Microsoft Corp.
Headquartered in the United States, Microsoft offers software, hardware, cloud storage, search, email, chat applications, and the social networking service LinkedIn. It derives most of its revenue from its enterprise server and cloud software, as well as its Office Suite, Windows operating system, and advertising on its digital platforms.
Microsoft is one of the oldest and most established companies that we evaluate. Although it has shown some leadership on human rights issues in the tech industry, and has typically landed near the top of our ranking, it has made relatively few improvements on human rights issues over the years.
This year, for the first time, we evaluated the company’s LinkedIn social networking platform. While it is branded and widely used as a professional networking tool, LinkedIn serves many of the same communication and information-sharing functions as other social media platforms. For many years, it was the only major U.S.-based social media platform that maintained a presence in China, alongside Microsoft’s Bing search engine, which also remains accessible in the country. In 2021, Microsoft drew criticism for blocking China-based LinkedIn users from seeing the accounts of activists and journalists who were reporting on the Chinese government’s persecution of Uyghur Muslims. Soon thereafter, the company announced plans to discontinue the service in China, and replaced it with a job-posting site with minimal social features. In our evaluation, we found that compared to most other U.S. social networking platforms we rank, Microsoft disclosed less about how it handles government requests for content and account restrictions.
Microsoft shareholders made their voices heard on several key issues in 2021. In response to pressure from shareholders, the company vowed to take concrete steps and study additional mechanisms that would make its devices easier to repair. It also pledged to commission an independent human rights review of its partnerships with law enforcement, immigration authorities, and other government agencies.
Similar to what we found in 2020, Microsoft once again failed to commit to human rights in its development of algorithmic systems. This shortcoming was on full display in February 2022, when WIRED magazine featured a story about Microsoft’s 2017 partnership with the government of Argentina’s Salta province, which led to the creation of an opaque algorithm that officials used to predict teen pregnancies among low-income people. The company faced international condemnation over the project.
The 2022 Big Tech Scorecard covers policies that were active on November 1, 2021. Policies that came into effect after November 1, 2021, were not evaluated for this ranking.
Scores reflect the average score across the services we evaluated, with each service weighted equally.
We rank companies on their governance, and on their policies and practices affecting freedom of expression and privacy.
Microsoft tied with Meta for first place in governance among digital platforms. Its human rights commitments (G1) were strong, but it stopped short of extending them to algorithmic systems, instead offering “ Responsible AI Principles.” These represent a weaker standard than human rights commitments, as they are not grounded in any form of international law. The company also failed to explain whether its human rights due diligence process extended to targeted advertising (G4c) and only vaguely described how it assesses the human rights impacts of its own policy enforcement (G4b).
In its transparency reports, Microsoft began reporting some quantities of content and account restrictions it imposed to enforce its own rules (F4a, F4b), but this data was not comprehensive. Microsoft reported less information about how it handles government censorship demands (F5a, F6) than Google and Twitter, but it began reporting on private requests for content restrictions to OneDrive for the first time (F7). Freedom of expression was the category where LinkedIn most lagged behind Microsoft’s better-performing services.
Microsoft had clear, rights-respecting policies for handling government demands for user information (P10a). Although it provided some information about its process for responding to data breaches affecting LinkedIn, it offered no such information for its other services (P15). Microsoft’s policies about perfect forward secrecy (a feature of some encryption protocols, also known as “unique keys”) were announced in a 2014 blog post and not referenced by current policy documents, making them out of date according to RDR’s methodology (P16).