Microsoft has released a set of privacy guidelines for developers. Failing to protect customer privacy can lead to an erosion of trust. Over the last several years, Microsoft has established extensive internal guidelines for developers that help them protect customer privacy, give them a view into customer expectations and global privacy laws, and document the hard lessons we’ve learned.
These guidelines have been engrained in our development process and are now incorporated into the Security Development Lifecycle (SDL). The impact has been felt across Microsoft’s products and services.
In response to requests from customers, partners, ISVs, educators, advocates, and regulators, we created a public set of privacy guidelines for developing software products and services. These guidelines are based on our internal guidelines and our experience incorporating privacy into the development process. By documenting our principles, we hope to help anyone building products and services to meet customer expectations and deliver a more trustworthy experience.
As the threat landscape escalates, customers are feeling less able to control access to their personal information, so consumer trust is waning. As an industry, we need to set a high bar for respecting customer privacy, to help build greater trust in the Internet and e-commerce. We want to foster an open dialogue with others in the industry so we can build a common set of privacy best practices to help meet our privacy obligations and increase customer trust. We are pleased to offer our guidelines as a starting point to accelerate this effort.