Keeping trust at the heart of technology

An open letter from Brad Smith, Microsoft President and Chief Legal Officer

A remarkable time in technology, but also a time of uncertainty

We live in a remarkable time – a time when the proliferation of broadband networks and the continual decline in the price of technology have democratized computing, making capabilities that were once available only to the privileged few commonplace and accessible to almost everyone. Now, through the unprecedented power of hyper-scale datacenters, the cloud promises to transform our world in ways that we have yet to imagine. As we move forward, there is every reason to believe cloud computing will help us address many of humanity’s greatest challenges and drive economic growth and a better life for all.

Technology has outpaced the laws that govern so many of the capabilities and services that are essential to global commerce and innovation. As governments around the world struggle to regulate technology while striking the right balance between public safety and the right to privacy, it has also become a time of great uncertainty for legal and compliance professionals.

Of course this is not new for our profession. The early years of every revolutionary technology – from the railroads, to the telegraph, the telephone, radio and television, and the personal computer – have always been characterized by uncertainty over regulatory issues and questions about impact on society. History shows us that regulatory equilibrium is eventually restored and progress continues. But in the meantime, we all have a job to do to ensure that as our organizations begin to take advantage of these new technologies, we effectively manage risks and help foster growth and long-term success.

Brad Smith
"Technology has outpaced the laws that govern so many of the capabilities and services that are essential to global commerce and innovation."

The importance of trust and the fundamental promises of the trusted Microsoft Cloud

"We understand that it is our responsibility to provide tools and information that will enable you to deploy our cloud services with the highest confidence that they are safe and compliant."

At Microsoft, we believe that for the full benefits of these new technologies to be realized, we must build a solid foundation of trust. We understand that your organization can’t use the technology we develop if you don’t trust that it meets the highest standards for safety, security, privacy, and compliance. We also understand the pressures that you face as you strive to protect your organizations. Like you, we defend against attacks on our networks. And we also feel the heavy burden of compliance as we grapple with the demands of regulators and legal authorities in every country in which we operate.

To earn your trust, we have pledged to build Microsoft’s cloud services on four foundational principles:

  • Security: Our priority is to safeguard your data with state-of-the-art technology, processes, and encryption.
  • Privacy and control: You control the privacy of your data, who has access to it, and where it resides.
  • Compliance: We will always offer the largest portfolio of compliance standards and certifications in the industry.
  • Transparency: You will always have complete visibility into where your data is located and how it’s managed.

Laws and regulations that govern technology will inevitably change. But our commitment to the legal and compliance community will never waver. We will stand with you as your partner to help you bring the benefits of the cloud to your organizations in the most trustworthy and most compliant way possible.

Microsoft stands with the legal and compliance community

"We employ and partner with thousands of legal and policy experts, auditors, and privacy specialists to work with you in every region of the world on the complex regulatory challenges you face."

Microsoft’s commitment to the legal and compliance community is deep and long-standing. We were the first major cloud provider to offer Business Associate Agreements that enable health care organizations to comply with HIPAA. We were the first to meet the FBI’s Criminal Justice Information Services data protection standard for law enforcement data. In education, we were the first to commit to the Future of Privacy Forum’s Student Privacy Pledge. We have done more to meet the compliance needs of the world’s biggest banks than any other technology company. And we were the first cloud services company to achieve compliance with ISO’s crucial 27018 cloud privacy standard.

Today, to live up to our commitments to the legal and compliance community, we employ and partner with thousands of legal and policy experts, auditors, and privacy specialists to work with you in every region of the world on the complex regulatory challenges you face. And we have thousands of engineers building advanced legal compliance, privacy protection, and data security features into our services and our infrastructure. We know we must excel in all of these areas in order to earn your trust and your business.

Trust is critical in your work and in ours. For your organization to succeed, you must be able to deploy technology that your employees and your customers trust. And to fulfill our mission to empower every person and every organization, we know we must earn your trust each and every day. In the months and years ahead, we look forward to working in close partnership with you to achieve our common goal of keeping trust at the heart of technology.

– Brad Smith, Microsoft President and Chief Legal Officer