Microsoft Says It's Cool With California's New Privacy Law

from the competing-on-privacy dept

We've made it abundantly clear that California's new privacy law is aggressively undercooked, and will require some very serious fine tuning if it's going to be workable for many California companies. At the same time, giant companies like Google, Comcast, and AT&T have spent a lot of time aggressively misrepresenting what the law actually does, running ads outright lying about the bill's impact, and downplaying the fact that states wouldn't be wading into the privacy waters if these companies hadn't lobbied to kill modest federal privacy requirements in the first place.

Whereas companies like Facebook have repeatedly and routinely tripped over themselves in almost dystiopian fashion to make their existing regulatory headaches worse, it has been interesting to watch Microsoft, steeled from its experiences in the late 90s, navigate the current minefield more deftly. That was on display again this week when Microsoft came out in seemingly total support of California's new privacy law, with a blog post by Chief Privacy Officer Julie Brill stating the company intends to apply its adherence to the California Consumer Privacy Act (CCPA) law nationwide:

"CCPA marks an important step toward providing people with more robust control over their data in the United States. It also shows that we can make progress to strengthen privacy protections in this country at the state level even when Congress can’t or won’t act.

We are strong supporters of California’s new law and the expansion of privacy protections in the United States that it represents. Our approach to privacy starts with the belief that privacy is a fundamental human right and includes our commitment to provide robust protection for every individual."

It may just be that I've covered telecom companies like AT&T for too long, but it's interesting to note that nowhere in the blog post does Microsoft even fling so much as an underhanded, veiled criticism of California's efforts. It's a notable contrast to other Internet Association members, many of which have been running advertisements falsely claiming the bill will result in people having to pay per click just to access websites that used to be free:

While Microsoft is still a member of the group running these ads, the blog post seems to indicate at least a few people at Microsoft understand that this is a battle you're not going to win by swimming upstream or doubling down on idiotic behavior (oh hey Facebook, didn't see you standing there).

Outside of the problematic COPPA, there's no meaningful US privacy laws for the internet era, and the endless series of hacks, breaches, incompetence (like leaving private data in openly exposed Amazon cloud buckets) make it clear modern US industry is too incompetent to self regulate and we need at least some basic rules of the road on privacy. Yes, government dysfunction and corruption means it's going to be ugly as hell as we figure out what that looks like, but that doesn't somehow magically eliminate the necessity for some meaningful penalties for incompetent privacy-violating corporate giants.

Microsoft's clear support for existing efforts is a far cry from the response by companies like Facebook and AT&T. Both companies claim they want a federal privacy law, but what they really want is their lawyers to write a loophole-filled federal law with only one real purpose: to pre-empt any tougher state or federal measures. They're well aware that any good bill will result in informed, empowered consumers who'll opt out of snoopvertising, costing them billions, and their response is to try and undermine those efforts at every opportunity.

And while it's certainly possible Microsoft feels the same way and is just engaged in a convincing head fake here, it's also possible Microsoft seriously intends to actually compete on privacy, realizes the die is already cast thanks to an incredibly pissed off public, and knows that swimming against the tide is going to prove counterproductive and harmful to their brand--and their customers--over the longer haul.

Filed Under: california, ccpa, privacy
Companies: microsoft


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Federico (profile), 13 Nov 2019 @ 2:07pm

    Microsoft products already declared illegal in EU

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Nov 2019 @ 2:19pm

    Interesting take from a company that is engaged in what may well be copyright infringment and privacy invasion at the same time.

    https://medium.com/sensorfu/how-my-application-ran-away-and-called-home-from-redmond-de7af0811 00d

    Some people claim that should be fair use... but it definetly doesn't seem that cut & dried to me.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 13 Nov 2019 @ 3:20pm

      Re:

      Honestly, you should program from a firewalled/sandboxed virtual machine or a more developer friendly platform like linux imo. Windows was developed with low knowledge consumer use in mind.

      You could probably also avoid that happening by developing the application as a matlab .m file though that isn't exactly what its main use is.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 13 Nov 2019 @ 3:59pm

        Re: Re:

        I don't use windows, but I was linking to an article.

        However if you want to tell the article author who makes windows apps to not use windows so that problems from MS don't show up... that seems kind of pointless.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Nov 2019 @ 6:49am

      Re:

      There are a lot of antivirus applications that do that exact same thing, not just Defender. Actually most do nowadays. It's pretty much necessary to spot and identify new threats.

      You can't really blame Microsoft for trying to keep people secure and doing the same thing all the other major antivirus companies are doing.

      And you can't say they should stop doing that either because that would dramatically decrease the effectiveness of antivirus and detecting new threats.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 14 Nov 2019 @ 7:41am

        Re: Re:

        "It's pretty much necessary to spot and identify new threats"

        • antivirus detects threats it has been made aware of. It does not afaik, detect new viral threats. Periodic updates provide for the detection of newly identified baddies.

        "You can't really blame Microsoft for trying to keep people secure"

        • You can however, blame them for doing it poorly

        I do not see how what is described in this story will "dramatically increase the effectiveness of antivirus and detecting new threats"

        reply to this | link to this | view in chronology ]

  • icon
    Norahc (profile), 13 Nov 2019 @ 2:34pm

    Isn't Micro$oft coming down on the side of consumer privacy one of the signs of the Apocalypse?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Nov 2019 @ 3:58pm

    Compared to others Microsoft is actually a pretty good company.

    Microsoft's big problem hasn't been intentionally disregarding privacy though there have been a few poor decisions in past versions of windows that have been corrected.

    Microsoft is having a hard time making a reasonably secure operating system. It is starting to implement some of the basic things it should have done in the 90s like a built in firewall and malware scanner but if they really had privacy and security in mind then their hardware vendors would have been pressured into secure boot environments, separate sandboxes would be running for all applications, there would be a way to set permissions so apps can't access each other or network resources if blocked, and you could easily check for fileless processes running on your system.

    Making Intel fix its insecure processor mess is another huge issue that affects Windows but is not actually Microsoft's fault.

    Given the time and resources Microsoft has had at the helm of its monopoly all of that would have been possible if they had cared to develop it.

    reply to this | link to this | view in chronology ]

    • icon
      Federico (profile), 13 Nov 2019 @ 11:54pm

      Microsoft is in the business of surveillance

      Are you sure about that?

      «According to The Times, a patent application has been filed by Microsoft for
      a computer software that can monitor the employees’ performance and state,
      by means of wireless sensors linking workers to their computers.»
      https://edri.org/edrigramnumber6-2spying-tools-microsoft/

      Not to mention all the business with the military-surveillance industrial complex.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 14 Nov 2019 @ 5:28am

      Re:

      "Compared to others Microsoft is actually a pretty good company."

      Not sure which fallacy this is, false equivalence or insane troll logic.

      reply to this | link to this | view in chronology ]

  • icon
    Code Monkey (profile), 13 Nov 2019 @ 4:41pm

    Did she just say that..?

    "......Our approach to privacy starts with the belief that privacy is a fundamental human right and includes our commitment to provide robust protection for every individual...."

    That just reeks of Jack Daniels and failure

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Nov 2019 @ 4:51am

    There will be a new privacy law ,in the long run its better for the tech companys that there is a law that covers the usa ,
    theres no way tech sites could change there policys and data collection for every user, if there was different laws in every state .Right now google has acess to 50 million americans health data through a partnership with a health insurer .
    the law now seems to be facebook or any other company can sell almost any data to any other company at least for users outside california .

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 14 Nov 2019 @ 7:53am

    Savvy Move from Microsoft

    Microsoft can differentiate itself from Google, Amazon, Oracle and others for government contracts - which this adherence to California privacy law is focused.

    By not fighting these government policies up front they've already opened the door for future contract approvals.

    Why fight the tide when you can ride the wave to profits...

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.