Introduction to Privacy [Office 2003 SDK Documentation]

Understanding privacy

When you create documents and worksheets, Microsoft® Office Word 2003 and Microsoft Office Excel 2003 generally store information about the document. This information may be fairly innocuous, such as the name of your company, which is likely public information, or it may be more private, such as the name of the person who created and worked on a document. In addition, document information may include path information about where a document is stored.

This personal information can cause privacy risks for your company's employees and expose your corporate network to security risks. If you are sending a smart document to customers, clients, vendors, or others who are external to your organization, you will want to be aware of what information could be inadvertently included and how to remove it.

Removing personal information

Document information is stored in the Properties dialog box (File menu). The two tabs in this dialog box that are of interest to you when removing personal information from a smart document are the Summary tab and Custom tab.

Summary tab

When a user first creates a document, the Summary tab often contains that user's name. This information is obtained from the User Information tab in the Options dialog box (Tools menu). If you are deploying a smart document either to employees or to others outside your organization, you may want to remove this information before deploying the smart document.

There are two ways that you can remove personal information: manually or programmatically.

  • To manually remove personal information, open the Properties dialog box, click the Summary tab, and then clear the fields that contain information you don't want included in the document when you deploy it. Generally, this is just the Author field but may also include other fields.
  • To programmatically remove personal information, you can create a macro that uses the RemovePersonalInformation property of the Document object or the Workbook object for the Office Word 2003 or Office Excel 2003 Microsoft Visual Basic® for Applications (VBA) object model.

Custom tab

When you attach an XML expansion pack to a document to create a smart document, Microsoft Office 2003 creates two custom properties, Solution ID and Solution URL, which the application uses when working with the smart document. Of these custom properties, the Solution URL is the only one that may store sensitive information. Specifically, the Solution URL custom property contains the path information for the solution.

If you are deploying your smart document outside your organization, you should consider removing the XML expansion pack before you deploy. You would re-attach the XML expansion pack during the installation or have the user attach the XML expansion pack. If you are deploying your smart document within your organization, you may still choose to remove the path information.

Removing the path information helps to ensure that knowledge of your network name and path remains private. Note that, in both cases, your users will have to re-attach the XML expansion pack before they can use the smart functionality of a smart document.

You can use one of the following methods to remove the XML expansion pack from a smart document:

  • In Word, click Delete on the XML Expansion Pack tab in the Templates and Add-ins dialog box (Tools menu). In Excel, click Delete in the XML Expansion Packs dialog box (Data menu).
  • Create a Visual Basic for Applications macro that sets the value of the SolutionURL property of the SmartDocument object to an empty string. This removes the XML expansion pack.
  • Manually delete the "Solution URL" custom document property on the Custom tab of the Properties dialog box. (You can also do this programmatically by using the CustomProperties object of the Office 2003 VBA object model.)

Internal smart documents for external customers

In a common scenario for smart documents, organizations deploy them internally, and then employees use them to create regular documents that are sent to customers, clients, vendors, and others external to the organization. If you are developing such a smart document, you may choose not to remove the XML expansion pack before deploying, but you should make certain that your internal users are aware that not removing the XML expansion pack from the document before it is sent outside the organization can expose the corporate network to security risks.

You can do this in a couple of different ways. You can provide instructions to the user on how to remove the personal and solution path information, or you can write a macro or an add-in that removes the personal and solution path information before sending the document.

Removing other sensitive data

In addition to personal information, documents created by using a smart document may contain other sensitive data you should be aware of. Consider the following issues when you plan your smart documents:

XML schemas   If your smart document uses an attached schema, personal and path information is stored in the schema information within the document as well as within the Schema Library. To remove this information, you need to detach the schema, which removes the XML markup for the document. Without the markup, the document won't function properly, so you need to determine what, if any, security risks may be associated with sending a smart document to people outside your organization and determine a way to minimize those risks.

Smart tags  If your smart documents include smart tag recognizers to recognize sensitive data, you should turn off smart tag embedding in all documents that you are sending outside your organization. For more information about managing privacy when developing smart tags, see the Microsoft Office 2003 Smart Tag Software Development Kit, available on MSDN®, the Microsoft Developer Network.