|
Securing the Passport: Microsoft
and FTC Settle Privacy Violation Allegations
By Clay Ryder
Microsoft and the Federal Trade Commission have
agreed to settle FTC charges regarding the privacy and security of personal
information collected through Microsoft Passport Web services. As part of the
settlement, Microsoft will implement a comprehensive information security
program for Passport Single Sign-In (Passport); Passport Express Purchase
(Passport Wallet); and Kids Passport. Passport maintains personal information
and provides single sign-in at participating Web sites, Passport Wallet
maintains credit card information, and Kids Passport allows parents to create
Passport accounts for their children that can limit the collection of
personal information. The FTC began its investigation following a July 2001
complaint from a coalition of consumer groups led by the Electronic Privacy
Information Center (EPIC). The complaint alleged that Microsoft falsely
represented that it employs reasonable and appropriate measures under the
circumstances to maintain and protect the privacy and confidentiality of consumers’
personal information collected through Passport and Passport Wallet services;
that purchases made with Passport Wallet are generally safer or more secure
than purchases made without Passport Wallet; that Passport did not collect
any personally identifiable information other than that described in its
privacy policy when, in fact, Passport collected and held, for a limited
time, a personally identifiable sign-in history for each user; and that the
Kids Passport program provided parents control over what information
participating Web sites could collect from their children. The proposed
consent order prohibits any misrepresentation of information practices in
connection with Passport and other similar services. It also requires
Microsoft to implement a comprehensive information security program that must
be certified as meeting or exceeding the standards in the consent order by an
independent professional every two years. The FTC is accepting public comment
on the proposed order for thirty days, until September 9, 2002, after which
the Commission will determine whether to make it final.
The premise of Passport is straightforward: let
Microsoft guard your personal information for you to help make your Internet
and shopping experience easier, safer, and more secure for you and your kids.
Others counter that Passport is yet another example of monopolistic
bullheaded thinking designed to ensure that no one escapes the clutches of
the Redmond giant. We can probably agree that the trust relationship in
commerce is paramount and making promises and then weasel-wording one’s way
out of them is simply not good business. For example, if a bank were to tell
a client that his account information is sacrosanct and nothing less than a
court order would cause its release, but then told a grocery store the
citizen’s account balance, home address, and to whom the last five checks
were written, said citizen would cry foul. While Microsoft’s intentions,
either good or bad (it does not matter) can be argued until the cows come home,
the company’s playing fast and loose with Passport user data has
unnecessarily raised the ire of its customers and the specter of yet more
government supervision, and has added more fodder to the “Microsoft can’t be
trusted” fire. Regardless of one’s particular religious bent on this, the
issue at hand is whether a business has to keep its explicit and implicit
promises. A smaller operator playing a similar game would probably not cause
so large an outcry, but when one is in the big leagues, big league expectations
of corporate responsibility follow which Microsoft cannot hope to escape.
Unfortunately, all this hemming and hawing casts a dark shadow over the
positive aspects of Passport and related services and the value they can
offer consumers. Given the long history of world commerce, we would expect
the following to be a given, but we will say it for those who forget: If you
make a promise to your customer, keep it. It is much easier than any other
course of action and in the end, you and your customers will be better off
for it.
|
|
IBM, HP Both Announce Low Power
Initiatives
By Charles King
IBM has announced a research program to address
escalating power consumption issues and help reduce cooling and power supply
costs for IT infrastructures. As part of this program, the Defense Advanced
Research Projects Agency (DARPA) will support IBM’s Center for Low Power
Computing in Austin, Texas as part of the agency’s Power Aware Computing and
Communications (PACC) efforts. Under the agreement with DARPA, IBM will
perform research on reliable, power-aware systems, developing new technology
for reliable, energy-efficient, and high-performing computing platforms. The
results will be prototyped in 2003 for some military applications by BAE
Systems, and will be used by IBM internally to develop power-efficient
products. IBM will also develop design tools to estimate and analyze the
power consumption and performance of PowerPC-based computing systems. As part
of the new low power program, DARPA has pledged about $2 million in funding
to support IBM’s Center for Low Power Computing.
In an unrelated announcement, Hewlett Packard
declared that it is working on a suite of technologies to address the growing
problems of heat generation and energy use in microprocessors and data
centers. HP Labs researchers have created a system to model heat distribution
throughout a planned data center, allowing facilities to be designed and
built to optimize energy use. The company is also developing semiconductor
cooling solutions based on the company’s inkjet printer technologies, in
which mechanisms will spray measured amounts of dielectric liquid coolant
into specific areas of a chip. According to HP, this new technology avoids
the “pooling” effect of other phase change liquid cooling methods. No pricing
or availability information was included in the announcement.
While power consumption may not be imbued with the
innate technical sexiness of, say, revving up RISC chip performance by 15%,
we believe it speaks to both short and long term issues that critically
affect the strategic efforts of IT vendors. The rolling blackouts California
experienced in the winter of 2000 and the subsequent revelations of Enron’s
and other power brokers’ involvement in that debacle have offered a
particularly dirty window into the seismic nature the energy markets and how
vulnerable consumers of every sort can be. At the same time, the economic and
environmental effects of IT-related power consumption continue to grow. A
1994 DOE report (issued long before PCs and the Internet became business
place and household mainstays) estimated that at the time, 10% of all energy
consumed in North America went to support IT systems. Since we expect that
IT’s current share of energy consumption is far more significant, and as the
U.S. hovers at the edge of what many worry may become a “double dip”
recession, the IBM/DARPA deal and HP’s research efforts qualify as simple
good economic sense, if nothing else. But we believe a longer term issue is
also at play here. As the IT industry grinds slowly if finely toward an
increasing reliance on industry standard products, vendors’ discreet
technical advantages are likely to slowly decrease in importance to their
customers, their competitors, and the market at large. In that future we
envision, businesses from SMBs to global enterprises will analyze and choose
IT solutions based on wide-ranging metrics that are sure to emphasize power
consumption TCO projections. Overall, we believe IBM’s and HP’s efforts in
this area reflect both companies’ considerable long term strategic vision.
|
|
IBM Announces Linux Apps/Solutions
Customer Wins
By Jim Balderston
IBM has announced ten new customers for the
company’s Linux-based hardware and software solutions, including several
SMBs, which are implementing Linux solutions for core business processes. New
enterprise and government customers include Air New Zealand, Deutsche
Telekom, 7-Eleven, Wolfermans, Centrelink, and the Jet Propulsion Laboratory,
as well as SMBs Satellite Records and Westport River Winery, and bring the
total number of IBM Linux customers to more than 4,600. According to IBM, the
company’s SMB Linux strategy hinges on its partnerships with ISVs that focus
on the SMB market such as ACCPAC, a subsidiary of Computer Associates that
offers a Linux version of its Advantage Series accounting package for SMBs.
IBM’s SMB Linux offerings typically include the company’s Intel-based xSeries
servers running Red Hat or another Linux operating system, as well as
supporting applications such as IBM’s DB2 database software, WebSphere, Lotus
Domino and Lotus Notes.
While Microsoft’s huge desktop footprint offers the
company’s small business-focused apps and solutions unique and almost
insurmountable advantages, it is easy to see why IBM and other enterprise
vendors covet the SMB market. According to the U.S. Chamber of Commerce,
companies of 500 employees or less make up just over half of all companies
and those ranging from 10-500 employees account for almost 40% of all
companies. The Small Business Administration notes in a report updated in May
2002 that SMBs (defined as under 500 employees) account for more than 99% of
all employers, 51% of all U.S. employees, between two-thirds and
three-fourths of all new jobs, a third of all federal prime and subcontract
jobs and 96% of all exporters of goods. In other words, SMBs constitute a
massive market all on their own. When one calculates the potential sales
represented by small businesses that grow into large enterprises, their
allure is irresistible.
Do SMBs have any real hope for non-Microsoft options
when it comes to operating systems and desktop environments? Conventional
wisdom would say nope, nah, nada, and nein. Linux appears to be gaining
traction in server environments, but the penguin lacks the necessary apps to
migrate into warmer waters. Is conventional wisdom a reasonable assumption in
the case of IBM? Perhaps not, especially when considering the company’s
history of working with ISVs to find new sales opportunities. The real
question is how IBM’s increasing reliance on service-related opportunities
and revenues fits into the SMB market. These smaller concerns do not for the
most part view the investment into IT expertise as essential or even desirable
in the long run. Instead, these companies are looking for reliable,
reasonably priced options that will allow them to focus on their core
businesses with no interest in becoming ground-breaking IT innovation shops.
Moving forward, those vendors wishing to offer SMBs a viable and palatable
option are going to have to demonstrate no muss, no fuss solutions that, like
the air conditioning or telephones, hum right along with very little human
intervention. The self-healing, self-maintaining, and self-managing IT infrastructure
promise of IBM’s eLiza initiative is an offering that has been highly touted
for large enterprises, but we believe that the reliability and stability it
promises would be equally, if not more, apropos and appealing to the SMBs of
the world that are just trying to get their invoices out the door and their
payments back in.
|