Microsoft in hot water with data protection watchdogs

Microsoft has found itself in the naughty corner once again after European watchdogs Article 29 voiced concerns over privacy settings in Microsoft’s Windows 10 operating system.

Article 29 Working Party initially wrote to Microsoft last year, explaining concerns over default installation settings of Windows 10, which it believed did not offer the user enough control over the processing of personal data. According to Reuters, Microsoft has changed the way it collects data, however concerns continue as there is seemingly a lack of clarity on how the information is used.

“In light of the above, which are separate to the results of ongoing inquiries at a national level, even considering the proposed changes to Windows 10, the Working Party remains concerned about the level of protection of users’ personal data,” Article 29 Working Party said in a statement.

Although it is not immensely difficult for an American business to rub up privacy-sensitive European bureaucrats, this is not a standalone incident surrounding the operating system. Last year, the Electronic Frontier Foundation found particular exception to the update, with Amul Kalia penning the following on the organizations blog:

“The trouble with Windows 10 doesn’t end with forcing users to download the operating system,” he said. “Windows 10 sends an unprecedented amount of usage data back to Microsoft, particularly if users opt in to “personalize” the software using the OS assistant called Cortana.

“Here’s a non-exhaustive list of data sent back: location data, text input, voice input, touch input, webpages you visit, and telemetry data regarding your general usage of your computer, including which programs you run and for how long.

“And while users can disable some of these settings, it is not a guarantee that your computer will stop talking to Microsoft’s servers. A significant issue is the telemetry data the company receives. While Microsoft insists that it aggregates and anonymizes this data, it hasn’t explained just how it does so.

“Microsoft also won’t say how long this data is retained, instead providing only general timeframes. Worse yet, unless you’re an enterprise user, no matter what, you have to share at least some of this telemetry data with Microsoft and there’s no way to opt-out of it.”

Alongside the Electronic Frontier Foundation and Article 29 Working Party, the CNIL, France’s data protection regulator, issued a formal notice to Microsoft, to stop the team collecting what it describes as excessive data and tracking browsing by users without their consent.

The move to collect additional information may have been an initial move by Microsoft to improve its AI proposition Cortana, but to say it has not been received well is an understatement. The team should be working hard in the background to get a handle of this situation as the ingredients are there for the saga to escalate.

Daily Poll

 Loading ...