In some ways, this is a fairly simple question, but complicated to answer.
The intent of the Microsoft Passport (a feature built into Windows XP that may however be disabled) is to offer integration with the .Net server initiative in providing some advanced features for user identification (including communications level identification tags) to "enhance the user experience" when doing online shopping, visiting partner portals and/or user communities such as MSN and others. This initiative (a purely Microsoft Venture) is what Steve Ballmer and Bill Gates are banking on for the future as services (destinations) will be paying them a fee for routing buyers/users and managing security. In this regard, Microsoft is probably able to get a pretty good picture of what you are doing when online.
As far as anyone is willing to admit, there are no inherit tracking or privacy infringements in Windows XP including the use of the .Net Passport; however, as Microsoft will not reveal their source code to anyone, stating this as fact is impossible and would be irresponsible. Microsoft themselves have some pretty political wording in how they describe their role in developing, using and managing this technology.
Unfortunately, there are several neat features of XP that won't work without a .Net Passport; however, if you decide (as I did) to use the passport, there is nothing stopping you from setting up a simple passport account that uses false personal information and uses an IMAP email address (like a yahoo, Hotmail, Netscape) to manage your subscription. In this case, you can feed everyone totally bogus information for one account that you use when online surfing and reporting bugs, etc... and have a second online passport for those times when you want to exploit the features. For example, online purchases or conducting secure communications with anyone from your bank to your work PC.
As with any online Operating System, you should take certain preventative measures if you wish to protect your identity while online. In this regard, Windows XP is not much different than any other Operating System including Windows 2000, Windows 98 or Linux if you are on the client side. Some add-in software to disguise your IP address, or otherwise make you an alias is always a good idea to protect you from ... well.. let's just say cellar dwellers out there with less than desirable intentions.
Generally speaking, there will ALWAYS be someone out there trying to follow your every online move. Whether it is the NSA, your neighbor's kid, or some company that peeks into your cookies, you can't ever think your privacy is protected.
If configured correctly with the appropriate tools (whether Microsoft's or someone else's) for managing communications and security, Windows XP Professional will deliver significant improvements in both the desktop and online experience without sacrificing any privacy.
There are many advantages of XP Professional over any other Microsoft Platform, mainly in the areas of communications, stability, compatibility and performance. Security and privacy have been improved, but you will need to consider whether some of Microsoft's "advances" put you at risk. If so, you will need to decide on the best course of action to protect yourself by either disabling these features or working around them with third party tools and/or countermeasures.
Steve Benoit
Stable Technologies
'The way IT should be!'