The New York Times takes an in-depth look at Microsoft’s changes to its privacy policies and the lack of public response to the moves by the software giant:
Microsoft instituted a policy on Friday that gives the company broad leeway over how it gathers and uses personal information from consumers of its free, Web-based products like e-mail, search and instant messaging.
Almost no one noticed, however, even though Microsoft’s policy changes are much the same as those that Google made to its privacy rules this year.
Google’s expanded powers drew scathing criticism from privacy advocates, probing inquiries from regulators and broadside attacks from rivals. Those included Microsoft, which bought full-page newspaper ads telling Google users that Google did not care about their privacy, an accusation it quickly denied.
The difference in the two events illustrates the confusion surrounding Internet consumer privacy. No single authority oversees the collection of personal information from Web users by Internet companies. Though most companies have written privacy policies, they are often stated in such broad, ambiguous language that they seem to allow virtually any use of customers’ personal information. […]
Microsoft’s policy, which it calls its Services Agreement, allows it to analyze customer content from one its free products and use it to improve another service — for example, taking information from messages a consumer sends on Windows Live Messenger and using it to improve messaging services on Xbox. Previously, that kind of sharing of information between products would not have been allowed under Microsoft policies, which limited the use of data collected under one of its products to that product alone.
Microsoft has promised, however, that it will not use the personal information and content it collects to sell targeted advertising. It will not, for example, scan a consumer’s e-mails to generate ads that might interest the user. […]
But the new Microsoft policy does allow for such targeted advertising. Microsoft promised not to do so in blog posts and e-mails informing its customers about the change, but not in the formal policy. That has some privacy advocates nervous.