This story appeared on Network World Fusion at

'Net Insider:

A decision to be applauded

By Scott Bradner
Network World, 05/28/01            

This column is frequently quite critical of Microsoft - particularly regarding the security of the software systems it sells. The idea that Exchange's default setup encourages the development of Melissa-like viruses totally baffles me - but now it is time to praise Microsoft.

In November 1998, in a Network World column titled "Rough seas in safe harbors," I wrote about the U.S. government's Safe Harbor proposal to make it possible for U.S. companies to conduct business in Europe without having to meet the tough European privacy regulations. I wrote that I did not much like the Safe Harbor plan - it actually codifies the ability of U.S. companies to treat U.S. citizens as second-class citizens when it comes to privacy.

To date, not many U.S. companies have agreed to the rules. (The rules and the list of companies that have agreed are at A number of major U.S. companies and even some people from the Bush administration have called the rules impracticable, claiming they will inhibit U.S businesses and cost billions of dollars to implement. Of the 42 firms that have signed on, the only ones I recognized were Dun & Bradstreet, Hewlett-Packard and TRUSTe along with Microsoft.

Considering how many U.S. companies do business in Europe - and considering that these companies have to agree to follow European regulations or agree to the Safe Harbor rules by this July or stop doing business in Europe - only having 42 companies sign up is a rather poor response. Maybe the companies that have not signed up are still hoping that the Bush administration will convince the Europeans that violating privacy is good for the economy.

The May 16 decision by Microsoft to agree to the Safe Harbor rules will put considerable pressure on others to agree and on the administration to not try to water down the rules. In one blow, Microsoft has undercut the doomsayers that claim respecting the privacy of Internet users will put them out of business - that is, those whose business is violating privacy (like the credit history business) and their sycophants in the administration, for whom anything is for sale.

But Microsoft has gone one better. It has announced it will use the same rules for all of its customers, European and non-European alike - no second-class citizens in the Microsoft Internet. Over time, Microsoft will move to an opt-in model for much of its information gathering. The Safe Harbor rules only require an opt-out process.

With this decision, Microsoft has moved into the lead in the privacy game in a positive way. It is not something I would have expected. Even though I'm a Mac person, I will have to pay more attention to what is going on in Redmond.

Disclaimer: Harvard has not agreed to the rules even though it has a European presence, but I have no information that this is because of any specific decision. The above is my opinion.

All contents copyright 1995-2002 Network World, Inc.