REDMOND, Wash.–If one were to draw up a list of the most challenging jobs in the technology industry, chief privacy officer at Microsoft likely would be pretty near the top of it. For a company with the size and scope of Microsoft, the volume of potential privacy issues is nearly endless, and if someone is calling you for help, something has probably gone wrong.
This is not the job to take if you’re prone to panic attacks or have a delicate composition. Lucky for Brendon Lynch, he’s an exceedingly calm and easygoing man. Standing in front of a room full of reporters on the Microsoft campus here, Lynch, the man who currently holds the CPO title for the software giant, shows no signs of strain as he describes the company’s privacy principles and answers questions about the challenges that emerging platforms such as mobile and cloud computing present for the company. Speaking in a soft New Zealand accent, Lynch says that as he surveys the landscape he sees a number of major trends on the horizon that will affect the way consumers and technology providers think about privacy.
One of those issues, and perhaps the most difficult one to get handle on, is the rise of what Lynch refers to as ubiquitous computing. This is already a reality in some form for many people who have a computing device–whether it’s a laptop, tablet, smartphone or something else–with them at all times. Data is available constantly and in virtually any form the user desires. That can be an asset, of course, but for someone trying to protect user privacy and at the same time protect Microsoft from potential privacy missteps, it can be a major challenge. But it’s likely to get more challenging in the near future as computing moves from being device-centric to truly being everywhere. Google Glass is just the first example of where this is going, and there’s much more to come.
How the availability of personal data on virtually any device will affect privacy is one of the big issues occupying Lynch’s time right now.
“There is a shift with computing moving away from just one or two platforms and toward the so-called Internet of things,” Lynch said. “That’s going to involve a different kind of thinking.”
Many of the privacy protections that are available to users right now are based on choices that they’ve made in software applications such as browsers. Do Not Track protections are browser-based, as are things such as cookie settings. Mobile apps give users the ability to enable or disable location services to help prevent tracking. But how will these systems work, if they exist at all, in an environment where there’s no browser or app system?
One of the other major challenges that Lynch is considering is the effect that cloud computing and so-called big data have on user privacy. Lynch’s organization has been involved in some of the recent major cloud projects at Microsoft, including the roll-out of Office 365, to help ensure that privacy considerations were a major part of the process. This is a change from just a decade ago when privacy–like security–was something that technology providers worried about after the fact, if at all. There have been calls for more and more government intervention and regulation to dictate privacy protections as technology becomes entangled in every aspect of users’ lives, and Lynch said that is something that he thinks could be a dangerous road to tread.
“Legislation will always lag technology,” he said. “We believe a baseline of legislation is necessary, but we strongly believe in self-regulation of industry.”
With that in mind, Lynch said he thinks the technological challenges to privacy could be an opportunity for some companies to set themselves apart. Giving users more control of their privacy choices, making them aware of the ways in which their data will be used and doing all of this without making users dig through pages of legalese in privacy policies could give some vendors an edge, he said.
Then, with a small smile: “I see job security for privacy people.”