Microsoft is to introduce a wide-ranging information security program for its Passport web service, after falling foul of the USA's might Federal Trade Commission.

The FTC today said the software firm had agreed to settle charges concerning false security and privacy promises made about personal information collected from people who signed up for Passport.

Following a complaint from a consortium of consumer groups led Electronic Privacy Information Center (EPIC) in July, 2001, the FTC pored over claims made by Microsoft over three products: Passport Single Sign-In, Passport Wallet; and Kids Passport. The regulator found them wanting.

Billing and personal information collected on Passport
was not as secure as Microsoft said it was; Passport Wallet did not provide the superior security claimed by Microsoft; Kids Passport did not provide the claimed parents control over what information participating Web sites could collect from their children. ®

FTC press release