Microsoft Gets Religious About Data Anonymization

Before it plunges into the world of third-party advertising with the $6 billion purchase of aQuantive, Microsoft is getting its privacy ducks in a row.

On July 23, the company called on the industry and the privacy community to work together on a common set of global privacy practices for data collection, use and protection when it comes to search and online advertising. Microsoft also announced that it’s joining the NAI (Network Advertising Initiative)—a group of third-party network advertisers out to convince consumers it’s safe to shop online—when it begins to offer third-party ad serving later this year.

At the same time, Microsoft also followed in Google’s shoes vis-à-vis announcing that it will anonymize search query data after 18 months with the permanent removal of cookie IDs, entire IP addresses or other identifiers from search terms.

For its part, Microsoft rival Google also recently announced that cookies would automatically expire on systems belonging to people who don’t use Google after two years. Google also announced in the spring that it would anonymize search data after 18 months.

Brendon Lynch, Microsoft’s director of privacy strategy, told eWEEK in an interview that the company is taking these data privacy-related steps now because “we feel it’s the right time to provide more insight regarding what our practices are for our customers. This is being debated right now. This is about us describing what we’re doing in this world.”

Of course, consumers want the best of both worlds, he said: They want free, personalized services, but they want their privacy protected.

“It’s tough for them,” he said. “There are different policies and sometimes a lack of clarity” around what those policies are—a fact that was pointed out in the spring by the nonprofit privacy group Privacy International when it gave Google’s privacy policies and practices a flunking grade.

Pete Lindstrom, research director with Spire Security, in Malvern, Pa., dismissed all the privacy talk as a subject whose main purpose is to give people a feeling of confidence without the companies in question having to actually do anything.

Anonymizing data, for example, could be “as easy as deleting old stuff,” he said in an interview. “Any enterprise … has responsible communications and programs [to reduce the] amount of information they retain anyway from a legal and intellectual property perspective. Leveraging that on the … consumer side doesn’t strike me as difficult to do at all. It’s just a function of … time-stamping logs and tracking them. It doesn’t make me go, ‘Oh my gosh, this is going to be some untenable’ technological feat,” he said.

Read more here about Google’s plans for Postini.

Regarding the magic 18-month time frame for anonymizing data, Lynch said that Microsoft, of Redmond, Wash., arrived at that figure for a number of reasons. The first of those reasons has to do with the actual quality of search results in and of themselves. Microsoft can better improve indexing and algorithms if the company has historical data it can correlate, he said. “We can learn from previous searches made, to enhance the value customers are looking for with our service,” he said.

Another rationale behind the 18-month time frame is the integrity of Microsoft’s business model, Lynch said. “We have paid advertisers paying for placements of sponsored links,” he said. “We have to maintain data to determine how much they should pay us for service based on how many times their links are clicked on.”

At the same time, he said, there’s click fraud to deal with. To investigate click fraud—in which an unreasonable amount of clicks come from one IP address—Microsoft needs those IP addresses to investigate. “If 1,000 clicks on one link come from one IP address, somebody’s built a little script to do that to try to screw up the financial model here,” Lynch said. “The IP address helps a little more if we want law enforcement involved.”

A third rationale behind the 18-month timeframe is security, Lynch said. “Data here is useful” to trace attacks such as those coming from botnets and denial-of-service attacks, as well as information that might help track activity around child predation, he said.

aQuantive brings Microsoft a tool set enabling clients to develop, target and execute an online advertising campaign. This acquisition, announced in May, follows hot on the heels of similar moves by other companies. Advertising giant WPP Group is buying 24/7 Real Media for $649 million, while Google announced plans in April to acquire digital advertising company DoubleClick for $3.1 billion and Yahoo bought the rest of Right Media for $680 million. The aQuantive acquisition also gives Microsoft increased depth in building and supporting next-generation advertising solutions and environments such as cross-media planning, video-on-demand and IPTV.

During the second quarter, Google, of Mountain View, Calif., made several big moves, including the purchases of e-mail security and management firm Postini for $625 million and of graphical advertising firm DoubleClick.

Microsoft is also updating its current privacy policies to more specifically address online advertising and search data collection and protection. Microsoft privacy principles for Live Search and online ad targeting include the following, as quoted from the company’s statement:

1. User Notice. Microsoft will continue to be transparent about its policies and practices so that users can make informed choices. It will regularly update the Microsoft Online Privacy Statement, accessible from every page of each major online service it operates, to maintain transparency as its services evolve or its practices change. This will include an update to its privacy statement to provide more detail on online advertising and search data collection and protection.

2. User Control. Microsoft will continue to implement new privacy features and practices as it continues to develop its online services and offer new controls that help users to manage the types of communications they receive from Microsoft. For example, once the company begins to offer advertising services to third-party Web sites, it will offer customers the ability to opt-out from behavioral ad targeting by Microsoft’s network-advertising service on those Web sites. Microsoft will also continue to develop new user controls that will enhance privacy, such as letting people search and surf its sites without being associated with a personal and unique identifier used for behavioral ad targeting, or allowing signed-in users to control personalization of the services they receive.

3. Search Data Anonymization. Microsoft will implement specific policies around search query data, be explicit with customers about how long the company retains search terms in an identifiable way, and inform people of when and how it may “anonymize” such data. Specifically, Microsoft will make all Live Search query data anonymous after 18 months, unless the company receives user consent for a longer time period. This policy will apply retroactively and worldwide, and will include permanently removing the entirety of the IP address and all other cross-session identifiers, such as cookie IDs or other machine identifiers, from the search terms. It will ensure that any personalized search services involving users choosing a longer retention period are offered in a transparent way with prominent notice and consent.

4. Minimizing Privacy Impact and Protecting Data. Microsoft will continue to design its systems and processes in ways that minimize the privacy impact of the data it collects, stores, processes and uses to deliver products and services. For example, Microsoft will store Live Search service search terms separately from account information that personally and directly identifies the person, such as name, email address, or phone numbers. Moreover, Microsoft will maintain and continually improve protections to prevent unauthorized correlation of this data. Microsoft will ensure that any service requiring the connection of search terms to individually indentifying account information are offered in a transparent way with prominent notice and user consent.

5. Legal Requirements and Industry Best Practices. Microsoft will continue to follow all applicable legal requirements as well as leading industry best practices in the markets where it operates. Microsoft adheres to globally recognized privacy standards set forth in the Organization for Economic Cooperation and Development and Online Privacy Alliance guidelines, is a member of the TRUSTe Privacy Program, and abides by the safe harbor framework for personal data from the European Union. When it begins to offer advertising services on third-party Web sites, Microsoft will follow applicable Network Advertising Initiative Principles.

Check out eWEEK.com’s Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK’s Security Watch blog.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles