Microsoft calls for comprehensive privacy legislation

Software giant says law needs to be broad, not technology specific

Microsoft has called for broader, more comprehensive legislation to define online privacy regulation.

Brendon Lynch, Microsoft's chief privacy officer this week stated that legislators are too often seduced by "flavour of the month" issues, making direct reference to specific technologies in law.

"Whenever you get technology-prescriptive in legislation, it gets out of date very quickly. It needs to be broader and comprehensive, backed up by self-regulation in industry," said Lynch.

Also, rules differ across the globe, which further complicates the work of software providers such as Microsoft, who want to embed privacy in their products.

"One of our key policies is privacy by design. How do you build privacy into the software?"

He cited the example of online marketing, regulations around which often differ from region to region.

"We see differences around the secondary use of information. If you're going to share information with a third party for marketing purposes, in some countries you need specific opt-in consent. In others, you need a specific opt-out."

Lynch described Microsoft's global privacy standards which it applies to its products as being 98 per cent compliant with global regulations.

These standards are partly based on European privacy directives, which are currently under review by the European Commission.

However, Lynch explained that US legislation left much to be desired.

"We're calling for comprehensive privacy legislation in the US. We have different rules around health data and financial data, for example, and there are lots of gaps where there are no rules."

Meanwhile, Vice-president of the European Commission Neelie Kroes recently called for new rules around privacy governing European Union members to be set within twelve months.