CNN.com - Transcripts

Transcript Providers

Return to Transcripts main page

CNN Live Today

Microsoft Once Again Settles With Government

Aired August 08, 2002 - 12:42 ET

THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.

FREDRICKA WHITFIELD, CNN ANCHOR: Computer giant Microsoft has once again settled with the government. This time, it involves the security of your personal information online. Federal regulators are worried that Microsoft's Passport Internet service could make your personal information vulnerable.
For more on this, we are joined by CNN's own computer guru Daniel Sieberg. What exactly is at issue? What's the Passport.

DANIEL SIEBERG, CNN CORRESPONDENT: Yes, well, that's a good question off the top. Many people may not be familiar with what Passport is as a service. If you have a Hotmail account, for example, you are actually part of the Passport service. It is a strategy from Microsoft that's also tied in with Windows XP, its operating system, and the dot-net strategy of getting people online.

The idea behind it, is you log on once. It's single online authentication system. You can share as much personal information that you are comfortable with. That may involve your credit card information and other personal details that then Microsoft would share with other companies. The convenience factor is that if you surf around to other sites that are part of this passport service, you wouldn't have to continually log on and continually share all this information.

But today, the SEC determined that Microsoft made deceptive claims and misrepresented to security and privacy of Passport, and although the FTC found no evidence of any security breeches, it wanted to be proactive with its decision.

(BEGIN VIDEO CLIP)

TIMOTHY MURIS, FTC CHAIRMAN: The bottom line is that it takes meaningful and appropriate information security practices to protect consumers privacy. You just cannot have one without the other. Why wait for security breech to occur when you have the opportunity, not to mention a legal obligation, to prevent it in the first place.

(END VIDEO CLIP)

WHITFIELD: So he really explains it, even though there weren't any security breeches, this is really a proactive, preventive now move they are making, right?

SIEBERG: Exactly. They were also concerned about the type information that was being gathered, not that it was breached, or that security breeches happened, but that Microsoft was collecting, or the FTC says, information that they hadn't told information, for example, log-on times and dates, something that people may not have been aware was being collected by Microsoft.

Again, important to point out there were no security breeches in this case, not that the FTC found.

WHITFIELD: Even like credit card information. I mean, what can a consumer really do to try protect themselves. because they are kind of putting everything out there, aren't they?

SIEBERG: Right, absolutely. That's definitely the concern that people may have when it comes to Passport. Privacy groups were the ones who decided to launch this complaint with the Federal Trade Commission about a year ago. The Electronic Privacy Information Center decided to launch this, or EPIC, decided to launch this complaint, because they found that people weren't as aware as they could have been of how their information was being shared.

If people are concerned, you can go to these consumer groups, like EPIC, You can also check the Web site where you're going for their privacy regulations, or what they are offering you in terms of privacy, or you can simply just decide to not use that site at all if you are concerned at all about your privacy.

WHITFIELD: Wow. And some of us are lucky here, because we will just go to you, which is what I will probably be doing.

SIEBERG: I wanted to point out as well, what Microsoft has said they will do as a result of this ruling. There is a few points that they have to actually adhere to as part of this ruling. First of all, they have to make no false -- make no misrepresentations in the future, or they will face substantial penalties. In fact, they will face up to $11,000 per day, per violation, if the FTC finds any of these violations in the future. They have to be responsible with their security program, and make sure it is implemented with Passport or any other similar service.

As well, they have to have an audit by an independent third party every two years for next 20 years. So the FTC is going to be watching them very closely when it comes to passport and people's privacy.

WHITFIELD: I would say that is more than a warning. They are going to be watching very closely.

SIEBERG: Microsoft for its part said it's made some changes, and they are going to be adhering to what the FTC has said.

WHITFIELD: All right, Dan, thanks. Appreciate it.

SIEBERG: Thanks.

TO ORDER A VIDEO OF THIS TRANSCRIPT, PLEASE CALL 800-CNN-NEWS OR USE OUR SECURE ONLINE ORDER FORM LOCATED AT www.fdch.com