What is the severity of this clause?

ConductAtlas classifies this Privacy and Security in AI Commitment clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Privacy and Security in AI Commitment — Microsoft

Share 𝕏 Share in Share 🔒 PDF

Monitor governance changes for Microsoft Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

ⓘ

This analysis describes what Microsoft's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

The provision sets operational expectations for AI development practices within the entity's framework, establishing that privacy protection and security are foundational design requirements rather than post-deployment additions.

Clause Stability Stable

Changes

Months Monitored

Apr 9, 2026

First Seen

Apr 10, 2026

Last Seen

This clause type exists across 1153 other provisions on other platforms.

Consumer impact (what this means for users)

The provision commits the entity to developing AI systems with privacy and security as design principles, and specifies that personal information will be managed according to privacy standards. This establishes the procedural expectation that privacy considerations are integrated into AI development processes.

How other platforms handle this

MetaMask Medium

We may share your personal information with our affiliates, meaning entities that control, are controlled by, or are under common control with Consensys. We also share information with service providers who assist in operating our services, subject to confidentiality obligations.

Ledger Medium

At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.

Target Medium

RedCard. We share information with our financial partners to operate the Target RedCard program.

See all platforms with this clause type →

Monitoring

Microsoft has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

▸ View Original Clause Language DOCUMENT RECORD

"
AI systems should be secure and respect privacy. AI should be developed in a manner that allows people to trust that their personal information will be managed in accordance with privacy standards and used only in appropriate ways. Developers working with AI must protect personal information and apply privacy by design principles.

— Excerpt from Microsoft's Responsible AI

Applicable regulations

Connecticut Data Privacy Act Amendments

US-CT

CAN-SPAM

United States Federal

DMA

European Union

FTC Act Section 5

United States Federal

GDPR

European Union

Indiana Consumer Data Protection Act

US-IN

Kentucky Consumer Data Protection Act

US-KY

UK GDPR

United Kingdom

Universal Opt-Out Mechanism Expansion 2026

VPPA

United States Federal

Provision details

Document information

Document

Responsible AI

Entity

Microsoft

Document last updated

March 5, 2026

Tracking information

First tracked

April 27, 2026

Last verified

May 12, 2026

Record ID

CA-P-002515

Document ID

CA-D-00003

Evidence Provenance

Source URL

https://www.microsoft.com/en-us/ai/responsible-ai#legacy

Wayback Machine

View archived versions →

Content hash (SHA-256)

17d4b7dd772937329cdd57fe4bced78e38fc42b1260d418279febdf8127cc1d7

Analysis generated

April 27, 2026 08:55 UTC

Methodology

summarize_document-v8

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: Microsoft
Document: Responsible AI
Record ID: CA-P-002515
Captured: 2026-04-27 08:55:46 UTC
SHA-256: 17d4b7dd77293732…
URL: https://conductatlas.com/platform/microsoft/responsible-ai/privacy-and-security-in-ai-commitment/
Accessed: June 24, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Medium

Other risks in this policy

Six Core Responsible AI Principles low
Responsible AI Standard medium
Office of Responsible AI and AETHER Committee medium
Fairness in AI Commitment medium
Privacy and Security in AI medium
Transparency in AI Systems medium

Related Analysis

Meta Removed 438 Sentences From Its Privacy Policy. Here Is What Disappeared.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
23andMe Is Bankrupt. What Happens to Your DNA Now?
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Microsoft's Privacy and Security in AI Commitment clause do?

How does this clause affect you?

Is ConductAtlas affiliated with Microsoft?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Microsoft.