Microsoft defends Passport privacy

Privacy advocates worry that the online ID service and similar technologies could be used--and abused--by the government or hackers. But Microsoft calls it an "opportunity" for consumers.

2 min read
SAN FRANCISCO--What if technology that could track your every move was embedded in your cell phone, your smart card and your laptop?

And what if that information were tied to a database that stored personal information about you?

We're not there yet, but as we move toward an increasingly networked world, marketers are salivating over the possibility of linking that data--for example, tying your route home to your penchant for pizza, or your presence at a ball game to your work schedule.

At a panel of the Computers Freedom & Privacy conference here Thursday, representatives from companies building such networks faced off against privacy advocates in a discussion about the future of databases.

Jason Catlett, president of privacy advocacy group Junkbusters, compared services such as Passport, Microsoft's online identification service, to a transnational identification card. Catlett warned that such systems could turn into a deep database of information that could be controlled by the government or an oligarchy of companies.

"With these databases, you can be targeted. People don't want to be targeted," he said.

Catlett and other privacy experts already have filed a complaint with the Federal Trade Commission, saying Passport deceives and coerces consumers into parting with their data. Catlett said it will only get worse when such information can be tied to people's whereabouts.

However, Microsoft executive Brian Arbogast defended Passport, one of several technologies the U.S. government is considering testing for use in a national ID system, according to Mark Forman, associate director of IT and e-government at the Office of Management and Budget. Arbogast, Microsoft's vice president of the .Net Core Services Platform, said technology can actually enhance privacy and security by letting consumers decide how much personal information they want to give up in exchange for services.

"I think there's an opportunity for technology to help people be in control of the data they have, how it gets used," he said.

Arbogast countered jabs from the audience about Microsoft's insecure products. "We're going to do everything we can to make (our products) secure," he said. However, he conceded that "you're never going to have me or other people say you can guarantee security, because you can't."

Audience members also wanted to know what Microsoft would do with its databases if law enforcement officials were to ask for the data, requests that are increasing in a post-Sept. 11 era. Arbogast warned that consumers should be careful before they reveal personal information because "any data that's held by any corporation is subject to subpoena."

Privacy has become somewhat of a backburner issue since the terrorist attacks, as citizens have become more tolerant of surveillance plans launched in the name of national security.

Avi Rubin, principal researcher with AT&T Labs, said that in an ideal world, companies would consider privacy as they build their networks, but he's not optimistic that will happen anytime soon.

"Unless forced by consumer demand, I don't think vendors are going to build in privacy," he said.

Alorie Gilbert contributed to this report.