this brief tour of how Microsoft thinks
about these issues will provide with some action oriented opportunities.

Thank
you.