Microsoft changes Passport privacy terms

Microsoft has changed the terms of use policy for its Passport service following criticism from privacy advocates.

Passport is a single sign-in service that gives consumers a key for multiple websites. It is also the 'authentication layer' for Hotmail, Microsoft's free email service, and an upcoming service called Hailstorm, which will be one of the company's first applications in its new .Net initiative.

The original terms of use for Passport, which has 160 million customers, gave Microsoft authorisation to "sublicense to third parties the unrestricted right to exercise any of the foregoing rights granted with respect to the communication" and "publish your name in connection with any such communication".

The terms also limited the company's use of customer personal information "in connection with [customer] registration for the Passport service(s)", giving the website's privacy policy ultimate reign over the terms of use and any "conflicting language contained in these terms of use concerning use of such information".

The agreement also pointed out that the terms do not apply to "documents, information, or other data that you upload, transmit or otherwise submit to or through any Passport-enabled properties".

The new, stricter agreement clarifies Microsoft's right to use customer communications only in the case of an exchange with the company. But the terms also make it clear that Passport's terms of service do not apply to other Microsoft services such as Hotmail.

Privacy advocates were outraged at the original terms of use for Passport, which apparently granted Microsoft enormous control over customer communications, and which contradicted the site's privacy policy.

Deborah Pierce, staff attorney for the Electronic Frontier Foundation, said the original terms of use brought up the issue of trust.

"Why should I trust this company with managing all of my personal data? When I see terms of service that basically gives them control over my personal information and potentially the content of messages, that doesn't instil confidence or trust in me for their new service," she said.

The fact that the terms of use and privacy policies went largely unnoticed for nearly two years emphasises the widespread disregard for such policies, which are often written in legalese and run to several pages. Web visitors often do not even notice such site policies.

With the new agreement, Jason Catlett of Junkbusters said that important alterations had been made. "They have retreated on the over-arching language and patched it to limit the language," he said.