As an example of the impact of such investments, consider that the phishing filter in Internet Explorer blocks 40 million attempts to reach phishing sites per week.
The survey's findings, Cullen continued, "also reaffirmed that corporations need to step up their own consumer education efforts and to deploy their own sound policies to make sure that information is not only used appropriately but protected."
The top areas of concern for consumers in the Microsoft focus groups were identity theft (for all segments), child protection (for parents), and the sharing or selling of personal information without consent (for all segments).
"We have to think about different ways to educate and to put consumers in more control, because they view it as their responsibility, not just ours," he said.
In taking the position that consumers deserve to control their data, Microsoft stands atop the privacy high ground, a hill that has become increasingly slippery for Google.
Cullen goes so far as to suggest, as some privacy advocates have, that a broader set of data deserves protection than just the limit set of data designed as personally identifiable information.
"Even data that other may not think is personally identifying, we think consumers should have some control over that," he said. "For example, when we build our ad system, even through it's designed not to use any personally identifying information, we still give all consumers the ability to say, 'Hey, I don't want to receive targeted ads ... please don't use even behavioral data to deliver targeted ads to me.' So that's a level of control we think is appropriate and very consistent with what consumers are saying, because they do want this level of control."