Finally Microsoft is officially providing information about how they track, process and manipulate Demographic data for the Microsoft Gatineau Demographics report (view white paper here). Thanks Ian for this information!
The process is as follows:
1- Once a new user register to Windows Live or MSN a LiveID and an ANID (Anonymous ID)are generated simultaneously.
2- The ANID is derived by applying a one-way cryptographic hash function to the LiveID. A one-way cryptographic hash function ensures that there is no practical way of deriving the original value from the resulting hash value—that is, the process cannot be reversed to obtain the original number..
3- Each time a registered user logs in, Microsoft’s system applies the hash function to the LiveID to generate an ANID, and each ID is put in a separate cookie on the computer.
4- The advantage of using a one-way cryptographic hash function is that although the same number is guaranteed to be generated each time it is applied to a given LiveID, it is virtually impossible to reverse the process. In other words, it is extremely difficult to use a given ANID (with or without knowing the hashing algorithm) to derive the original LiveID value. Because all personally and directly identifying information about a user is stored on servers in association with a LiveID rather than an ANID, there is no practical way to link data stored in association with an ANID back to any data on Microsoft servers that could personally and directly identify an individual user.